Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2009-1187
Vulnerability from cvelistv5
Published
2009-04-23 19:11
Modified
2024-08-07 05:04
Severity ?
EPSS score ?
Summary
Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T05:04:49.269Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://bugs.gentoo.org/show_bug.cgi?id=263028#c16", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875", }, { name: "35064", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/35064", }, { name: "FEDORA-2009-6972", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html", }, { name: "poppler-jbig2-cairooutputdev-code-excution(50184)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/50184", }, { name: "35618", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/35618", }, { name: "RHSA-2009:0480", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2009-0480.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://poppler.freedesktop.org/releases.html", }, { name: "34568", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/34568", }, { name: "MDVSA-2011:175", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175", }, { name: "VU#196617", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/196617", }, { name: "ADV-2010-1040", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2010/1040", }, { name: "FEDORA-2009-6982", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://wiki.rpath.com/Advisories:rPSA-2009-0059", }, { name: "MDVSA-2010:087", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087", }, { name: "ADV-2009-1076", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/1076", }, { name: "oval:org.mitre.oval:def:10292", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10292", }, { name: "20090417 rPSA-2009-0059-1 poppler", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/502761/100/0/threaded", }, { name: "FEDORA-2009-6973", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html", }, { name: "34746", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34746", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2009-04-16T00:00:00", descriptions: [ { lang: "en", value: "Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-10T18:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://bugs.gentoo.org/show_bug.cgi?id=263028#c16", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875", }, { name: "35064", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/35064", }, { name: "FEDORA-2009-6972", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html", }, { name: "poppler-jbig2-cairooutputdev-code-excution(50184)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/50184", }, { name: "35618", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/35618", }, { name: "RHSA-2009:0480", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2009-0480.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://poppler.freedesktop.org/releases.html", }, { name: "34568", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/34568", }, { name: "MDVSA-2011:175", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175", }, { name: "VU#196617", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/196617", }, { name: "ADV-2010-1040", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2010/1040", }, { name: "FEDORA-2009-6982", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://wiki.rpath.com/Advisories:rPSA-2009-0059", }, { name: "MDVSA-2010:087", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087", }, { name: "ADV-2009-1076", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/1076", }, { name: "oval:org.mitre.oval:def:10292", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10292", }, { name: "20090417 rPSA-2009-0059-1 poppler", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/502761/100/0/threaded", }, { name: "FEDORA-2009-6973", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html", }, { name: "34746", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34746", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2009-1187", datePublished: "2009-04-23T19:11:00", dateReserved: "2009-03-31T00:00:00", dateUpdated: "2024-08-07T05:04:49.269Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"0.10.5\", \"matchCriteriaId\": \"E0299F4A-A027-430C-9A53-AFEF9022960C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E23EBF88-10DE-4EA6-9F0E-F33C88541F65\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"54F75CFD-3523-4017-992C-4FA6406D49F2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB116A19-6436-40BE-B5C6-32C22D888B9A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8A4C1429-593B-47B6-AC84-832F2296FAB5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"18240BA6-3390-4925-AC25-DA4C42397CF7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3090A142-2240-4A8D-A122-C037931A277C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EFD63240-4599-4212-8AF2-7C4089CA9D28\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C7EE965-EE3F-4B17-AF38-FA3AA0B11164\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1259C59E-517F-40BE-8BA6-01AB76257C9A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"576152B4-9ACD-4C4E-B423-4A5EF44332D0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"322F9E62-6A74-4805-8F6B-9C61739B2D4E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F51C453F-6A87-49FB-83F6-22316F28161F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"75F532F0-6653-4275-A85A-BD9A9A611E96\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4CC7300E-0CBE-47FD-A241-B4B4F0164EBB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"255102DA-A2C0-4795-9539-B4CBD587554A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"349B06F1-772A-4A12-A7B9-EA220ED96D2C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B779800A-FF4B-47DD-B56F-77D10D6A335C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F0213390-08FA-4E04-835B-8BE0FC61B464\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0B304657-740A-4F8D-99CD-22E283FEE6F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"178680C2-DB1B-4250-9B6E-6ADABA60DE44\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FCA9036F-92DA-45C2-9FBC-DE03444D34F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B6855B98-DAA2-4850-A765-2F4D6D93A424\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4743EC55-B61D-4C1A-9ED7-060268F2DB27\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8CD4454E-3D2B-4582-B5E5-0317A6417654\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"96402B67-A7A8-44E3-914E-A10A69FAD735\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"66C608C8-F382-4D6B-A638-98763C1CBB66\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"21F0F4E0-91B7-4B1F-BFA9-829101A7F90A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"22287102-80B1-4E1F-85E4-488B020A51E0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FF3030D6-DE07-418B-AB40-87C85FCA3C58\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D3583D56-F653-457A-B1F8-25842A15CB82\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6EEA5DBB-5A80-439E-A135-77CB40772916\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D4A5C43B-3978-4D0A-8166-A99622106781\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2A940AF2-A7CA-408F-86E2-797C7BA8A6BD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6323ED7A-6FE8-4885-B743-3E2F82ECA08B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"90D3345C-2D35-413C-B6F9-C308BC7C2AA6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A9D3618D-A183-4B09-9CA2-8D622C3486DD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A88294D9-563E-4AB3-9FE6-971F43B052B4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1A39F672-B238-4B21-A48E-5121771949F3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"58A5D199-E952-44B5-B5E5-170040FA813E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"349B4B75-32E2-49FB-9606-8B057AFA2E3E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"55A8D058-224E-467E-AB61-06F90B541F24\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"77C47EDD-2212-4259-8229-FF05E1A7B5AD\"}]}]}]", descriptions: "[{\"lang\": \"en\", \"value\": \"Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).\"}, {\"lang\": \"es\", \"value\": \"Desbordamiento de entero en la caracter\\u00edstica JBIG2 decoding en Poppler anteriores a v0.10.6 permite a atacantes remotos producir una denegaci\\u00f3n de servicio (caida) y posiblemente ejecutar c\\u00f3digo a trav\\u00e9s de vectores relacionados con CairoOutputDev (CairoOutputDev.cc).\"}]", id: "CVE-2009-1187", lastModified: "2024-11-21T01:01:52.213", metrics: "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}", published: "2009-04-23T19:30:00.530", references: "[{\"url\": \"http://bugs.gentoo.org/show_bug.cgi?id=263028#c16\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://poppler.freedesktop.org/releases.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/34746\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/35064\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/35618\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://wiki.rpath.com/Advisories:rPSA-2009-0059\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.kb.cert.org/vuls/id/196617\", \"source\": \"secalert@redhat.com\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2010:087\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2011:175\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2009-0480.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/archive/1/502761/100/0/threaded\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/bid/34568\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1076\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1040\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/50184\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10292\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://bugs.gentoo.org/show_bug.cgi?id=263028#c16\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://poppler.freedesktop.org/releases.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/34746\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/35064\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/35618\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://wiki.rpath.com/Advisories:rPSA-2009-0059\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.kb.cert.org/vuls/id/196617\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2010:087\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2011:175\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2009-0480.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/502761/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/34568\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1076\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1040\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/50184\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10292\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]", sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-189\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2009-1187\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2009-04-23T19:30:00.530\",\"lastModified\":\"2024-11-21T01:01:52.213\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de entero en la característica JBIG2 decoding en Poppler anteriores a v0.10.6 permite a atacantes remotos producir una denegación de servicio (caida) y posiblemente ejecutar código a través de vectores relacionados con CairoOutputDev (CairoOutputDev.cc).\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-189\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"0.10.5\",\"matchCriteriaId\":\"E0299F4A-A027-430C-9A53-AFEF9022960C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E23EBF88-10DE-4EA6-9F0E-F33C88541F65\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54F75CFD-3523-4017-992C-4FA6406D49F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB116A19-6436-40BE-B5C6-32C22D888B9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A4C1429-593B-47B6-AC84-832F2296FAB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18240BA6-3390-4925-AC25-DA4C42397CF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3090A142-2240-4A8D-A122-C037931A277C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFD63240-4599-4212-8AF2-7C4089CA9D28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C7EE965-EE3F-4B17-AF38-FA3AA0B11164\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1259C59E-517F-40BE-8BA6-01AB76257C9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"576152B4-9ACD-4C4E-B423-4A5EF44332D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"322F9E62-6A74-4805-8F6B-9C61739B2D4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F51C453F-6A87-49FB-83F6-22316F28161F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75F532F0-6653-4275-A85A-BD9A9A611E96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CC7300E-0CBE-47FD-A241-B4B4F0164EBB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"255102DA-A2C0-4795-9539-B4CBD587554A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"349B06F1-772A-4A12-A7B9-EA220ED96D2C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B779800A-FF4B-47DD-B56F-77D10D6A335C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0213390-08FA-4E04-835B-8BE0FC61B464\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B304657-740A-4F8D-99CD-22E283FEE6F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"178680C2-DB1B-4250-9B6E-6ADABA60DE44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCA9036F-92DA-45C2-9FBC-DE03444D34F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6855B98-DAA2-4850-A765-2F4D6D93A424\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4743EC55-B61D-4C1A-9ED7-060268F2DB27\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8CD4454E-3D2B-4582-B5E5-0317A6417654\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"96402B67-A7A8-44E3-914E-A10A69FAD735\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66C608C8-F382-4D6B-A638-98763C1CBB66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21F0F4E0-91B7-4B1F-BFA9-829101A7F90A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22287102-80B1-4E1F-85E4-488B020A51E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF3030D6-DE07-418B-AB40-87C85FCA3C58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3583D56-F653-457A-B1F8-25842A15CB82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EEA5DBB-5A80-439E-A135-77CB40772916\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4A5C43B-3978-4D0A-8166-A99622106781\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A940AF2-A7CA-408F-86E2-797C7BA8A6BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6323ED7A-6FE8-4885-B743-3E2F82ECA08B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90D3345C-2D35-413C-B6F9-C308BC7C2AA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9D3618D-A183-4B09-9CA2-8D622C3486DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A88294D9-563E-4AB3-9FE6-971F43B052B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A39F672-B238-4B21-A48E-5121771949F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58A5D199-E952-44B5-B5E5-170040FA813E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"349B4B75-32E2-49FB-9606-8B057AFA2E3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55A8D058-224E-467E-AB61-06F90B541F24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77C47EDD-2212-4259-8229-FF05E1A7B5AD\"}]}]}],\"references\":[{\"url\":\"http://bugs.gentoo.org/show_bug.cgi?id=263028#c16\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://poppler.freedesktop.org/releases.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/34746\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/35064\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/35618\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://wiki.rpath.com/Advisories:rPSA-2009-0059\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.kb.cert.org/vuls/id/196617\",\"source\":\"secalert@redhat.com\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2010:087\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2011:175\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2009-0480.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/502761/100/0/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/34568\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2009/1076\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/1040\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/50184\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10292\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://bugs.gentoo.org/show_bug.cgi?id=263028#c16\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://poppler.freedesktop.org/releases.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/34746\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/35064\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/35618\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://wiki.rpath.com/Advisories:rPSA-2009-0059\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.kb.cert.org/vuls/id/196617\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2010:087\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2011:175\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2009-0480.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/502761/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/34568\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2009/1076\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/1040\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/50184\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10292\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}", }, }
rhsa-2009_0480
Vulnerability from csaf_redhat
Published
2009-05-13 14:32
Modified
2024-11-22 03:03
Summary
Red Hat Security Advisory: poppler security update
Notes
Topic
Updated poppler packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 5.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Details
Poppler is a Portable Document Format (PDF) rendering library, used by
applications such as Evince.
Multiple integer overflow flaws were found in poppler. An attacker could
create a malicious PDF file that would cause applications that use poppler
(such as Evince) to crash or, potentially, execute arbitrary code when
opened. (CVE-2009-0147, CVE-2009-1179, CVE-2009-1187, CVE-2009-1188)
Multiple buffer overflow flaws were found in poppler's JBIG2 decoder. An
attacker could create a malicious PDF file that would cause applications
that use poppler (such as Evince) to crash or, potentially, execute
arbitrary code when opened. (CVE-2009-0146, CVE-2009-1182)
Multiple flaws were found in poppler's JBIG2 decoder that could lead to the
freeing of arbitrary memory. An attacker could create a malicious PDF file
that would cause applications that use poppler (such as Evince) to crash
or, potentially, execute arbitrary code when opened. (CVE-2009-0166,
CVE-2009-1180)
Multiple input validation flaws were found in poppler's JBIG2 decoder. An
attacker could create a malicious PDF file that would cause applications
that use poppler (such as Evince) to crash or, potentially, execute
arbitrary code when opened. (CVE-2009-0800)
Multiple denial of service flaws were found in poppler's JBIG2 decoder. An
attacker could create a malicious PDF file that would cause applications
that use poppler (such as Evince) to crash when opened. (CVE-2009-0799,
CVE-2009-1181, CVE-2009-1183)
Red Hat would like to thank Braden Thomas and Drew Yao of the Apple Product
Security team, and Will Dormann of the CERT/CC for responsibly reporting
these flaws.
Users are advised to upgrade to these updated packages, which contain
backported patches to resolve these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated poppler packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.", title: "Topic", }, { category: "general", text: "Poppler is a Portable Document Format (PDF) rendering library, used by\napplications such as Evince.\n\nMultiple integer overflow flaws were found in poppler. An attacker could\ncreate a malicious PDF file that would cause applications that use poppler\n(such as Evince) to crash or, potentially, execute arbitrary code when\nopened. (CVE-2009-0147, CVE-2009-1179, CVE-2009-1187, CVE-2009-1188)\n\nMultiple buffer overflow flaws were found in poppler's JBIG2 decoder. An\nattacker could create a malicious PDF file that would cause applications\nthat use poppler (such as Evince) to crash or, potentially, execute\narbitrary code when opened. (CVE-2009-0146, CVE-2009-1182)\n\nMultiple flaws were found in poppler's JBIG2 decoder that could lead to the\nfreeing of arbitrary memory. An attacker could create a malicious PDF file\nthat would cause applications that use poppler (such as Evince) to crash\nor, potentially, execute arbitrary code when opened. (CVE-2009-0166,\nCVE-2009-1180)\n\nMultiple input validation flaws were found in poppler's JBIG2 decoder. An\nattacker could create a malicious PDF file that would cause applications\nthat use poppler (such as Evince) to crash or, potentially, execute\narbitrary code when opened. (CVE-2009-0800)\n\nMultiple denial of service flaws were found in poppler's JBIG2 decoder. An\nattacker could create a malicious PDF file that would cause applications\nthat use poppler (such as Evince) to crash when opened. (CVE-2009-0799,\nCVE-2009-1181, CVE-2009-1183)\n\nRed Hat would like to thank Braden Thomas and Drew Yao of the Apple Product\nSecurity team, and Will Dormann of the CERT/CC for responsibly reporting\nthese flaws.\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to resolve these issues.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2009:0480", url: "https://access.redhat.com/errata/RHSA-2009:0480", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "490612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490612", }, { category: "external", summary: "490614", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490614", }, { category: "external", summary: "490625", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490625", }, { category: "external", summary: "491864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=491864", }, { category: "external", summary: "495886", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495886", }, { category: "external", summary: "495887", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495887", }, { category: "external", summary: "495889", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495889", }, { category: "external", summary: "495892", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495892", }, { category: "external", summary: "495894", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495894", }, { category: "external", summary: "495896", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495896", }, { category: "external", summary: "495899", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495899", }, { category: "external", summary: "495906", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495906", }, { category: "external", summary: "495907", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495907", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_0480.json", }, ], title: "Red Hat Security Advisory: poppler security update", tracking: { current_release_date: "2024-11-22T03:03:47+00:00", generator: { date: "2024-11-22T03:03:47+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2009:0480", initial_release_date: "2009-05-13T14:32:00+00:00", revision_history: [ { date: "2009-05-13T14:32:00+00:00", number: "1", summary: "Initial version", }, { date: "2009-05-13T10:32:34+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T03:03:47+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Desktop (v. 5 client)", product: { name: "Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:5::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product: { name: "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:5::client_workstation", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux (v. 5 server)", product: { name: "Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:5::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "poppler-0:0.5.4-4.4.el5_3.9.src", product: { name: "poppler-0:0.5.4-4.4.el5_3.9.src", product_id: "poppler-0:0.5.4-4.4.el5_3.9.src", product_identification_helper: { purl: "pkg:rpm/redhat/poppler@0.5.4-4.4.el5_3.9?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", product: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", product_id: "poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-devel@0.5.4-4.4.el5_3.9?arch=x86_64", }, }, }, { category: "product_version", name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", product: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", product_id: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-debuginfo@0.5.4-4.4.el5_3.9?arch=x86_64", }, }, }, { category: "product_version", name: "poppler-0:0.5.4-4.4.el5_3.9.x86_64", product: { name: "poppler-0:0.5.4-4.4.el5_3.9.x86_64", product_id: "poppler-0:0.5.4-4.4.el5_3.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/poppler@0.5.4-4.4.el5_3.9?arch=x86_64", }, }, }, { category: "product_version", name: "poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", product: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", product_id: "poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-utils@0.5.4-4.4.el5_3.9?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "poppler-devel-0:0.5.4-4.4.el5_3.9.i386", product: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.i386", product_id: "poppler-devel-0:0.5.4-4.4.el5_3.9.i386", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-devel@0.5.4-4.4.el5_3.9?arch=i386", }, }, }, { category: "product_version", name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", product: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", product_id: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-debuginfo@0.5.4-4.4.el5_3.9?arch=i386", }, }, }, { category: "product_version", name: "poppler-0:0.5.4-4.4.el5_3.9.i386", product: { name: "poppler-0:0.5.4-4.4.el5_3.9.i386", product_id: "poppler-0:0.5.4-4.4.el5_3.9.i386", product_identification_helper: { purl: "pkg:rpm/redhat/poppler@0.5.4-4.4.el5_3.9?arch=i386", }, }, }, { category: "product_version", name: "poppler-utils-0:0.5.4-4.4.el5_3.9.i386", product: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.i386", product_id: "poppler-utils-0:0.5.4-4.4.el5_3.9.i386", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-utils@0.5.4-4.4.el5_3.9?arch=i386", }, }, }, ], category: "architecture", name: "i386", }, { branches: [ { category: "product_version", name: "poppler-0:0.5.4-4.4.el5_3.9.ia64", product: { name: "poppler-0:0.5.4-4.4.el5_3.9.ia64", product_id: "poppler-0:0.5.4-4.4.el5_3.9.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/poppler@0.5.4-4.4.el5_3.9?arch=ia64", }, }, }, { category: "product_version", name: "poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", product: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", product_id: "poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-utils@0.5.4-4.4.el5_3.9?arch=ia64", }, }, }, { category: "product_version", name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", product: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", product_id: "poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-devel@0.5.4-4.4.el5_3.9?arch=ia64", }, }, }, { category: "product_version", name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", product: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", product_id: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-debuginfo@0.5.4-4.4.el5_3.9?arch=ia64", }, }, }, ], category: "architecture", name: "ia64", }, { branches: [ { category: "product_version", name: "poppler-0:0.5.4-4.4.el5_3.9.ppc64", product: { name: "poppler-0:0.5.4-4.4.el5_3.9.ppc64", product_id: "poppler-0:0.5.4-4.4.el5_3.9.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/poppler@0.5.4-4.4.el5_3.9?arch=ppc64", }, }, }, { category: "product_version", name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", product: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", product_id: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-devel@0.5.4-4.4.el5_3.9?arch=ppc64", }, }, }, { category: "product_version", name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", product: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", product_id: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-debuginfo@0.5.4-4.4.el5_3.9?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "poppler-0:0.5.4-4.4.el5_3.9.ppc", product: { name: "poppler-0:0.5.4-4.4.el5_3.9.ppc", product_id: "poppler-0:0.5.4-4.4.el5_3.9.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/poppler@0.5.4-4.4.el5_3.9?arch=ppc", }, }, }, { category: "product_version", name: "poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", product: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", product_id: "poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-utils@0.5.4-4.4.el5_3.9?arch=ppc", }, }, }, { category: "product_version", name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", product: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", product_id: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-devel@0.5.4-4.4.el5_3.9?arch=ppc", }, }, }, { category: "product_version", name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", product: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", product_id: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-debuginfo@0.5.4-4.4.el5_3.9?arch=ppc", }, }, }, ], category: "architecture", name: "ppc", }, { branches: [ { category: "product_version", name: "poppler-0:0.5.4-4.4.el5_3.9.s390x", product: { name: "poppler-0:0.5.4-4.4.el5_3.9.s390x", product_id: "poppler-0:0.5.4-4.4.el5_3.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/poppler@0.5.4-4.4.el5_3.9?arch=s390x", }, }, }, { category: "product_version", name: "poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", product: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", product_id: "poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-utils@0.5.4-4.4.el5_3.9?arch=s390x", }, }, }, { category: "product_version", name: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", product: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", product_id: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-devel@0.5.4-4.4.el5_3.9?arch=s390x", }, }, }, { category: "product_version", name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", product: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", product_id: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-debuginfo@0.5.4-4.4.el5_3.9?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "poppler-0:0.5.4-4.4.el5_3.9.s390", product: { name: "poppler-0:0.5.4-4.4.el5_3.9.s390", product_id: "poppler-0:0.5.4-4.4.el5_3.9.s390", product_identification_helper: { purl: "pkg:rpm/redhat/poppler@0.5.4-4.4.el5_3.9?arch=s390", }, }, }, { category: "product_version", name: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390", product: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390", product_id: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-devel@0.5.4-4.4.el5_3.9?arch=s390", }, }, }, { category: "product_version", name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", product: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", product_id: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-debuginfo@0.5.4-4.4.el5_3.9?arch=s390", }, }, }, ], category: "architecture", name: "s390", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.ppc64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.s390", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.src as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.src", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.ppc64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.s390", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.src", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.ppc64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.s390 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.s390", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.src as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.src", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Server", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Drew Yao", "Braden Thomas", ], organization: "Apple Product Security", }, ], cve: "CVE-2009-0146", discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "490612", }, ], notes: [ { category: "description", text: "Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and (2) JBIG2Stream::readSymbolDictSeg.", title: "Vulnerability description", }, { category: "summary", text: "xpdf: Multiple buffer overflows in JBIG2 decoder (setBitmap, readSymbolDictSeg) (CVE-2009-0195)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-0146", }, { category: "external", summary: "RHBZ#490612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490612", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-0146", url: "https://www.cve.org/CVERecord?id=CVE-2009-0146", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-0146", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-0146", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "xpdf: Multiple buffer overflows in JBIG2 decoder (setBitmap, readSymbolDictSeg) (CVE-2009-0195)", }, { acknowledgments: [ { names: [ "Braden Thomas", ], }, { names: [ "Drew Yao", ], organization: "Apple Product Security team", }, ], cve: "CVE-2009-0147", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "490614", }, ], notes: [ { category: "description", text: "Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg, (2) JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap.", title: "Vulnerability description", }, { category: "summary", text: "xpdf: Multiple integer overflows in JBIG2 decoder", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-0147", }, { category: "external", summary: "RHBZ#490614", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490614", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-0147", url: "https://www.cve.org/CVERecord?id=CVE-2009-0147", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-0147", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-0147", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "xpdf: Multiple integer overflows in JBIG2 decoder", }, { acknowledgments: [ { names: [ "Braden Thomas", ], }, { names: [ "Drew Yao", ], organization: "Apple Product Security team", }, ], cve: "CVE-2009-0166", discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "490625", }, ], notes: [ { category: "description", text: "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory.", title: "Vulnerability description", }, { category: "summary", text: "xpdf: Freeing of potentially uninitialized memory in JBIG2 decoder", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-0166", }, { category: "external", summary: "RHBZ#490625", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490625", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-0166", url: "https://www.cve.org/CVERecord?id=CVE-2009-0166", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-0166", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-0166", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "xpdf: Freeing of potentially uninitialized memory in JBIG2 decoder", }, { acknowledgments: [ { names: [ "Drew Yao", "Braden Thomas", ], organization: "Apple Product Security", }, ], cve: "CVE-2009-0195", discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "490612", }, ], notes: [ { category: "description", text: "Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execute arbitrary code via a PDF file with crafted JBIG2 symbol dictionary segments.", title: "Vulnerability description", }, { category: "summary", text: "xpdf: Multiple buffer overflows in JBIG2 decoder (setBitmap, readSymbolDictSeg) (CVE-2009-0195)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-0195", }, { category: "external", summary: "RHBZ#490612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490612", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-0195", url: "https://www.cve.org/CVERecord?id=CVE-2009-0195", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-0195", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-0195", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "xpdf: Multiple buffer overflows in JBIG2 decoder (setBitmap, readSymbolDictSeg) (CVE-2009-0195)", }, { cve: "CVE-2009-0791", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2009-03-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "491840", }, ], notes: [ { category: "description", text: "Multiple integer overflows in Xpdf 2.x and 3.x and Poppler 0.x, as used in the pdftops filter in CUPS 1.1.17, 1.1.22, and 1.3.7, GPdf, and kdegraphics KPDF, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file that triggers a heap-based buffer overflow, possibly related to (1) Decrypt.cxx, (2) FoFiTrueType.cxx, (3) gmem.c, (4) JBIG2Stream.cxx, and (5) PSOutputDev.cxx in pdftops/. NOTE: the JBIG2Stream.cxx vector may overlap CVE-2009-1179.", title: "Vulnerability description", }, { category: "summary", text: "xpdf: multiple integer overflows", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-0791", }, { category: "external", summary: "RHBZ#491840", url: "https://bugzilla.redhat.com/show_bug.cgi?id=491840", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-0791", url: "https://www.cve.org/CVERecord?id=CVE-2009-0791", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-0791", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-0791", }, ], release_date: "2009-05-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "xpdf: multiple integer overflows", }, { acknowledgments: [ { names: [ "Will Dormann", ], organization: "CERT/CC", }, ], cve: "CVE-2009-0799", discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "495886", }, ], notes: [ { category: "description", text: "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers an out-of-bounds read.", title: "Vulnerability description", }, { category: "summary", text: "PDF JBIG2 decoder OOB read", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-0799", }, { category: "external", summary: "RHBZ#495886", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495886", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-0799", url: "https://www.cve.org/CVERecord?id=CVE-2009-0799", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-0799", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-0799", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "PDF JBIG2 decoder OOB read", }, { acknowledgments: [ { names: [ "Will Dormann", ], organization: "CERT/CC", }, ], cve: "CVE-2009-0800", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "495887", }, ], notes: [ { category: "description", text: "Multiple \"input validation flaws\" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.", title: "Vulnerability description", }, { category: "summary", text: "PDF JBIG2 multiple input validation flaws", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-0800", }, { category: "external", summary: "RHBZ#495887", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495887", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-0800", url: "https://www.cve.org/CVERecord?id=CVE-2009-0800", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-0800", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-0800", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "PDF JBIG2 multiple input validation flaws", }, { acknowledgments: [ { names: [ "Will Dormann", ], organization: "CERT/CC", }, ], cve: "CVE-2009-1179", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "495889", }, ], notes: [ { category: "description", text: "Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file.", title: "Vulnerability description", }, { category: "summary", text: "PDF JBIG2 integer overflow", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1179", }, { category: "external", summary: "RHBZ#495889", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495889", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1179", url: "https://www.cve.org/CVERecord?id=CVE-2009-1179", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1179", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1179", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "PDF JBIG2 integer overflow", }, { acknowledgments: [ { names: [ "Will Dormann", ], organization: "CERT/CC", }, ], cve: "CVE-2009-1180", discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "495892", }, ], notes: [ { category: "description", text: "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data.", title: "Vulnerability description", }, { category: "summary", text: "PDF JBIG2 invalid free()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1180", }, { category: "external", summary: "RHBZ#495892", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495892", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1180", url: "https://www.cve.org/CVERecord?id=CVE-2009-1180", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1180", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1180", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "PDF JBIG2 invalid free()", }, { acknowledgments: [ { names: [ "Will Dormann", ], organization: "CERT/CC", }, ], cve: "CVE-2009-1181", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "495894", }, ], notes: [ { category: "description", text: "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a NULL pointer dereference.", title: "Vulnerability description", }, { category: "summary", text: "PDF JBIG2 NULL dereference", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1181", }, { category: "external", summary: "RHBZ#495894", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495894", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1181", url: "https://www.cve.org/CVERecord?id=CVE-2009-1181", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1181", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1181", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "PDF JBIG2 NULL dereference", }, { acknowledgments: [ { names: [ "Will Dormann", ], organization: "CERT/CC", }, ], cve: "CVE-2009-1182", discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "495896", }, ], notes: [ { category: "description", text: "Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.", title: "Vulnerability description", }, { category: "summary", text: "PDF JBIG2 MMR decoder buffer overflows", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1182", }, { category: "external", summary: "RHBZ#495896", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495896", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1182", url: "https://www.cve.org/CVERecord?id=CVE-2009-1182", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1182", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1182", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "PDF JBIG2 MMR decoder buffer overflows", }, { acknowledgments: [ { names: [ "Will Dormann", ], organization: "CERT/CC", }, ], cve: "CVE-2009-1183", cwe: { id: "CWE-835", name: "Loop with Unreachable Exit Condition ('Infinite Loop')", }, discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "495899", }, ], notes: [ { category: "description", text: "The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file.", title: "Vulnerability description", }, { category: "summary", text: "PDF JBIG2 MMR infinite loop DoS", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1183", }, { category: "external", summary: "RHBZ#495899", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495899", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1183", url: "https://www.cve.org/CVERecord?id=CVE-2009-1183", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1183", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1183", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "PDF JBIG2 MMR infinite loop DoS", }, { acknowledgments: [ { names: [ "Will Dormann", ], organization: "CERT/CC", }, ], cve: "CVE-2009-1187", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "495906", }, ], notes: [ { category: "description", text: "Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).", title: "Vulnerability description", }, { category: "summary", text: "poppler CairoOutputDev integer overflow", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1187", }, { category: "external", summary: "RHBZ#495906", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495906", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1187", url: "https://www.cve.org/CVERecord?id=CVE-2009-1187", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1187", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1187", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "poppler CairoOutputDev integer overflow", }, { acknowledgments: [ { names: [ "Will Dormann", ], organization: "CERT/CC", }, ], cve: "CVE-2009-1188", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "495907", }, ], notes: [ { category: "description", text: "Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.", title: "Vulnerability description", }, { category: "summary", text: "xpdf/poppler: SplashBitmap integer overflow", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1188", }, { category: "external", summary: "RHBZ#495907", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495907", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1188", url: "https://www.cve.org/CVERecord?id=CVE-2009-1188", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1188", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1188", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "xpdf/poppler: SplashBitmap integer overflow", }, { acknowledgments: [ { names: [ "Adam Zabrocki", ], }, ], cve: "CVE-2009-3604", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2009-09-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "526911", }, ], notes: [ { category: "description", text: "The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document that triggers a NULL pointer dereference or a heap-based buffer overflow.", title: "Vulnerability description", }, { category: "summary", text: "xpdf/poppler: Splash:: drawImage integer overflow and missing allocation return value check", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-3604", }, { category: "external", summary: "RHBZ#526911", url: "https://bugzilla.redhat.com/show_bug.cgi?id=526911", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-3604", url: "https://www.cve.org/CVERecord?id=CVE-2009-3604", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-3604", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-3604", }, ], release_date: "2009-10-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "xpdf/poppler: Splash:: drawImage integer overflow and missing allocation return value check", }, { cve: "CVE-2009-3606", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2009-06-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "526877", }, ], notes: [ { category: "description", text: "Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.", title: "Vulnerability description", }, { category: "summary", text: "xpdf/poppler: PSOutputDev:: doImageL1Sep integer overflow", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-3606", }, { category: "external", summary: "RHBZ#526877", url: "https://bugzilla.redhat.com/show_bug.cgi?id=526877", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-3606", url: "https://www.cve.org/CVERecord?id=CVE-2009-3606", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-3606", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-3606", }, ], release_date: "2009-10-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "HIGH", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 3.7, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "xpdf/poppler: PSOutputDev:: doImageL1Sep integer overflow", }, ], }
RHSA-2009:0480
Vulnerability from csaf_redhat
Published
2009-05-13 14:32
Modified
2024-11-22 03:03
Summary
Red Hat Security Advisory: poppler security update
Notes
Topic
Updated poppler packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 5.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Details
Poppler is a Portable Document Format (PDF) rendering library, used by
applications such as Evince.
Multiple integer overflow flaws were found in poppler. An attacker could
create a malicious PDF file that would cause applications that use poppler
(such as Evince) to crash or, potentially, execute arbitrary code when
opened. (CVE-2009-0147, CVE-2009-1179, CVE-2009-1187, CVE-2009-1188)
Multiple buffer overflow flaws were found in poppler's JBIG2 decoder. An
attacker could create a malicious PDF file that would cause applications
that use poppler (such as Evince) to crash or, potentially, execute
arbitrary code when opened. (CVE-2009-0146, CVE-2009-1182)
Multiple flaws were found in poppler's JBIG2 decoder that could lead to the
freeing of arbitrary memory. An attacker could create a malicious PDF file
that would cause applications that use poppler (such as Evince) to crash
or, potentially, execute arbitrary code when opened. (CVE-2009-0166,
CVE-2009-1180)
Multiple input validation flaws were found in poppler's JBIG2 decoder. An
attacker could create a malicious PDF file that would cause applications
that use poppler (such as Evince) to crash or, potentially, execute
arbitrary code when opened. (CVE-2009-0800)
Multiple denial of service flaws were found in poppler's JBIG2 decoder. An
attacker could create a malicious PDF file that would cause applications
that use poppler (such as Evince) to crash when opened. (CVE-2009-0799,
CVE-2009-1181, CVE-2009-1183)
Red Hat would like to thank Braden Thomas and Drew Yao of the Apple Product
Security team, and Will Dormann of the CERT/CC for responsibly reporting
these flaws.
Users are advised to upgrade to these updated packages, which contain
backported patches to resolve these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated poppler packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.", title: "Topic", }, { category: "general", text: "Poppler is a Portable Document Format (PDF) rendering library, used by\napplications such as Evince.\n\nMultiple integer overflow flaws were found in poppler. An attacker could\ncreate a malicious PDF file that would cause applications that use poppler\n(such as Evince) to crash or, potentially, execute arbitrary code when\nopened. (CVE-2009-0147, CVE-2009-1179, CVE-2009-1187, CVE-2009-1188)\n\nMultiple buffer overflow flaws were found in poppler's JBIG2 decoder. An\nattacker could create a malicious PDF file that would cause applications\nthat use poppler (such as Evince) to crash or, potentially, execute\narbitrary code when opened. (CVE-2009-0146, CVE-2009-1182)\n\nMultiple flaws were found in poppler's JBIG2 decoder that could lead to the\nfreeing of arbitrary memory. An attacker could create a malicious PDF file\nthat would cause applications that use poppler (such as Evince) to crash\nor, potentially, execute arbitrary code when opened. (CVE-2009-0166,\nCVE-2009-1180)\n\nMultiple input validation flaws were found in poppler's JBIG2 decoder. An\nattacker could create a malicious PDF file that would cause applications\nthat use poppler (such as Evince) to crash or, potentially, execute\narbitrary code when opened. (CVE-2009-0800)\n\nMultiple denial of service flaws were found in poppler's JBIG2 decoder. An\nattacker could create a malicious PDF file that would cause applications\nthat use poppler (such as Evince) to crash when opened. (CVE-2009-0799,\nCVE-2009-1181, CVE-2009-1183)\n\nRed Hat would like to thank Braden Thomas and Drew Yao of the Apple Product\nSecurity team, and Will Dormann of the CERT/CC for responsibly reporting\nthese flaws.\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to resolve these issues.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2009:0480", url: "https://access.redhat.com/errata/RHSA-2009:0480", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "490612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490612", }, { category: "external", summary: "490614", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490614", }, { category: "external", summary: "490625", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490625", }, { category: "external", summary: "491864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=491864", }, { category: "external", summary: "495886", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495886", }, { category: "external", summary: "495887", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495887", }, { category: "external", summary: "495889", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495889", }, { category: "external", summary: "495892", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495892", }, { category: "external", summary: "495894", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495894", }, { category: "external", summary: "495896", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495896", }, { category: "external", summary: "495899", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495899", }, { category: "external", summary: "495906", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495906", }, { category: "external", summary: "495907", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495907", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_0480.json", }, ], title: "Red Hat Security Advisory: poppler security update", tracking: { current_release_date: "2024-11-22T03:03:47+00:00", generator: { date: "2024-11-22T03:03:47+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2009:0480", initial_release_date: "2009-05-13T14:32:00+00:00", revision_history: [ { date: "2009-05-13T14:32:00+00:00", number: "1", summary: "Initial version", }, { date: "2009-05-13T10:32:34+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T03:03:47+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Desktop (v. 5 client)", product: { name: "Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:5::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product: { name: "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:5::client_workstation", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux (v. 5 server)", product: { name: "Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:5::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "poppler-0:0.5.4-4.4.el5_3.9.src", product: { name: "poppler-0:0.5.4-4.4.el5_3.9.src", product_id: "poppler-0:0.5.4-4.4.el5_3.9.src", product_identification_helper: { purl: "pkg:rpm/redhat/poppler@0.5.4-4.4.el5_3.9?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", product: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", product_id: "poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-devel@0.5.4-4.4.el5_3.9?arch=x86_64", }, }, }, { category: "product_version", name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", product: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", product_id: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-debuginfo@0.5.4-4.4.el5_3.9?arch=x86_64", }, }, }, { category: "product_version", name: "poppler-0:0.5.4-4.4.el5_3.9.x86_64", product: { name: "poppler-0:0.5.4-4.4.el5_3.9.x86_64", product_id: "poppler-0:0.5.4-4.4.el5_3.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/poppler@0.5.4-4.4.el5_3.9?arch=x86_64", }, }, }, { category: "product_version", name: "poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", product: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", product_id: "poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-utils@0.5.4-4.4.el5_3.9?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "poppler-devel-0:0.5.4-4.4.el5_3.9.i386", product: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.i386", product_id: "poppler-devel-0:0.5.4-4.4.el5_3.9.i386", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-devel@0.5.4-4.4.el5_3.9?arch=i386", }, }, }, { category: "product_version", name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", product: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", product_id: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-debuginfo@0.5.4-4.4.el5_3.9?arch=i386", }, }, }, { category: "product_version", name: "poppler-0:0.5.4-4.4.el5_3.9.i386", product: { name: "poppler-0:0.5.4-4.4.el5_3.9.i386", product_id: "poppler-0:0.5.4-4.4.el5_3.9.i386", product_identification_helper: { purl: "pkg:rpm/redhat/poppler@0.5.4-4.4.el5_3.9?arch=i386", }, }, }, { category: "product_version", name: "poppler-utils-0:0.5.4-4.4.el5_3.9.i386", product: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.i386", product_id: "poppler-utils-0:0.5.4-4.4.el5_3.9.i386", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-utils@0.5.4-4.4.el5_3.9?arch=i386", }, }, }, ], category: "architecture", name: "i386", }, { branches: [ { category: "product_version", name: "poppler-0:0.5.4-4.4.el5_3.9.ia64", product: { name: "poppler-0:0.5.4-4.4.el5_3.9.ia64", product_id: "poppler-0:0.5.4-4.4.el5_3.9.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/poppler@0.5.4-4.4.el5_3.9?arch=ia64", }, }, }, { category: "product_version", name: "poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", product: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", product_id: "poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-utils@0.5.4-4.4.el5_3.9?arch=ia64", }, }, }, { category: "product_version", name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", product: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", product_id: "poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-devel@0.5.4-4.4.el5_3.9?arch=ia64", }, }, }, { category: "product_version", name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", product: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", product_id: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-debuginfo@0.5.4-4.4.el5_3.9?arch=ia64", }, }, }, ], category: "architecture", name: "ia64", }, { branches: [ { category: "product_version", name: "poppler-0:0.5.4-4.4.el5_3.9.ppc64", product: { name: "poppler-0:0.5.4-4.4.el5_3.9.ppc64", product_id: "poppler-0:0.5.4-4.4.el5_3.9.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/poppler@0.5.4-4.4.el5_3.9?arch=ppc64", }, }, }, { category: "product_version", name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", product: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", product_id: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-devel@0.5.4-4.4.el5_3.9?arch=ppc64", }, }, }, { category: "product_version", name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", product: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", product_id: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-debuginfo@0.5.4-4.4.el5_3.9?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "poppler-0:0.5.4-4.4.el5_3.9.ppc", product: { name: "poppler-0:0.5.4-4.4.el5_3.9.ppc", product_id: "poppler-0:0.5.4-4.4.el5_3.9.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/poppler@0.5.4-4.4.el5_3.9?arch=ppc", }, }, }, { category: "product_version", name: "poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", product: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", product_id: "poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-utils@0.5.4-4.4.el5_3.9?arch=ppc", }, }, }, { category: "product_version", name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", product: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", product_id: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-devel@0.5.4-4.4.el5_3.9?arch=ppc", }, }, }, { category: "product_version", name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", product: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", product_id: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-debuginfo@0.5.4-4.4.el5_3.9?arch=ppc", }, }, }, ], category: "architecture", name: "ppc", }, { branches: [ { category: "product_version", name: "poppler-0:0.5.4-4.4.el5_3.9.s390x", product: { name: "poppler-0:0.5.4-4.4.el5_3.9.s390x", product_id: "poppler-0:0.5.4-4.4.el5_3.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/poppler@0.5.4-4.4.el5_3.9?arch=s390x", }, }, }, { category: "product_version", name: "poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", product: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", product_id: "poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-utils@0.5.4-4.4.el5_3.9?arch=s390x", }, }, }, { category: "product_version", name: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", product: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", product_id: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-devel@0.5.4-4.4.el5_3.9?arch=s390x", }, }, }, { category: "product_version", name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", product: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", product_id: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-debuginfo@0.5.4-4.4.el5_3.9?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "poppler-0:0.5.4-4.4.el5_3.9.s390", product: { name: "poppler-0:0.5.4-4.4.el5_3.9.s390", product_id: "poppler-0:0.5.4-4.4.el5_3.9.s390", product_identification_helper: { purl: "pkg:rpm/redhat/poppler@0.5.4-4.4.el5_3.9?arch=s390", }, }, }, { category: "product_version", name: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390", product: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390", product_id: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-devel@0.5.4-4.4.el5_3.9?arch=s390", }, }, }, { category: "product_version", name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", product: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", product_id: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-debuginfo@0.5.4-4.4.el5_3.9?arch=s390", }, }, }, ], category: "architecture", name: "s390", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.ppc64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.s390", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.src as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.src", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.ppc64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.s390", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.src", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.ppc64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.s390 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.s390", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.src as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.src", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Server", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Drew Yao", "Braden Thomas", ], organization: "Apple Product Security", }, ], cve: "CVE-2009-0146", discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "490612", }, ], notes: [ { category: "description", text: "Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and (2) JBIG2Stream::readSymbolDictSeg.", title: "Vulnerability description", }, { category: "summary", text: "xpdf: Multiple buffer overflows in JBIG2 decoder (setBitmap, readSymbolDictSeg) (CVE-2009-0195)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-0146", }, { category: "external", summary: "RHBZ#490612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490612", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-0146", url: "https://www.cve.org/CVERecord?id=CVE-2009-0146", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-0146", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-0146", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "xpdf: Multiple buffer overflows in JBIG2 decoder (setBitmap, readSymbolDictSeg) (CVE-2009-0195)", }, { acknowledgments: [ { names: [ "Braden Thomas", ], }, { names: [ "Drew Yao", ], organization: "Apple Product Security team", }, ], cve: "CVE-2009-0147", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "490614", }, ], notes: [ { category: "description", text: "Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg, (2) JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap.", title: "Vulnerability description", }, { category: "summary", text: "xpdf: Multiple integer overflows in JBIG2 decoder", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-0147", }, { category: "external", summary: "RHBZ#490614", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490614", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-0147", url: "https://www.cve.org/CVERecord?id=CVE-2009-0147", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-0147", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-0147", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "xpdf: Multiple integer overflows in JBIG2 decoder", }, { acknowledgments: [ { names: [ "Braden Thomas", ], }, { names: [ "Drew Yao", ], organization: "Apple Product Security team", }, ], cve: "CVE-2009-0166", discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "490625", }, ], notes: [ { category: "description", text: "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory.", title: "Vulnerability description", }, { category: "summary", text: "xpdf: Freeing of potentially uninitialized memory in JBIG2 decoder", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-0166", }, { category: "external", summary: "RHBZ#490625", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490625", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-0166", url: "https://www.cve.org/CVERecord?id=CVE-2009-0166", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-0166", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-0166", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "xpdf: Freeing of potentially uninitialized memory in JBIG2 decoder", }, { acknowledgments: [ { names: [ "Drew Yao", "Braden Thomas", ], organization: "Apple Product Security", }, ], cve: "CVE-2009-0195", discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "490612", }, ], notes: [ { category: "description", text: "Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execute arbitrary code via a PDF file with crafted JBIG2 symbol dictionary segments.", title: "Vulnerability description", }, { category: "summary", text: "xpdf: Multiple buffer overflows in JBIG2 decoder (setBitmap, readSymbolDictSeg) (CVE-2009-0195)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-0195", }, { category: "external", summary: "RHBZ#490612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490612", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-0195", url: "https://www.cve.org/CVERecord?id=CVE-2009-0195", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-0195", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-0195", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "xpdf: Multiple buffer overflows in JBIG2 decoder (setBitmap, readSymbolDictSeg) (CVE-2009-0195)", }, { cve: "CVE-2009-0791", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2009-03-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "491840", }, ], notes: [ { category: "description", text: "Multiple integer overflows in Xpdf 2.x and 3.x and Poppler 0.x, as used in the pdftops filter in CUPS 1.1.17, 1.1.22, and 1.3.7, GPdf, and kdegraphics KPDF, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file that triggers a heap-based buffer overflow, possibly related to (1) Decrypt.cxx, (2) FoFiTrueType.cxx, (3) gmem.c, (4) JBIG2Stream.cxx, and (5) PSOutputDev.cxx in pdftops/. NOTE: the JBIG2Stream.cxx vector may overlap CVE-2009-1179.", title: "Vulnerability description", }, { category: "summary", text: "xpdf: multiple integer overflows", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-0791", }, { category: "external", summary: "RHBZ#491840", url: "https://bugzilla.redhat.com/show_bug.cgi?id=491840", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-0791", url: "https://www.cve.org/CVERecord?id=CVE-2009-0791", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-0791", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-0791", }, ], release_date: "2009-05-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "xpdf: multiple integer overflows", }, { acknowledgments: [ { names: [ "Will Dormann", ], organization: "CERT/CC", }, ], cve: "CVE-2009-0799", discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "495886", }, ], notes: [ { category: "description", text: "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers an out-of-bounds read.", title: "Vulnerability description", }, { category: "summary", text: "PDF JBIG2 decoder OOB read", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-0799", }, { category: "external", summary: "RHBZ#495886", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495886", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-0799", url: "https://www.cve.org/CVERecord?id=CVE-2009-0799", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-0799", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-0799", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "PDF JBIG2 decoder OOB read", }, { acknowledgments: [ { names: [ "Will Dormann", ], organization: "CERT/CC", }, ], cve: "CVE-2009-0800", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "495887", }, ], notes: [ { category: "description", text: "Multiple \"input validation flaws\" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.", title: "Vulnerability description", }, { category: "summary", text: "PDF JBIG2 multiple input validation flaws", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-0800", }, { category: "external", summary: "RHBZ#495887", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495887", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-0800", url: "https://www.cve.org/CVERecord?id=CVE-2009-0800", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-0800", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-0800", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "PDF JBIG2 multiple input validation flaws", }, { acknowledgments: [ { names: [ "Will Dormann", ], organization: "CERT/CC", }, ], cve: "CVE-2009-1179", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "495889", }, ], notes: [ { category: "description", text: "Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file.", title: "Vulnerability description", }, { category: "summary", text: "PDF JBIG2 integer overflow", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1179", }, { category: "external", summary: "RHBZ#495889", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495889", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1179", url: "https://www.cve.org/CVERecord?id=CVE-2009-1179", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1179", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1179", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "PDF JBIG2 integer overflow", }, { acknowledgments: [ { names: [ "Will Dormann", ], organization: "CERT/CC", }, ], cve: "CVE-2009-1180", discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "495892", }, ], notes: [ { category: "description", text: "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data.", title: "Vulnerability description", }, { category: "summary", text: "PDF JBIG2 invalid free()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1180", }, { category: "external", summary: "RHBZ#495892", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495892", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1180", url: "https://www.cve.org/CVERecord?id=CVE-2009-1180", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1180", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1180", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "PDF JBIG2 invalid free()", }, { acknowledgments: [ { names: [ "Will Dormann", ], organization: "CERT/CC", }, ], cve: "CVE-2009-1181", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "495894", }, ], notes: [ { category: "description", text: "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a NULL pointer dereference.", title: "Vulnerability description", }, { category: "summary", text: "PDF JBIG2 NULL dereference", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1181", }, { category: "external", summary: "RHBZ#495894", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495894", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1181", url: "https://www.cve.org/CVERecord?id=CVE-2009-1181", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1181", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1181", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "PDF JBIG2 NULL dereference", }, { acknowledgments: [ { names: [ "Will Dormann", ], organization: "CERT/CC", }, ], cve: "CVE-2009-1182", discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "495896", }, ], notes: [ { category: "description", text: "Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.", title: "Vulnerability description", }, { category: "summary", text: "PDF JBIG2 MMR decoder buffer overflows", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1182", }, { category: "external", summary: "RHBZ#495896", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495896", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1182", url: "https://www.cve.org/CVERecord?id=CVE-2009-1182", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1182", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1182", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "PDF JBIG2 MMR decoder buffer overflows", }, { acknowledgments: [ { names: [ "Will Dormann", ], organization: "CERT/CC", }, ], cve: "CVE-2009-1183", cwe: { id: "CWE-835", name: "Loop with Unreachable Exit Condition ('Infinite Loop')", }, discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "495899", }, ], notes: [ { category: "description", text: "The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file.", title: "Vulnerability description", }, { category: "summary", text: "PDF JBIG2 MMR infinite loop DoS", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1183", }, { category: "external", summary: "RHBZ#495899", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495899", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1183", url: "https://www.cve.org/CVERecord?id=CVE-2009-1183", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1183", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1183", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "PDF JBIG2 MMR infinite loop DoS", }, { acknowledgments: [ { names: [ "Will Dormann", ], organization: "CERT/CC", }, ], cve: "CVE-2009-1187", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "495906", }, ], notes: [ { category: "description", text: "Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).", title: "Vulnerability description", }, { category: "summary", text: "poppler CairoOutputDev integer overflow", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1187", }, { category: "external", summary: "RHBZ#495906", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495906", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1187", url: "https://www.cve.org/CVERecord?id=CVE-2009-1187", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1187", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1187", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "poppler CairoOutputDev integer overflow", }, { acknowledgments: [ { names: [ "Will Dormann", ], organization: "CERT/CC", }, ], cve: "CVE-2009-1188", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "495907", }, ], notes: [ { category: "description", text: "Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.", title: "Vulnerability description", }, { category: "summary", text: "xpdf/poppler: SplashBitmap integer overflow", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1188", }, { category: "external", summary: "RHBZ#495907", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495907", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1188", url: "https://www.cve.org/CVERecord?id=CVE-2009-1188", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1188", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1188", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "xpdf/poppler: SplashBitmap integer overflow", }, { acknowledgments: [ { names: [ "Adam Zabrocki", ], }, ], cve: "CVE-2009-3604", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2009-09-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "526911", }, ], notes: [ { category: "description", text: "The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document that triggers a NULL pointer dereference or a heap-based buffer overflow.", title: "Vulnerability description", }, { category: "summary", text: "xpdf/poppler: Splash:: drawImage integer overflow and missing allocation return value check", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-3604", }, { category: "external", summary: "RHBZ#526911", url: "https://bugzilla.redhat.com/show_bug.cgi?id=526911", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-3604", url: "https://www.cve.org/CVERecord?id=CVE-2009-3604", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-3604", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-3604", }, ], release_date: "2009-10-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "xpdf/poppler: Splash:: drawImage integer overflow and missing allocation return value check", }, { cve: "CVE-2009-3606", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2009-06-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "526877", }, ], notes: [ { category: "description", text: "Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.", title: "Vulnerability description", }, { category: "summary", text: "xpdf/poppler: PSOutputDev:: doImageL1Sep integer overflow", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-3606", }, { category: "external", summary: "RHBZ#526877", url: "https://bugzilla.redhat.com/show_bug.cgi?id=526877", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-3606", url: "https://www.cve.org/CVERecord?id=CVE-2009-3606", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-3606", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-3606", }, ], release_date: "2009-10-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "HIGH", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 3.7, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "xpdf/poppler: PSOutputDev:: doImageL1Sep integer overflow", }, ], }
rhsa-2009:0480
Vulnerability from csaf_redhat
Published
2009-05-13 14:32
Modified
2024-11-22 03:03
Summary
Red Hat Security Advisory: poppler security update
Notes
Topic
Updated poppler packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 5.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Details
Poppler is a Portable Document Format (PDF) rendering library, used by
applications such as Evince.
Multiple integer overflow flaws were found in poppler. An attacker could
create a malicious PDF file that would cause applications that use poppler
(such as Evince) to crash or, potentially, execute arbitrary code when
opened. (CVE-2009-0147, CVE-2009-1179, CVE-2009-1187, CVE-2009-1188)
Multiple buffer overflow flaws were found in poppler's JBIG2 decoder. An
attacker could create a malicious PDF file that would cause applications
that use poppler (such as Evince) to crash or, potentially, execute
arbitrary code when opened. (CVE-2009-0146, CVE-2009-1182)
Multiple flaws were found in poppler's JBIG2 decoder that could lead to the
freeing of arbitrary memory. An attacker could create a malicious PDF file
that would cause applications that use poppler (such as Evince) to crash
or, potentially, execute arbitrary code when opened. (CVE-2009-0166,
CVE-2009-1180)
Multiple input validation flaws were found in poppler's JBIG2 decoder. An
attacker could create a malicious PDF file that would cause applications
that use poppler (such as Evince) to crash or, potentially, execute
arbitrary code when opened. (CVE-2009-0800)
Multiple denial of service flaws were found in poppler's JBIG2 decoder. An
attacker could create a malicious PDF file that would cause applications
that use poppler (such as Evince) to crash when opened. (CVE-2009-0799,
CVE-2009-1181, CVE-2009-1183)
Red Hat would like to thank Braden Thomas and Drew Yao of the Apple Product
Security team, and Will Dormann of the CERT/CC for responsibly reporting
these flaws.
Users are advised to upgrade to these updated packages, which contain
backported patches to resolve these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated poppler packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.", title: "Topic", }, { category: "general", text: "Poppler is a Portable Document Format (PDF) rendering library, used by\napplications such as Evince.\n\nMultiple integer overflow flaws were found in poppler. An attacker could\ncreate a malicious PDF file that would cause applications that use poppler\n(such as Evince) to crash or, potentially, execute arbitrary code when\nopened. (CVE-2009-0147, CVE-2009-1179, CVE-2009-1187, CVE-2009-1188)\n\nMultiple buffer overflow flaws were found in poppler's JBIG2 decoder. An\nattacker could create a malicious PDF file that would cause applications\nthat use poppler (such as Evince) to crash or, potentially, execute\narbitrary code when opened. (CVE-2009-0146, CVE-2009-1182)\n\nMultiple flaws were found in poppler's JBIG2 decoder that could lead to the\nfreeing of arbitrary memory. An attacker could create a malicious PDF file\nthat would cause applications that use poppler (such as Evince) to crash\nor, potentially, execute arbitrary code when opened. (CVE-2009-0166,\nCVE-2009-1180)\n\nMultiple input validation flaws were found in poppler's JBIG2 decoder. An\nattacker could create a malicious PDF file that would cause applications\nthat use poppler (such as Evince) to crash or, potentially, execute\narbitrary code when opened. (CVE-2009-0800)\n\nMultiple denial of service flaws were found in poppler's JBIG2 decoder. An\nattacker could create a malicious PDF file that would cause applications\nthat use poppler (such as Evince) to crash when opened. (CVE-2009-0799,\nCVE-2009-1181, CVE-2009-1183)\n\nRed Hat would like to thank Braden Thomas and Drew Yao of the Apple Product\nSecurity team, and Will Dormann of the CERT/CC for responsibly reporting\nthese flaws.\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to resolve these issues.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2009:0480", url: "https://access.redhat.com/errata/RHSA-2009:0480", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "490612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490612", }, { category: "external", summary: "490614", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490614", }, { category: "external", summary: "490625", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490625", }, { category: "external", summary: "491864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=491864", }, { category: "external", summary: "495886", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495886", }, { category: "external", summary: "495887", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495887", }, { category: "external", summary: "495889", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495889", }, { category: "external", summary: "495892", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495892", }, { category: "external", summary: "495894", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495894", }, { category: "external", summary: "495896", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495896", }, { category: "external", summary: "495899", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495899", }, { category: "external", summary: "495906", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495906", }, { category: "external", summary: "495907", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495907", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_0480.json", }, ], title: "Red Hat Security Advisory: poppler security update", tracking: { current_release_date: "2024-11-22T03:03:47+00:00", generator: { date: "2024-11-22T03:03:47+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2009:0480", initial_release_date: "2009-05-13T14:32:00+00:00", revision_history: [ { date: "2009-05-13T14:32:00+00:00", number: "1", summary: "Initial version", }, { date: "2009-05-13T10:32:34+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T03:03:47+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Desktop (v. 5 client)", product: { name: "Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:5::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product: { name: "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:5::client_workstation", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux (v. 5 server)", product: { name: "Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:5::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "poppler-0:0.5.4-4.4.el5_3.9.src", product: { name: "poppler-0:0.5.4-4.4.el5_3.9.src", product_id: "poppler-0:0.5.4-4.4.el5_3.9.src", product_identification_helper: { purl: "pkg:rpm/redhat/poppler@0.5.4-4.4.el5_3.9?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", product: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", product_id: "poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-devel@0.5.4-4.4.el5_3.9?arch=x86_64", }, }, }, { category: "product_version", name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", product: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", product_id: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-debuginfo@0.5.4-4.4.el5_3.9?arch=x86_64", }, }, }, { category: "product_version", name: "poppler-0:0.5.4-4.4.el5_3.9.x86_64", product: { name: "poppler-0:0.5.4-4.4.el5_3.9.x86_64", product_id: "poppler-0:0.5.4-4.4.el5_3.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/poppler@0.5.4-4.4.el5_3.9?arch=x86_64", }, }, }, { category: "product_version", name: "poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", product: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", product_id: "poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-utils@0.5.4-4.4.el5_3.9?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "poppler-devel-0:0.5.4-4.4.el5_3.9.i386", product: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.i386", product_id: "poppler-devel-0:0.5.4-4.4.el5_3.9.i386", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-devel@0.5.4-4.4.el5_3.9?arch=i386", }, }, }, { category: "product_version", name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", product: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", product_id: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-debuginfo@0.5.4-4.4.el5_3.9?arch=i386", }, }, }, { category: "product_version", name: "poppler-0:0.5.4-4.4.el5_3.9.i386", product: { name: "poppler-0:0.5.4-4.4.el5_3.9.i386", product_id: "poppler-0:0.5.4-4.4.el5_3.9.i386", product_identification_helper: { purl: "pkg:rpm/redhat/poppler@0.5.4-4.4.el5_3.9?arch=i386", }, }, }, { category: "product_version", name: "poppler-utils-0:0.5.4-4.4.el5_3.9.i386", product: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.i386", product_id: "poppler-utils-0:0.5.4-4.4.el5_3.9.i386", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-utils@0.5.4-4.4.el5_3.9?arch=i386", }, }, }, ], category: "architecture", name: "i386", }, { branches: [ { category: "product_version", name: "poppler-0:0.5.4-4.4.el5_3.9.ia64", product: { name: "poppler-0:0.5.4-4.4.el5_3.9.ia64", product_id: "poppler-0:0.5.4-4.4.el5_3.9.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/poppler@0.5.4-4.4.el5_3.9?arch=ia64", }, }, }, { category: "product_version", name: "poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", product: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", product_id: "poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-utils@0.5.4-4.4.el5_3.9?arch=ia64", }, }, }, { category: "product_version", name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", product: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", product_id: "poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-devel@0.5.4-4.4.el5_3.9?arch=ia64", }, }, }, { category: "product_version", name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", product: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", product_id: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-debuginfo@0.5.4-4.4.el5_3.9?arch=ia64", }, }, }, ], category: "architecture", name: "ia64", }, { branches: [ { category: "product_version", name: "poppler-0:0.5.4-4.4.el5_3.9.ppc64", product: { name: "poppler-0:0.5.4-4.4.el5_3.9.ppc64", product_id: "poppler-0:0.5.4-4.4.el5_3.9.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/poppler@0.5.4-4.4.el5_3.9?arch=ppc64", }, }, }, { category: "product_version", name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", product: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", product_id: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-devel@0.5.4-4.4.el5_3.9?arch=ppc64", }, }, }, { category: "product_version", name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", product: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", product_id: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-debuginfo@0.5.4-4.4.el5_3.9?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "poppler-0:0.5.4-4.4.el5_3.9.ppc", product: { name: "poppler-0:0.5.4-4.4.el5_3.9.ppc", product_id: "poppler-0:0.5.4-4.4.el5_3.9.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/poppler@0.5.4-4.4.el5_3.9?arch=ppc", }, }, }, { category: "product_version", name: "poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", product: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", product_id: "poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-utils@0.5.4-4.4.el5_3.9?arch=ppc", }, }, }, { category: "product_version", name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", product: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", product_id: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-devel@0.5.4-4.4.el5_3.9?arch=ppc", }, }, }, { category: "product_version", name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", product: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", product_id: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-debuginfo@0.5.4-4.4.el5_3.9?arch=ppc", }, }, }, ], category: "architecture", name: "ppc", }, { branches: [ { category: "product_version", name: "poppler-0:0.5.4-4.4.el5_3.9.s390x", product: { name: "poppler-0:0.5.4-4.4.el5_3.9.s390x", product_id: "poppler-0:0.5.4-4.4.el5_3.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/poppler@0.5.4-4.4.el5_3.9?arch=s390x", }, }, }, { category: "product_version", name: "poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", product: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", product_id: "poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-utils@0.5.4-4.4.el5_3.9?arch=s390x", }, }, }, { category: "product_version", name: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", product: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", product_id: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-devel@0.5.4-4.4.el5_3.9?arch=s390x", }, }, }, { category: "product_version", name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", product: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", product_id: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-debuginfo@0.5.4-4.4.el5_3.9?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "poppler-0:0.5.4-4.4.el5_3.9.s390", product: { name: "poppler-0:0.5.4-4.4.el5_3.9.s390", product_id: "poppler-0:0.5.4-4.4.el5_3.9.s390", product_identification_helper: { purl: "pkg:rpm/redhat/poppler@0.5.4-4.4.el5_3.9?arch=s390", }, }, }, { category: "product_version", name: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390", product: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390", product_id: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-devel@0.5.4-4.4.el5_3.9?arch=s390", }, }, }, { category: "product_version", name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", product: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", product_id: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", product_identification_helper: { purl: "pkg:rpm/redhat/poppler-debuginfo@0.5.4-4.4.el5_3.9?arch=s390", }, }, }, ], category: "architecture", name: "s390", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.ppc64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.s390", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.src as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.src", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.ppc64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.s390", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.src", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.ppc64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.s390 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.s390", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.src as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.src", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.i386", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", }, product_reference: "poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", relates_to_product_reference: "5Server", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Drew Yao", "Braden Thomas", ], organization: "Apple Product Security", }, ], cve: "CVE-2009-0146", discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "490612", }, ], notes: [ { category: "description", text: "Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and (2) JBIG2Stream::readSymbolDictSeg.", title: "Vulnerability description", }, { category: "summary", text: "xpdf: Multiple buffer overflows in JBIG2 decoder (setBitmap, readSymbolDictSeg) (CVE-2009-0195)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-0146", }, { category: "external", summary: "RHBZ#490612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490612", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-0146", url: "https://www.cve.org/CVERecord?id=CVE-2009-0146", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-0146", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-0146", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "xpdf: Multiple buffer overflows in JBIG2 decoder (setBitmap, readSymbolDictSeg) (CVE-2009-0195)", }, { acknowledgments: [ { names: [ "Braden Thomas", ], }, { names: [ "Drew Yao", ], organization: "Apple Product Security team", }, ], cve: "CVE-2009-0147", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "490614", }, ], notes: [ { category: "description", text: "Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg, (2) JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap.", title: "Vulnerability description", }, { category: "summary", text: "xpdf: Multiple integer overflows in JBIG2 decoder", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-0147", }, { category: "external", summary: "RHBZ#490614", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490614", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-0147", url: "https://www.cve.org/CVERecord?id=CVE-2009-0147", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-0147", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-0147", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "xpdf: Multiple integer overflows in JBIG2 decoder", }, { acknowledgments: [ { names: [ "Braden Thomas", ], }, { names: [ "Drew Yao", ], organization: "Apple Product Security team", }, ], cve: "CVE-2009-0166", discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "490625", }, ], notes: [ { category: "description", text: "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory.", title: "Vulnerability description", }, { category: "summary", text: "xpdf: Freeing of potentially uninitialized memory in JBIG2 decoder", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-0166", }, { category: "external", summary: "RHBZ#490625", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490625", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-0166", url: "https://www.cve.org/CVERecord?id=CVE-2009-0166", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-0166", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-0166", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "xpdf: Freeing of potentially uninitialized memory in JBIG2 decoder", }, { acknowledgments: [ { names: [ "Drew Yao", "Braden Thomas", ], organization: "Apple Product Security", }, ], cve: "CVE-2009-0195", discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "490612", }, ], notes: [ { category: "description", text: "Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execute arbitrary code via a PDF file with crafted JBIG2 symbol dictionary segments.", title: "Vulnerability description", }, { category: "summary", text: "xpdf: Multiple buffer overflows in JBIG2 decoder (setBitmap, readSymbolDictSeg) (CVE-2009-0195)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-0195", }, { category: "external", summary: "RHBZ#490612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490612", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-0195", url: "https://www.cve.org/CVERecord?id=CVE-2009-0195", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-0195", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-0195", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "xpdf: Multiple buffer overflows in JBIG2 decoder (setBitmap, readSymbolDictSeg) (CVE-2009-0195)", }, { cve: "CVE-2009-0791", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2009-03-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "491840", }, ], notes: [ { category: "description", text: "Multiple integer overflows in Xpdf 2.x and 3.x and Poppler 0.x, as used in the pdftops filter in CUPS 1.1.17, 1.1.22, and 1.3.7, GPdf, and kdegraphics KPDF, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file that triggers a heap-based buffer overflow, possibly related to (1) Decrypt.cxx, (2) FoFiTrueType.cxx, (3) gmem.c, (4) JBIG2Stream.cxx, and (5) PSOutputDev.cxx in pdftops/. NOTE: the JBIG2Stream.cxx vector may overlap CVE-2009-1179.", title: "Vulnerability description", }, { category: "summary", text: "xpdf: multiple integer overflows", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-0791", }, { category: "external", summary: "RHBZ#491840", url: "https://bugzilla.redhat.com/show_bug.cgi?id=491840", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-0791", url: "https://www.cve.org/CVERecord?id=CVE-2009-0791", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-0791", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-0791", }, ], release_date: "2009-05-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "xpdf: multiple integer overflows", }, { acknowledgments: [ { names: [ "Will Dormann", ], organization: "CERT/CC", }, ], cve: "CVE-2009-0799", discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "495886", }, ], notes: [ { category: "description", text: "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers an out-of-bounds read.", title: "Vulnerability description", }, { category: "summary", text: "PDF JBIG2 decoder OOB read", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-0799", }, { category: "external", summary: "RHBZ#495886", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495886", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-0799", url: "https://www.cve.org/CVERecord?id=CVE-2009-0799", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-0799", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-0799", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "PDF JBIG2 decoder OOB read", }, { acknowledgments: [ { names: [ "Will Dormann", ], organization: "CERT/CC", }, ], cve: "CVE-2009-0800", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "495887", }, ], notes: [ { category: "description", text: "Multiple \"input validation flaws\" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.", title: "Vulnerability description", }, { category: "summary", text: "PDF JBIG2 multiple input validation flaws", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-0800", }, { category: "external", summary: "RHBZ#495887", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495887", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-0800", url: "https://www.cve.org/CVERecord?id=CVE-2009-0800", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-0800", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-0800", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "PDF JBIG2 multiple input validation flaws", }, { acknowledgments: [ { names: [ "Will Dormann", ], organization: "CERT/CC", }, ], cve: "CVE-2009-1179", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "495889", }, ], notes: [ { category: "description", text: "Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file.", title: "Vulnerability description", }, { category: "summary", text: "PDF JBIG2 integer overflow", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1179", }, { category: "external", summary: "RHBZ#495889", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495889", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1179", url: "https://www.cve.org/CVERecord?id=CVE-2009-1179", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1179", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1179", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "PDF JBIG2 integer overflow", }, { acknowledgments: [ { names: [ "Will Dormann", ], organization: "CERT/CC", }, ], cve: "CVE-2009-1180", discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "495892", }, ], notes: [ { category: "description", text: "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data.", title: "Vulnerability description", }, { category: "summary", text: "PDF JBIG2 invalid free()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1180", }, { category: "external", summary: "RHBZ#495892", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495892", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1180", url: "https://www.cve.org/CVERecord?id=CVE-2009-1180", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1180", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1180", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "PDF JBIG2 invalid free()", }, { acknowledgments: [ { names: [ "Will Dormann", ], organization: "CERT/CC", }, ], cve: "CVE-2009-1181", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "495894", }, ], notes: [ { category: "description", text: "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a NULL pointer dereference.", title: "Vulnerability description", }, { category: "summary", text: "PDF JBIG2 NULL dereference", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1181", }, { category: "external", summary: "RHBZ#495894", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495894", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1181", url: "https://www.cve.org/CVERecord?id=CVE-2009-1181", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1181", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1181", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "PDF JBIG2 NULL dereference", }, { acknowledgments: [ { names: [ "Will Dormann", ], organization: "CERT/CC", }, ], cve: "CVE-2009-1182", discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "495896", }, ], notes: [ { category: "description", text: "Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.", title: "Vulnerability description", }, { category: "summary", text: "PDF JBIG2 MMR decoder buffer overflows", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1182", }, { category: "external", summary: "RHBZ#495896", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495896", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1182", url: "https://www.cve.org/CVERecord?id=CVE-2009-1182", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1182", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1182", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "PDF JBIG2 MMR decoder buffer overflows", }, { acknowledgments: [ { names: [ "Will Dormann", ], organization: "CERT/CC", }, ], cve: "CVE-2009-1183", cwe: { id: "CWE-835", name: "Loop with Unreachable Exit Condition ('Infinite Loop')", }, discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "495899", }, ], notes: [ { category: "description", text: "The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file.", title: "Vulnerability description", }, { category: "summary", text: "PDF JBIG2 MMR infinite loop DoS", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1183", }, { category: "external", summary: "RHBZ#495899", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495899", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1183", url: "https://www.cve.org/CVERecord?id=CVE-2009-1183", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1183", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1183", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "PDF JBIG2 MMR infinite loop DoS", }, { acknowledgments: [ { names: [ "Will Dormann", ], organization: "CERT/CC", }, ], cve: "CVE-2009-1187", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "495906", }, ], notes: [ { category: "description", text: "Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).", title: "Vulnerability description", }, { category: "summary", text: "poppler CairoOutputDev integer overflow", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1187", }, { category: "external", summary: "RHBZ#495906", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495906", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1187", url: "https://www.cve.org/CVERecord?id=CVE-2009-1187", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1187", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1187", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "poppler CairoOutputDev integer overflow", }, { acknowledgments: [ { names: [ "Will Dormann", ], organization: "CERT/CC", }, ], cve: "CVE-2009-1188", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2009-03-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "495907", }, ], notes: [ { category: "description", text: "Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.", title: "Vulnerability description", }, { category: "summary", text: "xpdf/poppler: SplashBitmap integer overflow", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1188", }, { category: "external", summary: "RHBZ#495907", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495907", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1188", url: "https://www.cve.org/CVERecord?id=CVE-2009-1188", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1188", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1188", }, ], release_date: "2009-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "xpdf/poppler: SplashBitmap integer overflow", }, { acknowledgments: [ { names: [ "Adam Zabrocki", ], }, ], cve: "CVE-2009-3604", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2009-09-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "526911", }, ], notes: [ { category: "description", text: "The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document that triggers a NULL pointer dereference or a heap-based buffer overflow.", title: "Vulnerability description", }, { category: "summary", text: "xpdf/poppler: Splash:: drawImage integer overflow and missing allocation return value check", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-3604", }, { category: "external", summary: "RHBZ#526911", url: "https://bugzilla.redhat.com/show_bug.cgi?id=526911", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-3604", url: "https://www.cve.org/CVERecord?id=CVE-2009-3604", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-3604", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-3604", }, ], release_date: "2009-10-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "xpdf/poppler: Splash:: drawImage integer overflow and missing allocation return value check", }, { cve: "CVE-2009-3606", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2009-06-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "526877", }, ], notes: [ { category: "description", text: "Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.", title: "Vulnerability description", }, { category: "summary", text: "xpdf/poppler: PSOutputDev:: doImageL1Sep integer overflow", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-3606", }, { category: "external", summary: "RHBZ#526877", url: "https://bugzilla.redhat.com/show_bug.cgi?id=526877", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-3606", url: "https://www.cve.org/CVERecord?id=CVE-2009-3606", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-3606", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-3606", }, ], release_date: "2009-10-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-05-13T14:32:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0480", }, ], scores: [ { cvss_v2: { accessComplexity: "HIGH", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 3.7, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client-Workstation:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-0:0.5.4-4.4.el5_3.9.src", "5Client:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Client:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-0:0.5.4-4.4.el5_3.9.src", "5Server:poppler-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.ppc64", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-devel-0:0.5.4-4.4.el5_3.9.x86_64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.i386", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ia64", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.ppc", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.s390x", "5Server:poppler-utils-0:0.5.4-4.4.el5_3.9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "xpdf/poppler: PSOutputDev:: doImageL1Sep integer overflow", }, ], }
gsd-2009-1187
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).
Aliases
Aliases
{ GSD: { alias: "CVE-2009-1187", description: "Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).", id: "GSD-2009-1187", references: [ "https://www.suse.com/security/cve/CVE-2009-1187.html", "https://access.redhat.com/errata/RHSA-2009:0480", "https://linux.oracle.com/cve/CVE-2009-1187.html", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2009-1187", ], details: "Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).", id: "GSD-2009-1187", modified: "2023-12-13T01:19:48.011107Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2009-1187", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_affected: "=", version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://poppler.freedesktop.org/releases.html", refsource: "MISC", url: "http://poppler.freedesktop.org/releases.html", }, { name: "http://secunia.com/advisories/34746", refsource: "MISC", url: "http://secunia.com/advisories/34746", }, { name: "http://secunia.com/advisories/35064", refsource: "MISC", url: "http://secunia.com/advisories/35064", }, { name: "http://secunia.com/advisories/35618", refsource: "MISC", url: "http://secunia.com/advisories/35618", }, { name: "http://www.kb.cert.org/vuls/id/196617", refsource: "MISC", url: "http://www.kb.cert.org/vuls/id/196617", }, { name: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087", refsource: "MISC", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087", }, { name: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175", refsource: "MISC", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175", }, { name: "http://www.redhat.com/support/errata/RHSA-2009-0480.html", refsource: "MISC", url: "http://www.redhat.com/support/errata/RHSA-2009-0480.html", }, { name: "http://www.securityfocus.com/bid/34568", refsource: "MISC", url: "http://www.securityfocus.com/bid/34568", }, { name: "http://www.vupen.com/english/advisories/2009/1076", refsource: "MISC", url: "http://www.vupen.com/english/advisories/2009/1076", }, { name: "http://www.vupen.com/english/advisories/2010/1040", refsource: "MISC", url: "http://www.vupen.com/english/advisories/2010/1040", }, { name: "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html", refsource: "MISC", url: "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html", }, { name: "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html", refsource: "MISC", url: "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html", }, { name: "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html", refsource: "MISC", url: "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html", }, { name: "http://bugs.gentoo.org/show_bug.cgi?id=263028#c16", refsource: "MISC", url: "http://bugs.gentoo.org/show_bug.cgi?id=263028#c16", }, { name: "http://wiki.rpath.com/Advisories:rPSA-2009-0059", refsource: "MISC", url: "http://wiki.rpath.com/Advisories:rPSA-2009-0059", }, { name: "http://www.securityfocus.com/archive/1/502761/100/0/threaded", refsource: "MISC", url: "http://www.securityfocus.com/archive/1/502761/100/0/threaded", }, { name: "https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875", refsource: "MISC", url: "https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875", }, { name: "https://exchange.xforce.ibmcloud.com/vulnerabilities/50184", refsource: "MISC", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/50184", }, { name: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10292", refsource: "MISC", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10292", }, ], }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "0.10.5", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2009-1187", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-189", }, ], }, ], }, references: { reference_data: [ { name: "https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875", refsource: "CONFIRM", tags: [], url: "https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875", }, { name: "http://bugs.gentoo.org/show_bug.cgi?id=263028#c16", refsource: "CONFIRM", tags: [ "Patch", ], url: "http://bugs.gentoo.org/show_bug.cgi?id=263028#c16", }, { name: "34568", refsource: "BID", tags: [], url: "http://www.securityfocus.com/bid/34568", }, { name: "ADV-2009-1076", refsource: "VUPEN", tags: [], url: "http://www.vupen.com/english/advisories/2009/1076", }, { name: "http://poppler.freedesktop.org/releases.html", refsource: "CONFIRM", tags: [], url: "http://poppler.freedesktop.org/releases.html", }, { name: "http://wiki.rpath.com/Advisories:rPSA-2009-0059", refsource: "CONFIRM", tags: [], url: "http://wiki.rpath.com/Advisories:rPSA-2009-0059", }, { name: "34746", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/34746", }, { name: "VU#196617", refsource: "CERT-VN", tags: [ "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/196617", }, { name: "RHSA-2009:0480", refsource: "REDHAT", tags: [], url: "http://www.redhat.com/support/errata/RHSA-2009-0480.html", }, { name: "35064", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/35064", }, { name: "35618", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/35618", }, { name: "FEDORA-2009-6982", refsource: "FEDORA", tags: [], url: "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html", }, { name: "FEDORA-2009-6973", refsource: "FEDORA", tags: [], url: "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html", }, { name: "FEDORA-2009-6972", refsource: "FEDORA", tags: [], url: "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html", }, { name: "MDVSA-2010:087", refsource: "MANDRIVA", tags: [], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087", }, { name: "ADV-2010-1040", refsource: "VUPEN", tags: [], url: "http://www.vupen.com/english/advisories/2010/1040", }, { name: "MDVSA-2011:175", refsource: "MANDRIVA", tags: [], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175", }, { name: "poppler-jbig2-cairooutputdev-code-excution(50184)", refsource: "XF", tags: [], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/50184", }, { name: "oval:org.mitre.oval:def:10292", refsource: "OVAL", tags: [], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10292", }, { name: "20090417 rPSA-2009-0059-1 poppler", refsource: "BUGTRAQ", tags: [], url: "http://www.securityfocus.com/archive/1/502761/100/0/threaded", }, ], }, }, impact: { baseMetricV2: { acInsufInfo: false, cvssV2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", userInteractionRequired: false, }, }, lastModifiedDate: "2023-02-13T02:19Z", publishedDate: "2009-04-23T19:30Z", }, }, }
fkie_cve-2009-1187
Vulnerability from fkie_nvd
Published
2009-04-23 19:30
Modified
2024-11-21 01:01
Severity ?
Summary
Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*", matchCriteriaId: "E0299F4A-A027-430C-9A53-AFEF9022960C", versionEndIncluding: "0.10.5", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*", matchCriteriaId: "E23EBF88-10DE-4EA6-9F0E-F33C88541F65", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*", matchCriteriaId: "54F75CFD-3523-4017-992C-4FA6406D49F2", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*", matchCriteriaId: "DB116A19-6436-40BE-B5C6-32C22D888B9A", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*", matchCriteriaId: "8A4C1429-593B-47B6-AC84-832F2296FAB5", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*", matchCriteriaId: "18240BA6-3390-4925-AC25-DA4C42397CF7", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*", matchCriteriaId: "3090A142-2240-4A8D-A122-C037931A277C", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*", matchCriteriaId: "EFD63240-4599-4212-8AF2-7C4089CA9D28", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*", matchCriteriaId: "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*", matchCriteriaId: "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*", matchCriteriaId: "1259C59E-517F-40BE-8BA6-01AB76257C9A", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", matchCriteriaId: "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*", matchCriteriaId: "576152B4-9ACD-4C4E-B423-4A5EF44332D0", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*", matchCriteriaId: "322F9E62-6A74-4805-8F6B-9C61739B2D4E", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*", matchCriteriaId: "F51C453F-6A87-49FB-83F6-22316F28161F", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*", matchCriteriaId: "75F532F0-6653-4275-A85A-BD9A9A611E96", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*", matchCriteriaId: "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*", matchCriteriaId: "255102DA-A2C0-4795-9539-B4CBD587554A", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*", matchCriteriaId: "349B06F1-772A-4A12-A7B9-EA220ED96D2C", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*", matchCriteriaId: "B779800A-FF4B-47DD-B56F-77D10D6A335C", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*", matchCriteriaId: "F0213390-08FA-4E04-835B-8BE0FC61B464", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*", matchCriteriaId: "0B304657-740A-4F8D-99CD-22E283FEE6F1", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*", matchCriteriaId: "178680C2-DB1B-4250-9B6E-6ADABA60DE44", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*", matchCriteriaId: "FCA9036F-92DA-45C2-9FBC-DE03444D34F1", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*", matchCriteriaId: "B6855B98-DAA2-4850-A765-2F4D6D93A424", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*", matchCriteriaId: "4743EC55-B61D-4C1A-9ED7-060268F2DB27", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*", matchCriteriaId: "8CD4454E-3D2B-4582-B5E5-0317A6417654", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*", matchCriteriaId: "96402B67-A7A8-44E3-914E-A10A69FAD735", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*", matchCriteriaId: "66C608C8-F382-4D6B-A638-98763C1CBB66", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*", matchCriteriaId: "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*", matchCriteriaId: "22287102-80B1-4E1F-85E4-488B020A51E0", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*", matchCriteriaId: "FF3030D6-DE07-418B-AB40-87C85FCA3C58", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*", matchCriteriaId: "D3583D56-F653-457A-B1F8-25842A15CB82", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*", matchCriteriaId: "6EEA5DBB-5A80-439E-A135-77CB40772916", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*", matchCriteriaId: "D4A5C43B-3978-4D0A-8166-A99622106781", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*", matchCriteriaId: "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*", matchCriteriaId: "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*", matchCriteriaId: "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*", matchCriteriaId: "6323ED7A-6FE8-4885-B743-3E2F82ECA08B", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*", matchCriteriaId: "90D3345C-2D35-413C-B6F9-C308BC7C2AA6", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*", matchCriteriaId: "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*", matchCriteriaId: "A9D3618D-A183-4B09-9CA2-8D622C3486DD", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*", matchCriteriaId: "A88294D9-563E-4AB3-9FE6-971F43B052B4", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*", matchCriteriaId: "1A39F672-B238-4B21-A48E-5121771949F3", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*", matchCriteriaId: "58A5D199-E952-44B5-B5E5-170040FA813E", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*", matchCriteriaId: "349B4B75-32E2-49FB-9606-8B057AFA2E3E", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*", matchCriteriaId: "55A8D058-224E-467E-AB61-06F90B541F24", vulnerable: true, }, { criteria: "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*", matchCriteriaId: "77C47EDD-2212-4259-8229-FF05E1A7B5AD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).", }, { lang: "es", value: "Desbordamiento de entero en la característica JBIG2 decoding en Poppler anteriores a v0.10.6 permite a atacantes remotos producir una denegación de servicio (caida) y posiblemente ejecutar código a través de vectores relacionados con CairoOutputDev (CairoOutputDev.cc).", }, ], id: "CVE-2009-1187", lastModified: "2024-11-21T01:01:52.213", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2009-04-23T19:30:00.530", references: [ { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://bugs.gentoo.org/show_bug.cgi?id=263028#c16", }, { source: "secalert@redhat.com", url: "http://poppler.freedesktop.org/releases.html", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/34746", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/35064", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/35618", }, { source: "secalert@redhat.com", url: "http://wiki.rpath.com/Advisories:rPSA-2009-0059", }, { source: "secalert@redhat.com", tags: [ "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/196617", }, { source: "secalert@redhat.com", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087", }, { source: "secalert@redhat.com", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175", }, { source: "secalert@redhat.com", url: "http://www.redhat.com/support/errata/RHSA-2009-0480.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/archive/1/502761/100/0/threaded", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/34568", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2009/1076", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2010/1040", }, { source: "secalert@redhat.com", url: "https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875", }, { source: "secalert@redhat.com", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/50184", }, { source: "secalert@redhat.com", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10292", }, { source: "secalert@redhat.com", url: "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html", }, { source: "secalert@redhat.com", url: "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html", }, { source: "secalert@redhat.com", url: "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://bugs.gentoo.org/show_bug.cgi?id=263028#c16", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://poppler.freedesktop.org/releases.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/34746", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/35064", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/35618", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://wiki.rpath.com/Advisories:rPSA-2009-0059", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/196617", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2009-0480.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/502761/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/34568", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2009/1076", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2010/1040", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/50184", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10292", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-189", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
ghsa-xr2j-w2jp-cp5m
Vulnerability from github
Published
2022-05-02 03:22
Modified
2022-05-02 03:22
Details
Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).
{ affected: [], aliases: [ "CVE-2009-1187", ], database_specific: { cwe_ids: [], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2009-04-23T19:30:00Z", severity: "MODERATE", }, details: "Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).", id: "GHSA-xr2j-w2jp-cp5m", modified: "2022-05-02T03:22:33Z", published: "2022-05-02T03:22:33Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1187", }, { type: "WEB", url: "https://access.redhat.com/errata/RHSA-2009:0480", }, { type: "WEB", url: "https://access.redhat.com/security/cve/CVE-2009-1187", }, { type: "WEB", url: "https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875", }, { type: "WEB", url: "https://bugzilla.redhat.com/show_bug.cgi?id=495906", }, { type: "WEB", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/50184", }, { type: "WEB", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10292", }, { type: "WEB", url: "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html", }, { type: "WEB", url: "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html", }, { type: "WEB", url: "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html", }, { type: "WEB", url: "http://bugs.gentoo.org/show_bug.cgi?id=263028#c16", }, { type: "WEB", url: "http://poppler.freedesktop.org/releases.html", }, { type: "WEB", url: "http://secunia.com/advisories/34746", }, { type: "WEB", url: "http://secunia.com/advisories/35064", }, { type: "WEB", url: "http://secunia.com/advisories/35618", }, { type: "WEB", url: "http://wiki.rpath.com/Advisories:rPSA-2009-0059", }, { type: "WEB", url: "http://www.kb.cert.org/vuls/id/196617", }, { type: "WEB", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087", }, { type: "WEB", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175", }, { type: "WEB", url: "http://www.redhat.com/support/errata/RHSA-2009-0480.html", }, { type: "WEB", url: "http://www.securityfocus.com/archive/1/502761/100/0/threaded", }, { type: "WEB", url: "http://www.securityfocus.com/bid/34568", }, { type: "WEB", url: "http://www.vupen.com/english/advisories/2009/1076", }, { type: "WEB", url: "http://www.vupen.com/english/advisories/2010/1040", }, ], schema_version: "1.4.0", severity: [], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.