var-200904-0824
Vulnerability from variot
Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execute arbitrary code via a PDF file with crafted JBIG2 symbol dictionary segments. CUPS and Xpdf are prone to a remote buffer-overflow vulnerability because they fail to properly bounds-check user-supplied input before copying it into a finite-sized buffer. Exploiting this issue may allow remote attackers to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely cause denial-of-service conditions. The following are vulnerable; other applications or versions may also be affected: Xpdf 3.02pl2 and earlier CUPS 1.3.9 and earlier NOTE: This vulnerability may already be covered in BID 34568 (Xpdf JBIG2 Processing Multiple Security Vulnerabilities). We will update (or possibly retire) this BID as more information emerges. =========================================================== Ubuntu Security Notice USN-973-1 August 17, 2010 koffice vulnerabilities CVE-2009-0146, CVE-2009-0147, CVE-2009-0165, CVE-2009-0166, CVE-2009-0195, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, CVE-2009-3606, CVE-2009-3608, CVE-2009-3609 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 9.04
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 9.04: kword 1:1.6.3-7ubuntu6.1
In general, a standard system update will make all the necessary changes.
Details follow:
Will Dormann, Alin Rad Pop, Braden Thomas, and Drew Yao discovered that the Xpdf used in KOffice contained multiple security issues in its JBIG2 decoder. (CVE-2009-0146, CVE-2009-0147, CVE-2009-0166, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181)
It was discovered that the Xpdf used in KOffice contained multiple security issues when parsing malformed PDF documents. (CVE-2009-3606, CVE-2009-3608, CVE-2009-3609)
KOffice in Ubuntu 9.04 uses a very old version of Xpdf to import PDFs into KWord. Upstream KDE no longer supports PDF import in KOffice and as a result it was dropped in Ubuntu 9.10. While an attempt was made to fix the above issues, the maintenance burden for supporting this very old version of Xpdf outweighed its utility, and PDF import is now also disabled in Ubuntu 9.04.
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.6.3-7ubuntu6.1.diff.gz
Size/MD5: 622105 556aa62c50d527e60c1dff7b0f0aa0b1
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.6.3-7ubuntu6.1.dsc
Size/MD5: 2089 d42a7716e78fc690d256f8045017e7fa
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.6.3.orig.tar.gz
Size/MD5: 63221967 497a644adaf5d6531a0e32d14f88e5f5
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio-data_1.6.3-7ubuntu6.1_all.deb
Size/MD5: 682598 78a5406815a35440ac4480c2532f28ef
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-data_1.6.3-7ubuntu6.1_all.deb
Size/MD5: 735930 9d775bfa37c32d0ab934c25c721d6456
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-doc-html_1.6.3-7ubuntu6.1_all.deb
Size/MD5: 519734 7c05c1818b4baaa8167b6f84bbcab085
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-doc_1.6.3-7ubuntu6.1_all.deb
Size/MD5: 18982 465a569fb8bbd06f80e8b19e6acc1695
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.6.3-7ubuntu6.1_all.deb
Size/MD5: 21100 780be3fc6108770d271d89cac4869b10
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter-data_1.6.3-7ubuntu6.1_all.deb
Size/MD5: 1903802 bdb13a770966f7a5b2978f510ba58f10
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita-data_1.6.3-7ubuntu6.1_all.deb
Size/MD5: 28310364 0d115fe0dfc641efe2e04508324bd72a
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword-data_1.6.3-7ubuntu6.1_all.deb
Size/MD5: 1776368 f7781ed87a7c8c5ee1ba7636c519076d
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/karbon_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 1059936 fa5f33b7cd8d1d291834ad81768a55b3
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kchart_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 1363098 1ea1bd16846af1b718392fcc80f55456
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kexi_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 3634792 de50ca28c4ffe99f5c43369be2c28c53
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kformula_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 1022466 2680eb3b5eb1fe0b939dcc4d8698df93
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 586680 af2f128a08ad516dab5e0d9181c8fa05
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dbg_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 54301774 04ffb99c1da2e2d54a0320d4eb23a8bd
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dev_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 394472 2dd7347dda792d9a1a50831b20861f94
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-libs_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 2614706 1f4f29ae856d74a751d47d6a2c2e6317
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koshell_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 177638 bbcf8e0ef85478569dd212be191cf3d6
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kplato_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 939900 81b0c652c71a1cae573a984bc8192e9c
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 1332666 2cb497195e47d739e5c73eca50ba7f3a
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 3307610 4453ddce6e47950727883a37ed0cb02a
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kspread_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 2750674 14831989300bcb63f368291710a46510
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kthesaurus_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 314700 a68a9a2cc5299b957ef823971226117a
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kugar_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 443182 d7b8296294f89bb2df6c69ac554e9d16
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword_1.6.3-7ubuntu6.1_amd64.deb
Size/MD5: 2504138 0f58ca14ca066713c273c159f6e1295d
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/karbon_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 975268 1a3b2bb23cdf4fd7ae942e53672706f1
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kchart_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 1306222 c812ef558f13e43eb448aa56d6797ed4
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kexi_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 3563484 9a47762bf756eef0defe1a690017b361
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kformula_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 1015886 5f39c46934ad9dfb55b36acd135d5b59
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 527296 e4d1682301bf58d5df51792162671e1e
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dbg_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 53049888 7baa946b92618169cdee4eab005e2533
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dev_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 409804 ff440307934403aa404a2416a6fc00a2
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-libs_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 2423308 2933a46777c6be5dd6e588afb056ce83
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koshell_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 174422 65acfb083c6dcde10f29c22d7cb2891d
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kplato_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 868786 b0f68c2390f2761fed67ed9cee032add
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 1234468 b6f06fa397725d1b915683aa8850c600
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 3037920 00a2c6161359ed7a982186ae9f82af06
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kspread_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 2634754 9a631d806d414d56e03293e108cdd19a
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kthesaurus_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 312056 e51b7691be77c0ee20224ff524f120ac
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kugar_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 430552 fe51a92f6d4db43d4c9c12c8ddda16ed
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword_1.6.3-7ubuntu6.1_i386.deb
Size/MD5: 2362696 92d4dc922ef2a920dd580b41493f7226
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/k/koffice/karbon_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 975296 dfe1b44a9c29a543fe6d76b5f0bdfbc2
http://ports.ubuntu.com/pool/main/k/koffice/kchart_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 1309438 05e8ca4579040c084f38a5a174055325
http://ports.ubuntu.com/pool/main/k/koffice/kexi_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 3579118 2e344131f0aaf4231c21af2fb8298833
http://ports.ubuntu.com/pool/main/k/koffice/kformula_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 1014884 c46aad3850fe256baf9ea38262d3a0d4
http://ports.ubuntu.com/pool/main/k/koffice/kivio_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 529176 d0ed2edaf57e2e02e73a22f15b86fdc6
http://ports.ubuntu.com/pool/main/k/koffice/koffice-dbg_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 53089422 ad89de6273a8f796239423c5b4b478e8
http://ports.ubuntu.com/pool/main/k/koffice/koffice-dev_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 394468 c410cb7ac1bfffabf2b2c0b0119e829c
http://ports.ubuntu.com/pool/main/k/koffice/koffice-libs_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 2438608 66fd9a1471e34c9a5baac9d6ec2b3bd4
http://ports.ubuntu.com/pool/main/k/koffice/koshell_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 174116 1d6410c4f8dddddc24d80666f8278c0c
http://ports.ubuntu.com/pool/main/k/koffice/kplato_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 865740 78ffc8a66fe0c555e35c71d4f8734a91
http://ports.ubuntu.com/pool/main/k/koffice/kpresenter_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 1240814 1c4d13855664db29a2e1923e929ceecc
http://ports.ubuntu.com/pool/main/k/koffice/krita_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 3036992 498218cbda6e3d3abac07ce88c6e0c2c
http://ports.ubuntu.com/pool/main/k/koffice/kspread_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 2650892 5950f9bc22ab50db430eac56d9f04697
http://ports.ubuntu.com/pool/main/k/koffice/kthesaurus_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 312060 005610b199a0d8ce05d1def703c890bb
http://ports.ubuntu.com/pool/main/k/koffice/kugar_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 432602 75b05844e99f7e2ad4ab6e20e5bed539
http://ports.ubuntu.com/pool/main/k/koffice/kword_1.6.3-7ubuntu6.1_lpia.deb
Size/MD5: 2371784 607adbbcfd28fbe1a2750fc004418c14
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/k/koffice/karbon_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 1068778 523593d94079fba3e0364f908a1a1a57
http://ports.ubuntu.com/pool/main/k/koffice/kchart_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 1364554 258dc9b33e6d270ff719c91e3ef37db9
http://ports.ubuntu.com/pool/main/k/koffice/kexi_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 3709952 28d37bcb119b836c3a4e92407738fa7f
http://ports.ubuntu.com/pool/main/k/koffice/kformula_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 1027620 5e2309d118d267e9b692fec5ee16a0db
http://ports.ubuntu.com/pool/main/k/koffice/kivio_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 587256 bead26a9cc80d7bea3c00416b178377c
http://ports.ubuntu.com/pool/main/k/koffice/koffice-dbg_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 55955530 ed06d8fe4737caa802c47e83dbb466e1
http://ports.ubuntu.com/pool/main/k/koffice/koffice-dev_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 394498 c30a126fa23c2506750e211a4b126fa9
http://ports.ubuntu.com/pool/main/k/koffice/koffice-libs_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 2619418 5370a9dcf9f00cc78da20ee4adfb4c8b
http://ports.ubuntu.com/pool/main/k/koffice/koshell_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 180344 141e38c24581f2c8f023e57fca067cb4
http://ports.ubuntu.com/pool/main/k/koffice/kplato_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 903470 8abaab749117c77c22446495e59e309c
http://ports.ubuntu.com/pool/main/k/koffice/kpresenter_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 1321174 cac2871f1847863b4b2ebf565b25df19
http://ports.ubuntu.com/pool/main/k/koffice/krita_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 3394952 44a59865f180b3d5500dc0cd4e0b906e
http://ports.ubuntu.com/pool/main/k/koffice/kspread_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 2718124 479211cb5a9018ba6fa4000a280c77e1
http://ports.ubuntu.com/pool/main/k/koffice/kthesaurus_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 320612 9e2c1960e9fc010e6dcc25a0cb1574b4
http://ports.ubuntu.com/pool/main/k/koffice/kugar_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 454328 61ee3edf596ea67f4faa0974cd46be30
http://ports.ubuntu.com/pool/main/k/koffice/kword_1.6.3-7ubuntu6.1_powerpc.deb
Size/MD5: 2512304 43c6105b4fae1f63b48c449365e95087
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/k/koffice/karbon_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 962916 ad7e5830f033940223ed825226496183
http://ports.ubuntu.com/pool/main/k/koffice/kchart_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 1304972 050e2196a5c5ccb31c89741a9b0f2b6d
http://ports.ubuntu.com/pool/main/k/koffice/kexi_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 3410504 ec1e27da573bd6b2464edc8b45ba0814
http://ports.ubuntu.com/pool/main/k/koffice/kformula_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 1013536 ef4bda5f39caed0b5ca4144e49c1097a
http://ports.ubuntu.com/pool/main/k/koffice/kivio_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 528266 7d60ee9ce5489fce6aa0f87d8178ca0c
http://ports.ubuntu.com/pool/main/k/koffice/koffice-dbg_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 51732154 137a826d403b455408b815aea0f2104a
http://ports.ubuntu.com/pool/main/k/koffice/koffice-dev_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 394506 4cfc6172b52148a1f9de20997657c590
http://ports.ubuntu.com/pool/main/k/koffice/koffice-libs_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 2354854 8c1e19804067a2aa70409e334917070e
http://ports.ubuntu.com/pool/main/k/koffice/koshell_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 172078 77aa57456966572fd5e151fc3fdbf72c
http://ports.ubuntu.com/pool/main/k/koffice/kplato_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 855470 aba0765689e839609756f3eb27693058
http://ports.ubuntu.com/pool/main/k/koffice/kpresenter_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 1223480 94ba8198733e21a488c0d6da4493b1c2
http://ports.ubuntu.com/pool/main/k/koffice/krita_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 3002516 1a884308c7fb75403d49cf1ff73fe79f
http://ports.ubuntu.com/pool/main/k/koffice/kspread_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 2565326 1fa53d14437814a657c1fe81d7269a02
http://ports.ubuntu.com/pool/main/k/koffice/kthesaurus_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 311270 97d7cca2e2a75f15288e8725fd4b905e
http://ports.ubuntu.com/pool/main/k/koffice/kugar_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 426002 0c83afb3dbd67a10c11cc7d310e81511
http://ports.ubuntu.com/pool/main/k/koffice/kword_1.6.3-7ubuntu6.1_sparc.deb
Size/MD5: 2311632 c449bd3fa59e22f9e32a884ffc3f81cf
. (CVE-2009-0163)
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X, has unspecified impact, related to g*allocn. NOTE: the JBIG2Stream.cxx vector may overlap CVE-2009-1179. (CVE-2009-0800)
The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler request with two consecutive IPP_TAG_UNSUPPORTED tags. (CVE-2009-1183)
Two integer overflow flaws were found in the CUPS pdftops filter. An attacker could create a malicious PDF file that would cause pdftops to crash or, potentially, execute arbitrary code as the lp user if the file was printed. (CVE-2009-3608, CVE-2009-3609)
This update corrects the problems.
Update:
Packages for 2008.0 are being provided due to extended support for Corporate products.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0163 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0165 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0791 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0949 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609
Updated Packages:
Mandriva Linux 2008.0: 6b17f59f63c062c017c78d459dd2d89a 2008.0/i586/cups-1.3.10-0.1mdv2008.0.i586.rpm 9bc5298d9895c356227fdda3a0ddb2c0 2008.0/i586/cups-common-1.3.10-0.1mdv2008.0.i586.rpm e3583883df8532fc8c496866dac713f8 2008.0/i586/cups-serial-1.3.10-0.1mdv2008.0.i586.rpm fac1fcb839ad53322a447d4d39f769e3 2008.0/i586/libcups2-1.3.10-0.1mdv2008.0.i586.rpm 3d65afc590fb8520d68b2a3e8e1da696 2008.0/i586/libcups2-devel-1.3.10-0.1mdv2008.0.i586.rpm 9e09ed22a2522ee45e93e0edc146193f 2008.0/i586/libpoppler2-0.6-3.5mdv2008.0.i586.rpm 7427b1f56387e84db5a15aad85b424d2 2008.0/i586/libpoppler-devel-0.6-3.5mdv2008.0.i586.rpm 67937a584d365d6b00ef688c88e8d7c5 2008.0/i586/libpoppler-glib2-0.6-3.5mdv2008.0.i586.rpm 410dc85c2c7b71ab316be5607c556682 2008.0/i586/libpoppler-glib-devel-0.6-3.5mdv2008.0.i586.rpm 64d6e14be8d93c7651ce5dc3e2ebc5bf 2008.0/i586/libpoppler-qt2-0.6-3.5mdv2008.0.i586.rpm cc9af7e314b6eaa6a8f946fa2c27f298 2008.0/i586/libpoppler-qt4-2-0.6-3.5mdv2008.0.i586.rpm 0c6d3a6b5211e8506a89144b8c3a3cfb 2008.0/i586/libpoppler-qt4-devel-0.6-3.5mdv2008.0.i586.rpm c985516638ed4d8f792daa13bd506023 2008.0/i586/libpoppler-qt-devel-0.6-3.5mdv2008.0.i586.rpm 8d05619dcef538092696ce70998abd20 2008.0/i586/php-cups-1.3.10-0.1mdv2008.0.i586.rpm 0bae2a3525b796882d2cc87853945e5a 2008.0/i586/poppler-0.6-3.5mdv2008.0.i586.rpm f3b53f5fafa8af4d754a5985e5f93830 2008.0/SRPMS/cups-1.3.10-0.1mdv2008.0.src.rpm 11b021f4e5d21d199728b9a0a37a8230 2008.0/SRPMS/poppler-0.6-3.5mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: 8249475feb3bdc74ea7060944baed6aa 2008.0/x86_64/cups-1.3.10-0.1mdv2008.0.x86_64.rpm 83951504acb783cfdb8ec4fe48d31e1e 2008.0/x86_64/cups-common-1.3.10-0.1mdv2008.0.x86_64.rpm fa8a91e8e3bc8f11c19ab460d1f690fe 2008.0/x86_64/cups-serial-1.3.10-0.1mdv2008.0.x86_64.rpm e061fdbeded2d97bb3ca6b34d33cb384 2008.0/x86_64/lib64cups2-1.3.10-0.1mdv2008.0.x86_64.rpm 893235ea8cf23295ae961ea2de0b9903 2008.0/x86_64/lib64cups2-devel-1.3.10-0.1mdv2008.0.x86_64.rpm 9844640563afdef4a870e2ed12e58136 2008.0/x86_64/lib64poppler2-0.6-3.5mdv2008.0.x86_64.rpm 06ea824a6a2cd9360a9e75a14718192a 2008.0/x86_64/lib64poppler-devel-0.6-3.5mdv2008.0.x86_64.rpm bb0eb04fa906a352e6738d08f116f89b 2008.0/x86_64/lib64poppler-glib2-0.6-3.5mdv2008.0.x86_64.rpm 43d6a85dfdad7e969655ee4e2a377370 2008.0/x86_64/lib64poppler-glib-devel-0.6-3.5mdv2008.0.x86_64.rpm eef29dde4b9e80d4c360e953cbe9110b 2008.0/x86_64/lib64poppler-qt2-0.6-3.5mdv2008.0.x86_64.rpm c74dc9f245091f451441d8b88f0beed3 2008.0/x86_64/lib64poppler-qt4-2-0.6-3.5mdv2008.0.x86_64.rpm 60345458274afc6ff480317fc408ec52 2008.0/x86_64/lib64poppler-qt4-devel-0.6-3.5mdv2008.0.x86_64.rpm 0a880b9c0d655c10f5757882e30911f1 2008.0/x86_64/lib64poppler-qt-devel-0.6-3.5mdv2008.0.x86_64.rpm eb6fde793ac0d7ea86df42aa22637807 2008.0/x86_64/php-cups-1.3.10-0.1mdv2008.0.x86_64.rpm 7f475f07368ed9158008f2891dce2cd6 2008.0/x86_64/poppler-0.6-3.5mdv2008.0.x86_64.rpm f3b53f5fafa8af4d754a5985e5f93830 2008.0/SRPMS/cups-1.3.10-0.1mdv2008.0.src.rpm 11b021f4e5d21d199728b9a0a37a8230 2008.0/SRPMS/poppler-0.6-3.5mdv2008.0.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
iD8DBQFLHXsgmqjQ0CJFipgRAu1fAKCINX1H5StX89GjMDWzGrEM1UiHeACeMLSY a3mQtrfvoibfn29OFAfdSn0= =lTbL -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201310-03
http://security.gentoo.org/
Severity: Normal Title: Poppler: Multiple vulnerabilities Date: October 06, 2013 Bugs: #263028, #290430, #290464, #308017, #338878, #352581, #459866, #480366 ID: 201310-03
Synopsis
Multiple vulnerabilities have been found in Poppler, some of which may allow execution of arbitrary code.
Background
Poppler is a cross-platform PDF rendering library originally based on Xpdf.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/poppler < 0.22.2-r1 >= 0.22.2-r1
Description
Multiple vulnerabilities have been discovered in Poppler. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Poppler users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/poppler-0.22.2-r1"
References
[ 1 ] CVE-2009-0146 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0146 [ 2 ] CVE-2009-0147 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0147 [ 3 ] CVE-2009-0165 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0165 [ 4 ] CVE-2009-0166 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0166 [ 5 ] CVE-2009-0195 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0195 [ 6 ] CVE-2009-0799 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0799 [ 7 ] CVE-2009-0800 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0800 [ 8 ] CVE-2009-1179 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1179 [ 9 ] CVE-2009-1180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1180 [ 10 ] CVE-2009-1181 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1181 [ 11 ] CVE-2009-1182 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1182 [ 12 ] CVE-2009-1183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1183 [ 13 ] CVE-2009-1187 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1187 [ 14 ] CVE-2009-1188 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1188 [ 15 ] CVE-2009-3603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3603 [ 16 ] CVE-2009-3604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3604 [ 17 ] CVE-2009-3605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3605 [ 18 ] CVE-2009-3606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3606 [ 19 ] CVE-2009-3607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3607 [ 20 ] CVE-2009-3608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3608 [ 21 ] CVE-2009-3609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3609 [ 22 ] CVE-2009-3938 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3938 [ 23 ] CVE-2010-3702 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3702 [ 24 ] CVE-2010-3703 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3703 [ 25 ] CVE-2010-3704 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3704 [ 26 ] CVE-2010-4653 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4653 [ 27 ] CVE-2010-4654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4654 [ 28 ] CVE-2012-2142 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2142 [ 29 ] CVE-2013-1788 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1788 [ 30 ] CVE-2013-1789 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1789 [ 31 ] CVE-2013-1790 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1790
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201310-03.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . NOTE: some of these details are obtained from third party information (CVE-2010-0739).
====================================================================== 2) Severity
Rating: Highly critical Impact: System access Where: Remote
====================================================================== 3) Vendor's Description of Software
"Xpdf is an open source viewer for Portable Document Format (PDF) files. (These are also sometimes also called 'Acrobat' files, from the name of Adobe's PDF software.) The Xpdf project also includes a PDF text extractor, PDF-to-PostScript converter, and various other utilities.".
Product Link: http://www.foolabs.com/xpdf/
====================================================================== 4) Description of Vulnerability
Secunia Research has discovered a vulnerability in Xpdf, which can be exploited by malicious people to potentially compromise a user's system.
The vulnerability is caused due to a boundary error while decoding JBIG2 symbol dictionary segments.
====================================================================== 5) Solution
Apply xpdf-3.02pl3.patch.
====================================================================== 6) Time Table
26/03/2009 - Vendor notified. 26/03/2009 - vendor-sec notified. 27/03/2009 - Vendor response. 17/04/2009 - Public disclosure.
====================================================================== 7) Credits
Discovered by Alin Rad Pop, Secunia Research.
====================================================================== 8) References
The Common Vulnerabilities and Exposures (CVE) project has assigned CVE-2009-0195 for the vulnerability.
====================================================================== 9) About Secunia
Secunia offers vulnerability management solutions to corporate customers with verified and reliable vulnerability intelligence relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory database as a service to the security community and private individuals, who are interested in or concerned about IT-security.
http://secunia.com/advisories/
Secunia believes that it is important to support the community and to do active vulnerability research in order to aid improving the security and reliability of software in general:
http://secunia.com/secunia_research/
Secunia regularly hires new skilled team members. Check the URL below to see currently vacant positions:
http://secunia.com/corporate/jobs/
Secunia offers a FREE mailing list called Secunia Security Advisories:
http://secunia.com/advisories/mailing_lists/
====================================================================== 10) Verification
Please verify this advisory by visiting the Secunia website: http://secunia.com/secunia_research/2009-17/
Complete list of vulnerability reports published by Secunia Research: http://secunia.com/secunia_research/
======================================================================
Full-Disclosure - We believe in it
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200904-0824",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "xpdf",
"scope": "eq",
"trust": 1.6,
"vendor": "foolabs",
"version": "0.91c"
},
{
"model": "xpdf",
"scope": "eq",
"trust": 1.6,
"vendor": "foolabs",
"version": "0.91b"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "0.4"
},
{
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.92a"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "2.01"
},
{
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.92e"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "3.00"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "1.00"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "0.7"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "1.01"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "0.93"
},
{
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.92b"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "0.6"
},
{
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.92d"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "2.03"
},
{
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.5a"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "0.91"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "0.2"
},
{
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "3.0.1"
},
{
"model": "xpdfreader",
"scope": "lte",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "3.02"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "0.3"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "0.80"
},
{
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.7a"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "0.92"
},
{
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.92c"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.9"
},
{
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.91a"
},
{
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "1.00a"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "2.00"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "0.90"
},
{
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.93b"
},
{
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.93c"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "0.5"
},
{
"model": "xpdf",
"scope": "eq",
"trust": 1.0,
"vendor": "foolabs",
"version": "0.93a"
},
{
"model": "xpdfreader",
"scope": "eq",
"trust": 1.0,
"vendor": "glyphandcog",
"version": "2.02"
},
{
"model": "xpdf",
"scope": "eq",
"trust": 0.6,
"vendor": "foolabs",
"version": "3.00"
},
{
"model": "xpdf",
"scope": "eq",
"trust": 0.6,
"vendor": "foolabs",
"version": "0.91"
},
{
"model": "xpdf",
"scope": "eq",
"trust": 0.6,
"vendor": "foolabs",
"version": "0.92"
},
{
"model": "xpdf",
"scope": "eq",
"trust": 0.3,
"vendor": "xpdf",
"version": "3.02"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.6"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.2.10"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.2.12"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.17"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.13"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.10"
},
{
"model": "gpdf",
"scope": "eq",
"trust": 0.3,
"vendor": "gnome",
"version": "2.8.2"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.2.4"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.1"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.4"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "xpdf",
"scope": "eq",
"trust": 0.3,
"vendor": "xpdf",
"version": "3.00"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.2"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.23"
},
{
"model": "software products cups rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.22"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.8"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.21"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.20"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.0.4"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.3"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "software products cups",
"scope": "ne",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.10"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "3.02pl2",
"scope": null,
"trust": 0.3,
"vendor": "xpdf",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "software products cups rc5",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.19"
},
{
"model": "3.02pl1",
"scope": null,
"trust": 0.3,
"vendor": "xpdf",
"version": null
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.2.2"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.6"
},
{
"model": "3.02pl3",
"scope": "ne",
"trust": 0.3,
"vendor": "xpdf",
"version": null
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.4-3"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.7"
},
{
"model": "(patch",
"scope": "eq",
"trust": 0.3,
"vendor": "xpdf",
"version": "3.0.12)"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.4-5"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.2.9"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.5"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20080"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.22"
},
{
"model": "1pl1",
"scope": "eq",
"trust": 0.3,
"vendor": "xpdf",
"version": "3.0"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.18"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.4-2"
},
{
"model": "pl2",
"scope": "eq",
"trust": 0.3,
"vendor": "xpdf",
"version": "3.0"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.2.8"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.0.4-8"
},
{
"model": "enterprise linux desktop version",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.14"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.7"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.12"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "software products cups rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.23"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.9"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.16"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.19"
},
{
"model": "pl3",
"scope": "eq",
"trust": 0.3,
"vendor": "xpdf",
"version": "3.0"
},
{
"model": "xpdf",
"scope": "eq",
"trust": 0.3,
"vendor": "xpdf",
"version": "3.01"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.15"
},
{
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
}
],
"sources": [
{
"db": "BID",
"id": "34791"
},
{
"db": "CNNVD",
"id": "CNNVD-200904-446"
},
{
"db": "NVD",
"id": "CVE-2009-0195"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.02",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:cups:1.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:3.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-0195"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia Research.,Alin Rad Pop",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200904-446"
}
],
"trust": 0.6
},
"cve": "CVE-2009-0195",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-37641",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2009-0195",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2009-0195",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200904-446",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-37641",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2009-0195",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-37641"
},
{
"db": "VULMON",
"id": "CVE-2009-0195"
},
{
"db": "CNNVD",
"id": "CNNVD-200904-446"
},
{
"db": "NVD",
"id": "CVE-2009-0195"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execute arbitrary code via a PDF file with crafted JBIG2 symbol dictionary segments. CUPS and Xpdf are prone to a remote buffer-overflow vulnerability because they fail to properly bounds-check user-supplied input before copying it into a finite-sized buffer. \nExploiting this issue may allow remote attackers to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely cause denial-of-service conditions. \nThe following are vulnerable; other applications or versions may also be affected:\nXpdf 3.02pl2 and earlier\nCUPS 1.3.9 and earlier\nNOTE: This vulnerability may already be covered in BID 34568 (Xpdf JBIG2 Processing Multiple Security Vulnerabilities). We will update (or possibly retire) this BID as more information emerges. ===========================================================\nUbuntu Security Notice USN-973-1 August 17, 2010\nkoffice vulnerabilities\nCVE-2009-0146, CVE-2009-0147, CVE-2009-0165, CVE-2009-0166,\nCVE-2009-0195, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179,\nCVE-2009-1180, CVE-2009-1181, CVE-2009-3606, CVE-2009-3608,\nCVE-2009-3609\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 9.04\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 9.04:\n kword 1:1.6.3-7ubuntu6.1\n\nIn general, a standard system update will make all the necessary changes. \n\nDetails follow:\n\nWill Dormann, Alin Rad Pop, Braden Thomas, and Drew Yao discovered that the\nXpdf used in KOffice contained multiple security issues in its JBIG2\ndecoder. (CVE-2009-0146,\nCVE-2009-0147, CVE-2009-0166, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179,\nCVE-2009-1180, CVE-2009-1181)\n\nIt was discovered that the Xpdf used in KOffice contained multiple security\nissues when parsing malformed PDF documents. (CVE-2009-3606, CVE-2009-3608, CVE-2009-3609)\n\nKOffice in Ubuntu 9.04 uses a very old version of Xpdf to import PDFs into\nKWord. Upstream KDE no longer supports PDF import in KOffice and as a\nresult it was dropped in Ubuntu 9.10. While an attempt was made to fix the\nabove issues, the maintenance burden for supporting this very old version\nof Xpdf outweighed its utility, and PDF import is now also disabled in\nUbuntu 9.04. \n\n\nUpdated packages for Ubuntu 9.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.6.3-7ubuntu6.1.diff.gz\n Size/MD5: 622105 556aa62c50d527e60c1dff7b0f0aa0b1\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.6.3-7ubuntu6.1.dsc\n Size/MD5: 2089 d42a7716e78fc690d256f8045017e7fa\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.6.3.orig.tar.gz\n Size/MD5: 63221967 497a644adaf5d6531a0e32d14f88e5f5\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio-data_1.6.3-7ubuntu6.1_all.deb\n Size/MD5: 682598 78a5406815a35440ac4480c2532f28ef\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-data_1.6.3-7ubuntu6.1_all.deb\n Size/MD5: 735930 9d775bfa37c32d0ab934c25c721d6456\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-doc-html_1.6.3-7ubuntu6.1_all.deb\n Size/MD5: 519734 7c05c1818b4baaa8167b6f84bbcab085\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-doc_1.6.3-7ubuntu6.1_all.deb\n Size/MD5: 18982 465a569fb8bbd06f80e8b19e6acc1695\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.6.3-7ubuntu6.1_all.deb\n Size/MD5: 21100 780be3fc6108770d271d89cac4869b10\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter-data_1.6.3-7ubuntu6.1_all.deb\n Size/MD5: 1903802 bdb13a770966f7a5b2978f510ba58f10\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita-data_1.6.3-7ubuntu6.1_all.deb\n Size/MD5: 28310364 0d115fe0dfc641efe2e04508324bd72a\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword-data_1.6.3-7ubuntu6.1_all.deb\n Size/MD5: 1776368 f7781ed87a7c8c5ee1ba7636c519076d\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/karbon_1.6.3-7ubuntu6.1_amd64.deb\n Size/MD5: 1059936 fa5f33b7cd8d1d291834ad81768a55b3\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kchart_1.6.3-7ubuntu6.1_amd64.deb\n Size/MD5: 1363098 1ea1bd16846af1b718392fcc80f55456\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kexi_1.6.3-7ubuntu6.1_amd64.deb\n Size/MD5: 3634792 de50ca28c4ffe99f5c43369be2c28c53\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kformula_1.6.3-7ubuntu6.1_amd64.deb\n Size/MD5: 1022466 2680eb3b5eb1fe0b939dcc4d8698df93\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio_1.6.3-7ubuntu6.1_amd64.deb\n Size/MD5: 586680 af2f128a08ad516dab5e0d9181c8fa05\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dbg_1.6.3-7ubuntu6.1_amd64.deb\n Size/MD5: 54301774 04ffb99c1da2e2d54a0320d4eb23a8bd\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dev_1.6.3-7ubuntu6.1_amd64.deb\n Size/MD5: 394472 2dd7347dda792d9a1a50831b20861f94\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-libs_1.6.3-7ubuntu6.1_amd64.deb\n Size/MD5: 2614706 1f4f29ae856d74a751d47d6a2c2e6317\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koshell_1.6.3-7ubuntu6.1_amd64.deb\n Size/MD5: 177638 bbcf8e0ef85478569dd212be191cf3d6\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kplato_1.6.3-7ubuntu6.1_amd64.deb\n Size/MD5: 939900 81b0c652c71a1cae573a984bc8192e9c\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter_1.6.3-7ubuntu6.1_amd64.deb\n Size/MD5: 1332666 2cb497195e47d739e5c73eca50ba7f3a\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita_1.6.3-7ubuntu6.1_amd64.deb\n Size/MD5: 3307610 4453ddce6e47950727883a37ed0cb02a\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kspread_1.6.3-7ubuntu6.1_amd64.deb\n Size/MD5: 2750674 14831989300bcb63f368291710a46510\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kthesaurus_1.6.3-7ubuntu6.1_amd64.deb\n Size/MD5: 314700 a68a9a2cc5299b957ef823971226117a\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kugar_1.6.3-7ubuntu6.1_amd64.deb\n Size/MD5: 443182 d7b8296294f89bb2df6c69ac554e9d16\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword_1.6.3-7ubuntu6.1_amd64.deb\n Size/MD5: 2504138 0f58ca14ca066713c273c159f6e1295d\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/karbon_1.6.3-7ubuntu6.1_i386.deb\n Size/MD5: 975268 1a3b2bb23cdf4fd7ae942e53672706f1\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kchart_1.6.3-7ubuntu6.1_i386.deb\n Size/MD5: 1306222 c812ef558f13e43eb448aa56d6797ed4\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kexi_1.6.3-7ubuntu6.1_i386.deb\n Size/MD5: 3563484 9a47762bf756eef0defe1a690017b361\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kformula_1.6.3-7ubuntu6.1_i386.deb\n Size/MD5: 1015886 5f39c46934ad9dfb55b36acd135d5b59\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio_1.6.3-7ubuntu6.1_i386.deb\n Size/MD5: 527296 e4d1682301bf58d5df51792162671e1e\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dbg_1.6.3-7ubuntu6.1_i386.deb\n Size/MD5: 53049888 7baa946b92618169cdee4eab005e2533\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dev_1.6.3-7ubuntu6.1_i386.deb\n Size/MD5: 409804 ff440307934403aa404a2416a6fc00a2\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-libs_1.6.3-7ubuntu6.1_i386.deb\n Size/MD5: 2423308 2933a46777c6be5dd6e588afb056ce83\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koshell_1.6.3-7ubuntu6.1_i386.deb\n Size/MD5: 174422 65acfb083c6dcde10f29c22d7cb2891d\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kplato_1.6.3-7ubuntu6.1_i386.deb\n Size/MD5: 868786 b0f68c2390f2761fed67ed9cee032add\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter_1.6.3-7ubuntu6.1_i386.deb\n Size/MD5: 1234468 b6f06fa397725d1b915683aa8850c600\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita_1.6.3-7ubuntu6.1_i386.deb\n Size/MD5: 3037920 00a2c6161359ed7a982186ae9f82af06\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kspread_1.6.3-7ubuntu6.1_i386.deb\n Size/MD5: 2634754 9a631d806d414d56e03293e108cdd19a\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kthesaurus_1.6.3-7ubuntu6.1_i386.deb\n Size/MD5: 312056 e51b7691be77c0ee20224ff524f120ac\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kugar_1.6.3-7ubuntu6.1_i386.deb\n Size/MD5: 430552 fe51a92f6d4db43d4c9c12c8ddda16ed\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword_1.6.3-7ubuntu6.1_i386.deb\n Size/MD5: 2362696 92d4dc922ef2a920dd580b41493f7226\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/k/koffice/karbon_1.6.3-7ubuntu6.1_lpia.deb\n Size/MD5: 975296 dfe1b44a9c29a543fe6d76b5f0bdfbc2\n http://ports.ubuntu.com/pool/main/k/koffice/kchart_1.6.3-7ubuntu6.1_lpia.deb\n Size/MD5: 1309438 05e8ca4579040c084f38a5a174055325\n http://ports.ubuntu.com/pool/main/k/koffice/kexi_1.6.3-7ubuntu6.1_lpia.deb\n Size/MD5: 3579118 2e344131f0aaf4231c21af2fb8298833\n http://ports.ubuntu.com/pool/main/k/koffice/kformula_1.6.3-7ubuntu6.1_lpia.deb\n Size/MD5: 1014884 c46aad3850fe256baf9ea38262d3a0d4\n http://ports.ubuntu.com/pool/main/k/koffice/kivio_1.6.3-7ubuntu6.1_lpia.deb\n Size/MD5: 529176 d0ed2edaf57e2e02e73a22f15b86fdc6\n http://ports.ubuntu.com/pool/main/k/koffice/koffice-dbg_1.6.3-7ubuntu6.1_lpia.deb\n Size/MD5: 53089422 ad89de6273a8f796239423c5b4b478e8\n http://ports.ubuntu.com/pool/main/k/koffice/koffice-dev_1.6.3-7ubuntu6.1_lpia.deb\n Size/MD5: 394468 c410cb7ac1bfffabf2b2c0b0119e829c\n http://ports.ubuntu.com/pool/main/k/koffice/koffice-libs_1.6.3-7ubuntu6.1_lpia.deb\n Size/MD5: 2438608 66fd9a1471e34c9a5baac9d6ec2b3bd4\n http://ports.ubuntu.com/pool/main/k/koffice/koshell_1.6.3-7ubuntu6.1_lpia.deb\n Size/MD5: 174116 1d6410c4f8dddddc24d80666f8278c0c\n http://ports.ubuntu.com/pool/main/k/koffice/kplato_1.6.3-7ubuntu6.1_lpia.deb\n Size/MD5: 865740 78ffc8a66fe0c555e35c71d4f8734a91\n http://ports.ubuntu.com/pool/main/k/koffice/kpresenter_1.6.3-7ubuntu6.1_lpia.deb\n Size/MD5: 1240814 1c4d13855664db29a2e1923e929ceecc\n http://ports.ubuntu.com/pool/main/k/koffice/krita_1.6.3-7ubuntu6.1_lpia.deb\n Size/MD5: 3036992 498218cbda6e3d3abac07ce88c6e0c2c\n http://ports.ubuntu.com/pool/main/k/koffice/kspread_1.6.3-7ubuntu6.1_lpia.deb\n Size/MD5: 2650892 5950f9bc22ab50db430eac56d9f04697\n http://ports.ubuntu.com/pool/main/k/koffice/kthesaurus_1.6.3-7ubuntu6.1_lpia.deb\n Size/MD5: 312060 005610b199a0d8ce05d1def703c890bb\n http://ports.ubuntu.com/pool/main/k/koffice/kugar_1.6.3-7ubuntu6.1_lpia.deb\n Size/MD5: 432602 75b05844e99f7e2ad4ab6e20e5bed539\n http://ports.ubuntu.com/pool/main/k/koffice/kword_1.6.3-7ubuntu6.1_lpia.deb\n Size/MD5: 2371784 607adbbcfd28fbe1a2750fc004418c14\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/k/koffice/karbon_1.6.3-7ubuntu6.1_powerpc.deb\n Size/MD5: 1068778 523593d94079fba3e0364f908a1a1a57\n http://ports.ubuntu.com/pool/main/k/koffice/kchart_1.6.3-7ubuntu6.1_powerpc.deb\n Size/MD5: 1364554 258dc9b33e6d270ff719c91e3ef37db9\n http://ports.ubuntu.com/pool/main/k/koffice/kexi_1.6.3-7ubuntu6.1_powerpc.deb\n Size/MD5: 3709952 28d37bcb119b836c3a4e92407738fa7f\n http://ports.ubuntu.com/pool/main/k/koffice/kformula_1.6.3-7ubuntu6.1_powerpc.deb\n Size/MD5: 1027620 5e2309d118d267e9b692fec5ee16a0db\n http://ports.ubuntu.com/pool/main/k/koffice/kivio_1.6.3-7ubuntu6.1_powerpc.deb\n Size/MD5: 587256 bead26a9cc80d7bea3c00416b178377c\n http://ports.ubuntu.com/pool/main/k/koffice/koffice-dbg_1.6.3-7ubuntu6.1_powerpc.deb\n Size/MD5: 55955530 ed06d8fe4737caa802c47e83dbb466e1\n http://ports.ubuntu.com/pool/main/k/koffice/koffice-dev_1.6.3-7ubuntu6.1_powerpc.deb\n Size/MD5: 394498 c30a126fa23c2506750e211a4b126fa9\n http://ports.ubuntu.com/pool/main/k/koffice/koffice-libs_1.6.3-7ubuntu6.1_powerpc.deb\n Size/MD5: 2619418 5370a9dcf9f00cc78da20ee4adfb4c8b\n http://ports.ubuntu.com/pool/main/k/koffice/koshell_1.6.3-7ubuntu6.1_powerpc.deb\n Size/MD5: 180344 141e38c24581f2c8f023e57fca067cb4\n http://ports.ubuntu.com/pool/main/k/koffice/kplato_1.6.3-7ubuntu6.1_powerpc.deb\n Size/MD5: 903470 8abaab749117c77c22446495e59e309c\n http://ports.ubuntu.com/pool/main/k/koffice/kpresenter_1.6.3-7ubuntu6.1_powerpc.deb\n Size/MD5: 1321174 cac2871f1847863b4b2ebf565b25df19\n http://ports.ubuntu.com/pool/main/k/koffice/krita_1.6.3-7ubuntu6.1_powerpc.deb\n Size/MD5: 3394952 44a59865f180b3d5500dc0cd4e0b906e\n http://ports.ubuntu.com/pool/main/k/koffice/kspread_1.6.3-7ubuntu6.1_powerpc.deb\n Size/MD5: 2718124 479211cb5a9018ba6fa4000a280c77e1\n http://ports.ubuntu.com/pool/main/k/koffice/kthesaurus_1.6.3-7ubuntu6.1_powerpc.deb\n Size/MD5: 320612 9e2c1960e9fc010e6dcc25a0cb1574b4\n http://ports.ubuntu.com/pool/main/k/koffice/kugar_1.6.3-7ubuntu6.1_powerpc.deb\n Size/MD5: 454328 61ee3edf596ea67f4faa0974cd46be30\n http://ports.ubuntu.com/pool/main/k/koffice/kword_1.6.3-7ubuntu6.1_powerpc.deb\n Size/MD5: 2512304 43c6105b4fae1f63b48c449365e95087\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/k/koffice/karbon_1.6.3-7ubuntu6.1_sparc.deb\n Size/MD5: 962916 ad7e5830f033940223ed825226496183\n http://ports.ubuntu.com/pool/main/k/koffice/kchart_1.6.3-7ubuntu6.1_sparc.deb\n Size/MD5: 1304972 050e2196a5c5ccb31c89741a9b0f2b6d\n http://ports.ubuntu.com/pool/main/k/koffice/kexi_1.6.3-7ubuntu6.1_sparc.deb\n Size/MD5: 3410504 ec1e27da573bd6b2464edc8b45ba0814\n http://ports.ubuntu.com/pool/main/k/koffice/kformula_1.6.3-7ubuntu6.1_sparc.deb\n Size/MD5: 1013536 ef4bda5f39caed0b5ca4144e49c1097a\n http://ports.ubuntu.com/pool/main/k/koffice/kivio_1.6.3-7ubuntu6.1_sparc.deb\n Size/MD5: 528266 7d60ee9ce5489fce6aa0f87d8178ca0c\n http://ports.ubuntu.com/pool/main/k/koffice/koffice-dbg_1.6.3-7ubuntu6.1_sparc.deb\n Size/MD5: 51732154 137a826d403b455408b815aea0f2104a\n http://ports.ubuntu.com/pool/main/k/koffice/koffice-dev_1.6.3-7ubuntu6.1_sparc.deb\n Size/MD5: 394506 4cfc6172b52148a1f9de20997657c590\n http://ports.ubuntu.com/pool/main/k/koffice/koffice-libs_1.6.3-7ubuntu6.1_sparc.deb\n Size/MD5: 2354854 8c1e19804067a2aa70409e334917070e\n http://ports.ubuntu.com/pool/main/k/koffice/koshell_1.6.3-7ubuntu6.1_sparc.deb\n Size/MD5: 172078 77aa57456966572fd5e151fc3fdbf72c\n http://ports.ubuntu.com/pool/main/k/koffice/kplato_1.6.3-7ubuntu6.1_sparc.deb\n Size/MD5: 855470 aba0765689e839609756f3eb27693058\n http://ports.ubuntu.com/pool/main/k/koffice/kpresenter_1.6.3-7ubuntu6.1_sparc.deb\n Size/MD5: 1223480 94ba8198733e21a488c0d6da4493b1c2\n http://ports.ubuntu.com/pool/main/k/koffice/krita_1.6.3-7ubuntu6.1_sparc.deb\n Size/MD5: 3002516 1a884308c7fb75403d49cf1ff73fe79f\n http://ports.ubuntu.com/pool/main/k/koffice/kspread_1.6.3-7ubuntu6.1_sparc.deb\n Size/MD5: 2565326 1fa53d14437814a657c1fe81d7269a02\n http://ports.ubuntu.com/pool/main/k/koffice/kthesaurus_1.6.3-7ubuntu6.1_sparc.deb\n Size/MD5: 311270 97d7cca2e2a75f15288e8725fd4b905e\n http://ports.ubuntu.com/pool/main/k/koffice/kugar_1.6.3-7ubuntu6.1_sparc.deb\n Size/MD5: 426002 0c83afb3dbd67a10c11cc7d310e81511\n http://ports.ubuntu.com/pool/main/k/koffice/kword_1.6.3-7ubuntu6.1_sparc.deb\n Size/MD5: 2311632 c449bd3fa59e22f9e32a884ffc3f81cf\n\n\n\n. (CVE-2009-0163)\n \n Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier,\n as used in Poppler and other products, when running on Mac OS X,\n has unspecified impact, related to g*allocn. NOTE:\n the JBIG2Stream.cxx vector may overlap CVE-2009-1179. (CVE-2009-0800)\n \n The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10\n does not properly initialize memory for IPP request packets, which\n allows remote attackers to cause a denial of service (NULL pointer\n dereference and daemon crash) via a scheduler request with two\n consecutive IPP_TAG_UNSUPPORTED tags. (CVE-2009-1183)\n \n Two integer overflow flaws were found in the CUPS pdftops filter. An\n attacker could create a malicious PDF file that would cause pdftops\n to crash or, potentially, execute arbitrary code as the lp user if\n the file was printed. (CVE-2009-3608, CVE-2009-3609)\n \n This update corrects the problems. \n\n Update:\n\n Packages for 2008.0 are being provided due to extended support for\n Corporate products. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0163\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0165\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0791\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0949\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2008.0:\n 6b17f59f63c062c017c78d459dd2d89a 2008.0/i586/cups-1.3.10-0.1mdv2008.0.i586.rpm\n 9bc5298d9895c356227fdda3a0ddb2c0 2008.0/i586/cups-common-1.3.10-0.1mdv2008.0.i586.rpm\n e3583883df8532fc8c496866dac713f8 2008.0/i586/cups-serial-1.3.10-0.1mdv2008.0.i586.rpm\n fac1fcb839ad53322a447d4d39f769e3 2008.0/i586/libcups2-1.3.10-0.1mdv2008.0.i586.rpm\n 3d65afc590fb8520d68b2a3e8e1da696 2008.0/i586/libcups2-devel-1.3.10-0.1mdv2008.0.i586.rpm\n 9e09ed22a2522ee45e93e0edc146193f 2008.0/i586/libpoppler2-0.6-3.5mdv2008.0.i586.rpm\n 7427b1f56387e84db5a15aad85b424d2 2008.0/i586/libpoppler-devel-0.6-3.5mdv2008.0.i586.rpm\n 67937a584d365d6b00ef688c88e8d7c5 2008.0/i586/libpoppler-glib2-0.6-3.5mdv2008.0.i586.rpm\n 410dc85c2c7b71ab316be5607c556682 2008.0/i586/libpoppler-glib-devel-0.6-3.5mdv2008.0.i586.rpm\n 64d6e14be8d93c7651ce5dc3e2ebc5bf 2008.0/i586/libpoppler-qt2-0.6-3.5mdv2008.0.i586.rpm\n cc9af7e314b6eaa6a8f946fa2c27f298 2008.0/i586/libpoppler-qt4-2-0.6-3.5mdv2008.0.i586.rpm\n 0c6d3a6b5211e8506a89144b8c3a3cfb 2008.0/i586/libpoppler-qt4-devel-0.6-3.5mdv2008.0.i586.rpm\n c985516638ed4d8f792daa13bd506023 2008.0/i586/libpoppler-qt-devel-0.6-3.5mdv2008.0.i586.rpm\n 8d05619dcef538092696ce70998abd20 2008.0/i586/php-cups-1.3.10-0.1mdv2008.0.i586.rpm\n 0bae2a3525b796882d2cc87853945e5a 2008.0/i586/poppler-0.6-3.5mdv2008.0.i586.rpm \n f3b53f5fafa8af4d754a5985e5f93830 2008.0/SRPMS/cups-1.3.10-0.1mdv2008.0.src.rpm\n 11b021f4e5d21d199728b9a0a37a8230 2008.0/SRPMS/poppler-0.6-3.5mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 8249475feb3bdc74ea7060944baed6aa 2008.0/x86_64/cups-1.3.10-0.1mdv2008.0.x86_64.rpm\n 83951504acb783cfdb8ec4fe48d31e1e 2008.0/x86_64/cups-common-1.3.10-0.1mdv2008.0.x86_64.rpm\n fa8a91e8e3bc8f11c19ab460d1f690fe 2008.0/x86_64/cups-serial-1.3.10-0.1mdv2008.0.x86_64.rpm\n e061fdbeded2d97bb3ca6b34d33cb384 2008.0/x86_64/lib64cups2-1.3.10-0.1mdv2008.0.x86_64.rpm\n 893235ea8cf23295ae961ea2de0b9903 2008.0/x86_64/lib64cups2-devel-1.3.10-0.1mdv2008.0.x86_64.rpm\n 9844640563afdef4a870e2ed12e58136 2008.0/x86_64/lib64poppler2-0.6-3.5mdv2008.0.x86_64.rpm\n 06ea824a6a2cd9360a9e75a14718192a 2008.0/x86_64/lib64poppler-devel-0.6-3.5mdv2008.0.x86_64.rpm\n bb0eb04fa906a352e6738d08f116f89b 2008.0/x86_64/lib64poppler-glib2-0.6-3.5mdv2008.0.x86_64.rpm\n 43d6a85dfdad7e969655ee4e2a377370 2008.0/x86_64/lib64poppler-glib-devel-0.6-3.5mdv2008.0.x86_64.rpm\n eef29dde4b9e80d4c360e953cbe9110b 2008.0/x86_64/lib64poppler-qt2-0.6-3.5mdv2008.0.x86_64.rpm\n c74dc9f245091f451441d8b88f0beed3 2008.0/x86_64/lib64poppler-qt4-2-0.6-3.5mdv2008.0.x86_64.rpm\n 60345458274afc6ff480317fc408ec52 2008.0/x86_64/lib64poppler-qt4-devel-0.6-3.5mdv2008.0.x86_64.rpm\n 0a880b9c0d655c10f5757882e30911f1 2008.0/x86_64/lib64poppler-qt-devel-0.6-3.5mdv2008.0.x86_64.rpm\n eb6fde793ac0d7ea86df42aa22637807 2008.0/x86_64/php-cups-1.3.10-0.1mdv2008.0.x86_64.rpm\n 7f475f07368ed9158008f2891dce2cd6 2008.0/x86_64/poppler-0.6-3.5mdv2008.0.x86_64.rpm \n f3b53f5fafa8af4d754a5985e5f93830 2008.0/SRPMS/cups-1.3.10-0.1mdv2008.0.src.rpm\n 11b021f4e5d21d199728b9a0a37a8230 2008.0/SRPMS/poppler-0.6-3.5mdv2008.0.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFLHXsgmqjQ0CJFipgRAu1fAKCINX1H5StX89GjMDWzGrEM1UiHeACeMLSY\na3mQtrfvoibfn29OFAfdSn0=\n=lTbL\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201310-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Poppler: Multiple vulnerabilities\n Date: October 06, 2013\n Bugs: #263028, #290430, #290464, #308017, #338878, #352581,\n #459866, #480366\n ID: 201310-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Poppler, some of which may\nallow execution of arbitrary code. \n\nBackground\n==========\n\nPoppler is a cross-platform PDF rendering library originally based on\nXpdf. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/poppler \u003c 0.22.2-r1 \u003e= 0.22.2-r1\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Poppler. Please review\nthe CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Poppler users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/poppler-0.22.2-r1\"\n\nReferences\n==========\n\n[ 1 ] CVE-2009-0146\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0146\n[ 2 ] CVE-2009-0147\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0147\n[ 3 ] CVE-2009-0165\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0165\n[ 4 ] CVE-2009-0166\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0166\n[ 5 ] CVE-2009-0195\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0195\n[ 6 ] CVE-2009-0799\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0799\n[ 7 ] CVE-2009-0800\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0800\n[ 8 ] CVE-2009-1179\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1179\n[ 9 ] CVE-2009-1180\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1180\n[ 10 ] CVE-2009-1181\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1181\n[ 11 ] CVE-2009-1182\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1182\n[ 12 ] CVE-2009-1183\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1183\n[ 13 ] CVE-2009-1187\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1187\n[ 14 ] CVE-2009-1188\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1188\n[ 15 ] CVE-2009-3603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3603\n[ 16 ] CVE-2009-3604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3604\n[ 17 ] CVE-2009-3605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3605\n[ 18 ] CVE-2009-3606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3606\n[ 19 ] CVE-2009-3607\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3607\n[ 20 ] CVE-2009-3608\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3608\n[ 21 ] CVE-2009-3609\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3609\n[ 22 ] CVE-2009-3938\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3938\n[ 23 ] CVE-2010-3702\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3702\n[ 24 ] CVE-2010-3703\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3703\n[ 25 ] CVE-2010-3704\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3704\n[ 26 ] CVE-2010-4653\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4653\n[ 27 ] CVE-2010-4654\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4654\n[ 28 ] CVE-2012-2142\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2142\n[ 29 ] CVE-2013-1788\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1788\n[ 30 ] CVE-2013-1789\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1789\n[ 31 ] CVE-2013-1790\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1790\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201310-03.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. NOTE: some of these details\n are obtained from third party information (CVE-2010-0739). \n\n====================================================================== \n2) Severity \n\nRating: Highly critical \nImpact: System access\nWhere: Remote\n\n====================================================================== \n3) Vendor\u0027s Description of Software \n\n\"Xpdf is an open source viewer for Portable Document Format (PDF)\nfiles. (These are also sometimes also called \u0027Acrobat\u0027 files, from the\nname of Adobe\u0027s PDF software.) The Xpdf project also includes a PDF\ntext extractor, PDF-to-PostScript converter, and various other\nutilities.\". \n\nProduct Link:\nhttp://www.foolabs.com/xpdf/\n\n====================================================================== \n4) Description of Vulnerability\n\nSecunia Research has discovered a vulnerability in Xpdf, which can be \nexploited by malicious people to potentially compromise a user\u0027s \nsystem. \n\nThe vulnerability is caused due to a boundary error while decoding \nJBIG2 symbol dictionary segments. \n\n====================================================================== \n5) Solution \n\nApply xpdf-3.02pl3.patch. \n\n====================================================================== \n6) Time Table \n\n26/03/2009 - Vendor notified. \n26/03/2009 - vendor-sec notified. \n27/03/2009 - Vendor response. \n17/04/2009 - Public disclosure. \n\n====================================================================== \n7) Credits \n\nDiscovered by Alin Rad Pop, Secunia Research. \n\n====================================================================== \n8) References\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned\nCVE-2009-0195 for the vulnerability. \n\n====================================================================== \n9) About Secunia\n\nSecunia offers vulnerability management solutions to corporate\ncustomers with verified and reliable vulnerability intelligence\nrelevant to their specific system configuration:\n\nhttp://secunia.com/advisories/business_solutions/\n\nSecunia also provides a publicly accessible and comprehensive advisory\ndatabase as a service to the security community and private \nindividuals, who are interested in or concerned about IT-security. \n\nhttp://secunia.com/advisories/\n\nSecunia believes that it is important to support the community and to\ndo active vulnerability research in order to aid improving the \nsecurity and reliability of software in general:\n\nhttp://secunia.com/secunia_research/\n\nSecunia regularly hires new skilled team members. Check the URL below\nto see currently vacant positions:\n\nhttp://secunia.com/corporate/jobs/\n\nSecunia offers a FREE mailing list called Secunia Security Advisories:\n\nhttp://secunia.com/advisories/mailing_lists/\n\n====================================================================== \n10) Verification \n\nPlease verify this advisory by visiting the Secunia website:\nhttp://secunia.com/secunia_research/2009-17/\n\nComplete list of vulnerability reports published by Secunia Research:\nhttp://secunia.com/secunia_research/\n\n======================================================================\n\n_______________________________________________\nFull-Disclosure - We believe in it",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-0195"
},
{
"db": "BID",
"id": "34791"
},
{
"db": "VULHUB",
"id": "VHN-37641"
},
{
"db": "VULMON",
"id": "CVE-2009-0195"
},
{
"db": "PACKETSTORM",
"id": "92846"
},
{
"db": "PACKETSTORM",
"id": "82088"
},
{
"db": "PACKETSTORM",
"id": "82087"
},
{
"db": "PACKETSTORM",
"id": "83554"
},
{
"db": "PACKETSTORM",
"id": "123523"
},
{
"db": "PACKETSTORM",
"id": "89656"
},
{
"db": "PACKETSTORM",
"id": "76775"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-37641",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-37641"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-0195",
"trust": 2.8
},
{
"db": "BID",
"id": "34791",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "34481",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "35064",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "34291",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "34963",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "34756",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2010-1040",
"trust": 1.8
},
{
"db": "CNNVD",
"id": "CNNVD-200904-446",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "76775",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "76776",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-37641",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2009-0195",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "92846",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "82088",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "82087",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83554",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123523",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "89656",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-37641"
},
{
"db": "VULMON",
"id": "CVE-2009-0195"
},
{
"db": "BID",
"id": "34791"
},
{
"db": "PACKETSTORM",
"id": "92846"
},
{
"db": "PACKETSTORM",
"id": "82088"
},
{
"db": "PACKETSTORM",
"id": "82087"
},
{
"db": "PACKETSTORM",
"id": "83554"
},
{
"db": "PACKETSTORM",
"id": "123523"
},
{
"db": "PACKETSTORM",
"id": "89656"
},
{
"db": "PACKETSTORM",
"id": "76775"
},
{
"db": "CNNVD",
"id": "CNNVD-200904-446"
},
{
"db": "NVD",
"id": "CVE-2009-0195"
}
]
},
"id": "VAR-200904-0824",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-37641"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T19:39:31.753000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Red Hat: Important: gpdf security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20090458 - security advisory"
},
{
"title": "Red Hat: Important: poppler security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20090480 - security advisory"
},
{
"title": "Red Hat: Important: xpdf security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20090430 - security advisory"
},
{
"title": "Red Hat: Important: cups security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20090429 - security advisory"
},
{
"title": "Red Hat: Important: kdegraphics security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20090431 - security advisory"
},
{
"title": "Ubuntu Security Notice: koffice vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-973-1"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/0xcybery/cve-t4pdf "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2009-0195"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-37641"
},
{
"db": "NVD",
"id": "CVE-2009-0195"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://secunia.com/secunia_research/2009-17/"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/34791"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/archive/1/502759/100/0/threaded"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/archive/1/502762/100/0/threaded"
},
{
"trust": 1.8,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2010:087"
},
{
"trust": 1.8,
"url": "http://secunia.com/secunia_research/2009-18/"
},
{
"trust": 1.8,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10076"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2009-0458.html"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2009-0480.html"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/34291"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/34481"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/34756"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/34963"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/35064"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0195"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0166"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3608"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0146"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0147"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1181"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3609"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0799"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1180"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1179"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0800"
},
{
"trust": 0.4,
"url": "http://www.foolabs.com/xpdf/"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0165"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0147"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1182"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0166"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0146"
},
{
"trust": 0.4,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.4,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3608"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0195"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1183"
},
{
"trust": 0.3,
"url": "http://www.cups.org"
},
{
"trust": 0.3,
"url": "/archive/1/502759"
},
{
"trust": 0.3,
"url": "/archive/1/502762"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0163"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1181"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0791"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0800"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3609"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0791"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0163"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0799"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1180"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1183"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1182"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0949"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0949"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1179"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3606"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0165"
},
{
"trust": 0.2,
"url": "http://secunia.com/"
},
{
"trust": 0.2,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=24749"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/973-1/"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/koshell_1.6.3-7ubuntu6.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/kivio_1.6.3-7ubuntu6.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/kplato_1.6.3-7ubuntu6.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/kugar_1.6.3-7ubuntu6.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.6.3-7ubuntu6.1.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/koffice-libs_1.6.3-7ubuntu6.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/krita_1.6.3-7ubuntu6.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita_1.6.3-7ubuntu6.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-doc_1.6.3-7ubuntu6.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/koffice-libs_1.6.3-7ubuntu6.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/kplato_1.6.3-7ubuntu6.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter-data_1.6.3-7ubuntu6.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.6.3.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kspread_1.6.3-7ubuntu6.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-libs_1.6.3-7ubuntu6.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/kugar_1.6.3-7ubuntu6.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/kthesaurus_1.6.3-7ubuntu6.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/kugar_1.6.3-7ubuntu6.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/koffice-dbg_1.6.3-7ubuntu6.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-doc-html_1.6.3-7ubuntu6.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/kthesaurus_1.6.3-7ubuntu6.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/kexi_1.6.3-7ubuntu6.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-data_1.6.3-7ubuntu6.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/koffice-dev_1.6.3-7ubuntu6.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/koshell_1.6.3-7ubuntu6.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/kformula_1.6.3-7ubuntu6.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/kchart_1.6.3-7ubuntu6.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/kpresenter_1.6.3-7ubuntu6.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kthesaurus_1.6.3-7ubuntu6.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/kchart_1.6.3-7ubuntu6.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/kspread_1.6.3-7ubuntu6.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-libs_1.6.3-7ubuntu6.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/koffice-dbg_1.6.3-7ubuntu6.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kformula_1.6.3-7ubuntu6.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter_1.6.3-7ubuntu6.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/karbon_1.6.3-7ubuntu6.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/krita_1.6.3-7ubuntu6.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/kspread_1.6.3-7ubuntu6.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/kword_1.6.3-7ubuntu6.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kformula_1.6.3-7ubuntu6.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kexi_1.6.3-7ubuntu6.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita_1.6.3-7ubuntu6.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/kplato_1.6.3-7ubuntu6.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/kthesaurus_1.6.3-7ubuntu6.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/kformula_1.6.3-7ubuntu6.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/kpresenter_1.6.3-7ubuntu6.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/kspread_1.6.3-7ubuntu6.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koshell_1.6.3-7ubuntu6.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kplato_1.6.3-7ubuntu6.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kchart_1.6.3-7ubuntu6.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter_1.6.3-7ubuntu6.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kthesaurus_1.6.3-7ubuntu6.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/kformula_1.6.3-7ubuntu6.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kugar_1.6.3-7ubuntu6.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/karbon_1.6.3-7ubuntu6.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dbg_1.6.3-7ubuntu6.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/koffice-dev_1.6.3-7ubuntu6.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kexi_1.6.3-7ubuntu6.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/krita_1.6.3-7ubuntu6.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio-data_1.6.3-7ubuntu6.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dev_1.6.3-7ubuntu6.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dev_1.6.3-7ubuntu6.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/kexi_1.6.3-7ubuntu6.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kchart_1.6.3-7ubuntu6.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kplato_1.6.3-7ubuntu6.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/koffice-libs_1.6.3-7ubuntu6.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.6.3-7ubuntu6.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/kivio_1.6.3-7ubuntu6.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword-data_1.6.3-7ubuntu6.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/karbon_1.6.3-7ubuntu6.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword_1.6.3-7ubuntu6.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/koffice-dbg_1.6.3-7ubuntu6.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koshell_1.6.3-7ubuntu6.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/koffice-dev_1.6.3-7ubuntu6.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/kpresenter_1.6.3-7ubuntu6.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio_1.6.3-7ubuntu6.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/kivio_1.6.3-7ubuntu6.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dbg_1.6.3-7ubuntu6.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kugar_1.6.3-7ubuntu6.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/karbon_1.6.3-7ubuntu6.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/koshell_1.6.3-7ubuntu6.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.6.3-7ubuntu6.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/kchart_1.6.3-7ubuntu6.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/kword_1.6.3-7ubuntu6.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio_1.6.3-7ubuntu6.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/karbon_1.6.3-7ubuntu6.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/kword_1.6.3-7ubuntu6.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/k/koffice/kexi_1.6.3-7ubuntu6.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita-data_1.6.3-7ubuntu6.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword_1.6.3-7ubuntu6.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kspread_1.6.3-7ubuntu6.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1196"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1196"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1183"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1187"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1180"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0165"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0800"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3608"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1188"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1182"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4653"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3702"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3702"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3938"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0166"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1790"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2142"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1789"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3703"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1181"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1179"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1188"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3938"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1788"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201310-03.xml"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3704"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1187"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3704"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4654"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0146"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4654"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0799"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2142"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3703"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4653"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0147"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1284"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0827"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0829"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0739"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1284"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0827"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0829"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0739"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_research/"
},
{
"trust": 0.1,
"url": "http://secunia.com/corporate/jobs/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/mailing_lists/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-37641"
},
{
"db": "VULMON",
"id": "CVE-2009-0195"
},
{
"db": "BID",
"id": "34791"
},
{
"db": "PACKETSTORM",
"id": "92846"
},
{
"db": "PACKETSTORM",
"id": "82088"
},
{
"db": "PACKETSTORM",
"id": "82087"
},
{
"db": "PACKETSTORM",
"id": "83554"
},
{
"db": "PACKETSTORM",
"id": "123523"
},
{
"db": "PACKETSTORM",
"id": "89656"
},
{
"db": "PACKETSTORM",
"id": "76775"
},
{
"db": "CNNVD",
"id": "CNNVD-200904-446"
},
{
"db": "NVD",
"id": "CVE-2009-0195"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-37641"
},
{
"db": "VULMON",
"id": "CVE-2009-0195"
},
{
"db": "BID",
"id": "34791"
},
{
"db": "PACKETSTORM",
"id": "92846"
},
{
"db": "PACKETSTORM",
"id": "82088"
},
{
"db": "PACKETSTORM",
"id": "82087"
},
{
"db": "PACKETSTORM",
"id": "83554"
},
{
"db": "PACKETSTORM",
"id": "123523"
},
{
"db": "PACKETSTORM",
"id": "89656"
},
{
"db": "PACKETSTORM",
"id": "76775"
},
{
"db": "CNNVD",
"id": "CNNVD-200904-446"
},
{
"db": "NVD",
"id": "CVE-2009-0195"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-04-23T00:00:00",
"db": "VULHUB",
"id": "VHN-37641"
},
{
"date": "2009-04-23T00:00:00",
"db": "VULMON",
"id": "CVE-2009-0195"
},
{
"date": "2009-04-17T00:00:00",
"db": "BID",
"id": "34791"
},
{
"date": "2010-08-17T22:47:11",
"db": "PACKETSTORM",
"id": "92846"
},
{
"date": "2009-10-21T03:01:09",
"db": "PACKETSTORM",
"id": "82088"
},
{
"date": "2009-10-21T02:57:54",
"db": "PACKETSTORM",
"id": "82087"
},
{
"date": "2009-12-08T01:31:40",
"db": "PACKETSTORM",
"id": "83554"
},
{
"date": "2013-10-07T22:31:57",
"db": "PACKETSTORM",
"id": "123523"
},
{
"date": "2010-05-19T04:25:31",
"db": "PACKETSTORM",
"id": "89656"
},
{
"date": "2009-04-17T17:26:21",
"db": "PACKETSTORM",
"id": "76775"
},
{
"date": "2009-04-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200904-446"
},
{
"date": "2009-04-23T17:30:01.627000",
"db": "NVD",
"id": "CVE-2009-0195"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-03-06T00:00:00",
"db": "VULHUB",
"id": "VHN-37641"
},
{
"date": "2019-03-06T00:00:00",
"db": "VULMON",
"id": "CVE-2009-0195"
},
{
"date": "2015-04-13T21:13:00",
"db": "BID",
"id": "34791"
},
{
"date": "2019-04-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200904-446"
},
{
"date": "2019-03-06T16:30:38.330000",
"db": "NVD",
"id": "CVE-2009-0195"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200904-446"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foolabs Xpdf decoder JBIG2 Heap buffer overflow and code execution vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200904-446"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200904-446"
}
],
"trust": 0.6
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.