CVE-2009-1179

N/A Unknown
Published: April 23, 2009 Modified: April 23, 2026
View on NVD

Description

Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html
Source: secalert@redhat.com
http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html
Source: secalert@redhat.com
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html
Source: secalert@redhat.com
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
Source: secalert@redhat.com
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
Source: secalert@redhat.com
http://poppler.freedesktop.org/releases.html
Source: secalert@redhat.com
http://rhn.redhat.com/errata/RHSA-2009-0458.html
Source: secalert@redhat.com
http://secunia.com/advisories/34291
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/34481
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/34746
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/34755
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/34756
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/34852
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/34959
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/34963
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/34991
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/35037
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/35064
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/35065
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/35379
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/35618
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/35685
Source: secalert@redhat.com
Vendor Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477
Source: secalert@redhat.com
http://support.apple.com/kb/HT3613
Source: secalert@redhat.com
http://support.apple.com/kb/HT3639
Source: secalert@redhat.com
http://www.debian.org/security/2009/dsa-1790
Source: secalert@redhat.com
http://www.debian.org/security/2009/dsa-1793
Source: secalert@redhat.com
http://www.kb.cert.org/vuls/id/196617
Source: secalert@redhat.com
US Government Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2009:101
Source: secalert@redhat.com
http://www.mandriva.com/security/advisories?name=MDVSA-2010:087
Source: secalert@redhat.com
http://www.mandriva.com/security/advisories?name=MDVSA-2011:175
Source: secalert@redhat.com
http://www.redhat.com/support/errata/RHSA-2009-0429.html
Source: secalert@redhat.com
http://www.redhat.com/support/errata/RHSA-2009-0430.html
Source: secalert@redhat.com
Patch
http://www.redhat.com/support/errata/RHSA-2009-0431.html
Source: secalert@redhat.com
http://www.redhat.com/support/errata/RHSA-2009-0480.html
Source: secalert@redhat.com
http://www.securityfocus.com/bid/34568
Source: secalert@redhat.com
http://www.securitytracker.com/id?1022073
Source: secalert@redhat.com
http://www.vupen.com/english/advisories/2009/1065
Source: secalert@redhat.com
Vendor Advisory
http://www.vupen.com/english/advisories/2009/1066
Source: secalert@redhat.com
Vendor Advisory
http://www.vupen.com/english/advisories/2009/1076
Source: secalert@redhat.com
Vendor Advisory
http://www.vupen.com/english/advisories/2009/1077
Source: secalert@redhat.com
Vendor Advisory
http://www.vupen.com/english/advisories/2009/1522
Source: secalert@redhat.com
Vendor Advisory
http://www.vupen.com/english/advisories/2009/1621
Source: secalert@redhat.com
Vendor Advisory
http://www.vupen.com/english/advisories/2010/1040
Source: secalert@redhat.com
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=495889
Source: secalert@redhat.com
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11892
Source: secalert@redhat.com
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html
Source: secalert@redhat.com
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html
Source: secalert@redhat.com
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html
Source: secalert@redhat.com
http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://poppler.freedesktop.org/releases.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://rhn.redhat.com/errata/RHSA-2009-0458.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/34291
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/34481
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/34746
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/34755
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/34756
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/34852
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/34959
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/34963
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/34991
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/35037
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/35064
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/35065
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/35379
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/35618
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/35685
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477
Source: af854a3a-2127-422b-91ae-364da2661108
http://support.apple.com/kb/HT3613
Source: af854a3a-2127-422b-91ae-364da2661108
http://support.apple.com/kb/HT3639
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2009/dsa-1790
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2009/dsa-1793
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.kb.cert.org/vuls/id/196617
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2009:101
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.mandriva.com/security/advisories?name=MDVSA-2010:087
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.mandriva.com/security/advisories?name=MDVSA-2011:175
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2009-0429.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2009-0430.html
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
http://www.redhat.com/support/errata/RHSA-2009-0431.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2009-0480.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/34568
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securitytracker.com/id?1022073
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2009/1065
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.vupen.com/english/advisories/2009/1066
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.vupen.com/english/advisories/2009/1076
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.vupen.com/english/advisories/2009/1077
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.vupen.com/english/advisories/2009/1522
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.vupen.com/english/advisories/2009/1621
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.vupen.com/english/advisories/2010/1040
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=495889
Source: af854a3a-2127-422b-91ae-364da2661108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11892
Source: af854a3a-2127-422b-91ae-364da2661108
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html
Source: af854a3a-2127-422b-91ae-364da2661108
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html
Source: af854a3a-2127-422b-91ae-364da2661108
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html
Source: af854a3a-2127-422b-91ae-364da2661108

98 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
27.8%
96th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-189

Affected Vendors

apple poppler foolabs glyphandcog

Related CVEs

CVE-2026-7002 7.3
CVE-2026-7001 2.4
CVE-2026-7000 2.4
CVE-2026-6999 2.4
CVE-2026-6998 2.4