CVE-2009-1182

N/A Unknown
Published: April 23, 2009 Modified: April 23, 2026
View on NVD

Description

Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html
Source: secalert@redhat.com
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
Source: secalert@redhat.com
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
Source: secalert@redhat.com
http://poppler.freedesktop.org/releases.html
Source: secalert@redhat.com
http://rhn.redhat.com/errata/RHSA-2009-0458.html
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/34291
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/34481
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/34746
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/34755
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/34756
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/34852
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/34959
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/34963
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/34991
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/35037
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/35064
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/35065
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/35618
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/35685
Source: secalert@redhat.com
Vendor Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477
Source: secalert@redhat.com
http://www.debian.org/security/2009/dsa-1790
Source: secalert@redhat.com
http://www.debian.org/security/2009/dsa-1793
Source: secalert@redhat.com
http://www.kb.cert.org/vuls/id/196617
Source: secalert@redhat.com
US Government Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2009:101
Source: secalert@redhat.com
http://www.mandriva.com/security/advisories?name=MDVSA-2010:087
Source: secalert@redhat.com
http://www.mandriva.com/security/advisories?name=MDVSA-2011:175
Source: secalert@redhat.com
http://www.redhat.com/support/errata/RHSA-2009-0429.html
Source: secalert@redhat.com
http://www.redhat.com/support/errata/RHSA-2009-0430.html
Source: secalert@redhat.com
http://www.redhat.com/support/errata/RHSA-2009-0431.html
Source: secalert@redhat.com
http://www.redhat.com/support/errata/RHSA-2009-0480.html
Source: secalert@redhat.com
http://www.securityfocus.com/bid/34568
Source: secalert@redhat.com
http://www.securitytracker.com/id?1022073
Source: secalert@redhat.com
http://www.vupen.com/english/advisories/2009/1065
Source: secalert@redhat.com
Vendor Advisory
http://www.vupen.com/english/advisories/2009/1066
Source: secalert@redhat.com
Vendor Advisory
http://www.vupen.com/english/advisories/2009/1076
Source: secalert@redhat.com
Vendor Advisory
http://www.vupen.com/english/advisories/2009/1077
Source: secalert@redhat.com
Vendor Advisory
http://www.vupen.com/english/advisories/2010/1040
Source: secalert@redhat.com
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=495896
Source: secalert@redhat.com
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10735
Source: secalert@redhat.com
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html
Source: secalert@redhat.com
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html
Source: secalert@redhat.com
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html
Source: secalert@redhat.com
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://poppler.freedesktop.org/releases.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://rhn.redhat.com/errata/RHSA-2009-0458.html
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/34291
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/34481
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/34746
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/34755
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/34756
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/34852
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/34959
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/34963
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/34991
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/35037
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/35064
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/35065
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/35618
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/35685
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2009/dsa-1790
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2009/dsa-1793
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.kb.cert.org/vuls/id/196617
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2009:101
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.mandriva.com/security/advisories?name=MDVSA-2010:087
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.mandriva.com/security/advisories?name=MDVSA-2011:175
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2009-0429.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2009-0430.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2009-0431.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2009-0480.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/34568
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securitytracker.com/id?1022073
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2009/1065
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.vupen.com/english/advisories/2009/1066
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.vupen.com/english/advisories/2009/1076
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.vupen.com/english/advisories/2009/1077
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.vupen.com/english/advisories/2010/1040
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=495896
Source: af854a3a-2127-422b-91ae-364da2661108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10735
Source: af854a3a-2127-422b-91ae-364da2661108
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html
Source: af854a3a-2127-422b-91ae-364da2661108
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html
Source: af854a3a-2127-422b-91ae-364da2661108
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html
Source: af854a3a-2127-422b-91ae-364da2661108

84 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
7.1%
92th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-119

Affected Vendors

apple poppler foolabs glyphandcog

Related CVEs

CVE-2026-7002 7.3
CVE-2026-7001 2.4
CVE-2026-7000 2.4
CVE-2026-6999 2.4
CVE-2026-6998 2.4