Moderate

CVE-2009-0166 - Resource Management Errors vulnerability in multiple products

Publication: 2009-04-23
Summary

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory.

Classification
CWE-399: Resource Management Errors

Risk level (CVSS 4.3)

Moderate

4.3

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

  • Foolabs Xpdf 0.92e
  • Poppler Poppler 0.1
  • Poppler Poppler 0.1.1
  • Poppler Poppler 0.1.2
  • Foolabs Xpdf 0.2
  • Poppler Poppler 0.2.0
  • Foolabs Xpdf 0.3
  • Poppler Poppler 0.3.0
  • Poppler Poppler 0.3.1
  • Poppler Poppler 0.3.2
  • Poppler Poppler 0.3.3
  • Poppler Poppler 0.4.0
  • Foolabs Xpdf 0.4
  • Poppler Poppler 0.4.1
  • Poppler Poppler 0.4.2
  • Poppler Poppler 0.4.3
  • Poppler Poppler 0.4.4
  • Foolabs Xpdf 0.5
  • Poppler Poppler 0.5.0
  • Poppler Poppler 0.5.1
  • Poppler Poppler 0.5.2
  • Poppler Poppler 0.5.3
  • Poppler Poppler 0.5.4
  • Poppler Poppler 0.5.9
  • Poppler Poppler 0.5.90
  • Poppler Poppler 0.5.91
  • Poppler Poppler 0.6.0
  • Foolabs Xpdf 0.6
  • Poppler Poppler 0.6.1
  • Poppler Poppler 0.6.2
  • Poppler Poppler 0.6.3
  • Poppler Poppler 0.6.4
  • Poppler Poppler 0.7.0
  • Foolabs Xpdf 0.7
  • Poppler Poppler 0.7.1
  • Poppler Poppler 0.7.2
  • Poppler Poppler 0.7.3
  • Poppler Poppler 0.8.0
  • Poppler Poppler 0.8.1
  • Poppler Poppler 0.8.2
  • Poppler Poppler 0.8.3
  • Poppler Poppler 0.8.4
  • Poppler Poppler 0.8.5
  • Poppler Poppler 0.8.6
  • Poppler Poppler 0.8.7
  • Poppler Poppler 0.9.0
  • Poppler Poppler 0.9.1
  • Poppler Poppler 0.9.2
  • Poppler Poppler 0.9.3
  • Poppler Poppler 0.10.0
  • Poppler Poppler 0.10.1
  • Poppler Poppler 0.10.2
  • Poppler Poppler 0.10.3
  • Poppler Poppler 0.10.4
  • Poppler Poppler 0.10.5
  • Apple Cups 1.1.9-1
  • Foolabs Xpdf 1.00a
  • Foolabs Xpdf 0.93c
  • Foolabs Xpdf 0.93b
  • Foolabs Xpdf 0.93a
  • Apple Cups 1.1.6-1
  • Foolabs Xpdf 0.92d
  • Foolabs Xpdf 0.92c
  • Foolabs Xpdf 0.92b
  • Foolabs Xpdf 0.92a
  • Foolabs Xpdf 0.91c
  • Foolabs Xpdf 0.91b
  • Foolabs Xpdf 0.91a
  • Foolabs Xpdf 0.7a
  • Apple Cups 1.1.10-1
  • Foolabs Xpdf 0.5a
  • Apple Cups 1.1.6-2
  • Apple Cups 1.1.6-3
  • Apple Cups 1.1.5-1
  • Apple Cups 1.1.5-2
  • Foolabs Xpdf 0.80
  • Foolabs Xpdf 0.90
  • Foolabs Xpdf 0.91
  • Foolabs Xpdf 0.92
  • Foolabs Xpdf 0.93
  • Foolabs Xpdf 1.00
  • Apple Cups 1.1
  • Foolabs Xpdf 1.01
  • Apple Cups 1.1.1
  • Apple Cups 1.1.2
  • Apple Cups 1.1.3
  • Apple Cups 1.1.4
  • Apple Cups 1.1.5
  • Apple Cups 1.1.6
  • Apple Cups 1.1.7
  • Apple Cups 1.1.8
  • Apple Cups 1.1.9
  • Apple Cups 1.1.10
  • Apple Cups 1.1.11
  • Apple Cups 1.1.12
  • Apple Cups 1.1.13
  • Apple Cups 1.1.14
  • Apple Cups 1.1.15
  • Apple Cups 1.1.16
  • Apple Cups 1.1.17
  • Apple Cups 1.1.18
  • Apple Cups 1.1.19
  • Apple Cups 1.1.19
  • Apple Cups 1.1.19
  • Apple Cups 1.1.19
  • Apple Cups 1.1.19
  • Apple Cups 1.1.19
  • Apple Cups 1.1.20
  • Apple Cups 1.1.20
  • Apple Cups 1.1.20
  • Apple Cups 1.1.20
  • Apple Cups 1.1.20
  • Apple Cups 1.1.20
  • Apple Cups 1.1.20
  • Apple Cups 1.1.21
  • Apple Cups 1.1.21
  • Apple Cups 1.1.21
  • Apple Cups 1.1.22
  • Apple Cups 1.1.22
  • Apple Cups 1.1.22
  • Apple Cups 1.1.23
  • Apple Cups 1.1.23
  • Apple Cups 1.2.0
  • Apple Cups 1.2.1
  • Apple Cups 1.2.2
  • Apple Cups 1.2.3
  • Apple Cups 1.2.4
  • Apple Cups 1.2.5
  • Apple Cups 1.2.6
  • Apple Cups 1.2.7
  • Apple Cups 1.2.8
  • Apple Cups 1.2.9
  • Apple Cups 1.2.10
  • Apple Cups 1.2.11
  • Apple Cups 1.2.12
  • Apple Cups 1.3.0
  • Apple Cups 1.3.1
  • Apple Cups 1.3.2
  • Apple Cups 1.3.3
  • Apple Cups 1.3.4
  • Apple Cups 1.3.5
  • Apple Cups 1.3.6
  • Apple Cups 1.3.7
  • Apple Cups 1.3.8
  • Apple Cups 1.3.9
  • Apple Cups 1.3.10
  • Apple Cups 1.3.11
  • Foolabs Xpdf 2.00
  • Foolabs Xpdf 2.01
  • Foolabs Xpdf 2.02
  • Foolabs Xpdf 2.03
  • Foolabs Xpdf 3.00
  • Foolabs Xpdf 3.01
  • Foolabs Xpdf 3.02

References