Search CVE reports

21 – 30 of 77 results

Detailed view

Sort by:

CVE-2009-1187

Medium priority

Some fixes available 5 of 19

Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).

14 affected packages

cups, cupsys, evince, gpdf, ipe...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
cups	—	—	—	—	—
cupsys	—	—	—	—	—
evince	—	—	—	—	—
gpdf	—	—	—	—	—
ipe	—	—	—	—	—
kdegraphics	—	—	—	—	—
koffice	—	—	—	—	—
libextractor	—	—	—	—	—
pdfkit.framework	—	—	—	—	—
pdftohtml	—	—	—	—	—
poppler	—	—	—	—	—
tetex-bin	—	—	—	—	—
texlive-bin	—	—	—	—	—
xpdf	—	—	—	—	—

CVE-2009-1183

Medium priority

Some fixes available 34 of 76

The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file.

14 affected packages

cups, cupsys, evince, gpdf, ipe...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
cups	—	Not affected	Not affected	Not affected	Not affected
cupsys	—	Not in release	Not in release	Not in release	Not in release
evince	—	Not affected	Not affected	Not affected	Not affected
gpdf	—	Not in release	Not in release	Not in release	Not in release
ipe	—	Not affected	Not affected	Not affected	Not affected
kdegraphics	—	Not in release	Not in release	Not in release	Not in release
koffice	—	Not in release	Not in release	Not in release	Not in release
libextractor	—	Not affected	Not affected	Not affected	Not affected
pdfkit.framework	—	Not in release	Not in release	Not in release	Not in release
pdftohtml	—	Not in release	Not in release	Not in release	Not in release
poppler	—	Fixed	Fixed	Fixed	Fixed
tetex-bin	—	Not in release	Not in release	Not in release	Not in release
texlive-bin	—	Not affected	Not affected	Not affected	Not affected
xpdf	—	Not affected	Not in release	Not affected	Not affected

CVE-2009-1182

Medium priority

Some fixes available 34 of 76

Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.

14 affected packages

cups, cupsys, evince, gpdf, ipe...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
cups	—	Not affected	Not affected	Not affected	Not affected
cupsys	—	Not in release	Not in release	Not in release	Not in release
evince	—	Not affected	Not affected	Not affected	Not affected
gpdf	—	Not in release	Not in release	Not in release	Not in release
ipe	—	Not affected	Not affected	Not affected	Not affected
kdegraphics	—	Not in release	Not in release	Not in release	Not in release
koffice	—	Not in release	Not in release	Not in release	Not in release
libextractor	—	Not affected	Not affected	Not affected	Not affected
pdfkit.framework	—	Not in release	Not in release	Not in release	Not in release
pdftohtml	—	Not in release	Not in release	Not in release	Not in release
poppler	—	Fixed	Fixed	Fixed	Fixed
tetex-bin	—	Not in release	Not in release	Not in release	Not in release
texlive-bin	—	Not affected	Not affected	Not affected	Not affected
xpdf	—	Not affected	Not in release	Not affected	Not affected

CVE-2009-1181

Medium priority

Some fixes available 35 of 78

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a NULL pointer dereference.

14 affected packages

cups, cupsys, evince, gpdf, ipe...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
cups	—	Not affected	Not affected	Not affected	Not affected
cupsys	—	Not in release	Not in release	Not in release	Not in release
evince	—	Not affected	Not affected	Not affected	Not affected
gpdf	—	Not in release	Not in release	Not in release	Not in release
ipe	—	Not affected	Not affected	Not affected	Not affected
kdegraphics	—	Not in release	Not in release	Not in release	Not in release
koffice	—	Not in release	Not in release	Not in release	Not in release
libextractor	—	Not affected	Not affected	Not affected	Not affected
pdfkit.framework	—	Not in release	Not in release	Not in release	Not in release
pdftohtml	—	Not in release	Not in release	Not in release	Not in release
poppler	—	Fixed	Fixed	Fixed	Fixed
tetex-bin	—	Not in release	Not in release	Not in release	Not in release
texlive-bin	—	Not affected	Not affected	Not affected	Not affected
xpdf	—	Not affected	Not in release	Not affected	Not affected

CVE-2009-1180

Medium priority

Some fixes available 35 of 78

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data.

14 affected packages

cups, cupsys, evince, gpdf, ipe...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
cups	—	Not affected	Not affected	Not affected	Not affected
cupsys	—	Not in release	Not in release	Not in release	Not in release
evince	—	Not affected	Not affected	Not affected	Not affected
gpdf	—	Not in release	Not in release	Not in release	Not in release
ipe	—	Not affected	Not affected	Not affected	Not affected
kdegraphics	—	Not in release	Not in release	Not in release	Not in release
koffice	—	Not in release	Not in release	Not in release	Not in release
libextractor	—	Not affected	Not affected	Not affected	Not affected
pdfkit.framework	—	Not in release	Not in release	Not in release	Not in release
pdftohtml	—	Not in release	Not in release	Not in release	Not in release
poppler	—	Fixed	Fixed	Fixed	Fixed
tetex-bin	—	Not in release	Not in release	Not in release	Not in release
texlive-bin	—	Not affected	Not affected	Not affected	Not affected
xpdf	—	Not affected	Not in release	Not affected	Not affected

CVE-2009-1179

Medium priority

Some fixes available 35 of 78

Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file.

14 affected packages

cups, cupsys, evince, gpdf, ipe...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
cups	—	Not affected	Not affected	Not affected	Not affected
cupsys	—	Not in release	Not in release	Not in release	Not in release
evince	—	Not affected	Not affected	Not affected	Not affected
gpdf	—	Not in release	Not in release	Not in release	Not in release
ipe	—	Not affected	Not affected	Not affected	Not affected
kdegraphics	—	Not in release	Not in release	Not in release	Not in release
koffice	—	Not in release	Not in release	Not in release	Not in release
libextractor	—	Not affected	Not affected	Not affected	Not affected
pdfkit.framework	—	Not in release	Not in release	Not in release	Not in release
pdftohtml	—	Not in release	Not in release	Not in release	Not in release
poppler	—	Fixed	Fixed	Fixed	Fixed
tetex-bin	—	Not in release	Not in release	Not in release	Not in release
texlive-bin	—	Not affected	Not affected	Not affected	Not affected
xpdf	—	Not affected	Not in release	Not affected	Not affected

CVE-2009-0800

Medium priority

Some fixes available 35 of 78

Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.

14 affected packages

cups, cupsys, evince, gpdf, ipe...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
cups	—	Not affected	Not affected	Not affected	Not affected
cupsys	—	Not in release	Not in release	Not in release	Not in release
evince	—	Not affected	Not affected	Not affected	Not affected
gpdf	—	Not in release	Not in release	Not in release	Not in release
ipe	—	Not affected	Not affected	Not affected	Not affected
kdegraphics	—	Not in release	Not in release	Not in release	Not in release
koffice	—	Not in release	Not in release	Not in release	Not in release
libextractor	—	Not affected	Not affected	Not affected	Not affected
pdfkit.framework	—	Not in release	Not in release	Not in release	Not in release
pdftohtml	—	Not in release	Not in release	Not in release	Not in release
poppler	—	Fixed	Fixed	Fixed	Fixed
tetex-bin	—	Not in release	Not in release	Not in release	Not in release
texlive-bin	—	Not affected	Not affected	Not affected	Not affected
xpdf	—	Not affected	Not in release	Not affected	Not affected

CVE-2009-0799

Medium priority

Some fixes available 35 of 78

14 affected packages

cups, cupsys, evince, gpdf, ipe...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
cups	—	Not affected	Not affected	Not affected	Not affected
cupsys	—	Not in release	Not in release	Not in release	Not in release
evince	—	Not affected	Not affected	Not affected	Not affected
gpdf	—	Not in release	Not in release	Not in release	Not in release
ipe	—	Not affected	Not affected	Not affected	Not affected
kdegraphics	—	Not in release	Not in release	Not in release	Not in release
koffice	—	Not in release	Not in release	Not in release	Not in release
libextractor	—	Not affected	Not affected	Not affected	Not affected
pdfkit.framework	—	Not in release	Not in release	Not in release	Not in release
pdftohtml	—	Not in release	Not in release	Not in release	Not in release
poppler	—	Fixed	Fixed	Fixed	Fixed
tetex-bin	—	Not in release	Not in release	Not in release	Not in release
texlive-bin	—	Not affected	Not affected	Not affected	Not affected
xpdf	—	Not affected	Not in release	Not affected	Not affected

CVE-2009-0166

Medium priority

Some fixes available 35 of 78

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory.

14 affected packages

cups, cupsys, evince, gpdf, ipe...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
cups	—	Not affected	Not affected	Not affected	Not affected
cupsys	—	Not in release	Not in release	Not in release	Not in release
evince	—	Not affected	Not affected	Not affected	Not affected
gpdf	—	Not in release	Not in release	Not in release	Not in release
ipe	—	Not affected	Not affected	Not affected	Not affected
kdegraphics	—	Not in release	Not in release	Not in release	Not in release
koffice	—	Not in release	Not in release	Not in release	Not in release
libextractor	—	Not affected	Not affected	Not affected	Not affected
pdfkit.framework	—	Not in release	Not in release	Not in release	Not in release
pdftohtml	—	Not in release	Not in release	Not in release	Not in release
poppler	—	Fixed	Fixed	Fixed	Fixed
tetex-bin	—	Not in release	Not in release	Not in release	Not in release
texlive-bin	—	Not affected	Not affected	Not affected	Not affected
xpdf	—	Not affected	Not in release	Not affected	Not affected

CVE-2009-0147

Medium priority

Some fixes available 21 of 58

Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to...

14 affected packages

cups, cupsys, evince, gpdf, ipe...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
cups	—	—	—	—	Not affected
cupsys	—	—	—	—	Not in release
evince	—	—	—	—	Not affected
gpdf	—	—	—	—	Not in release
ipe	—	—	—	—	Not affected
kdegraphics	—	—	—	—	Not in release
koffice	—	—	—	—	Not in release
libextractor	—	—	—	—	Not affected
pdfkit.framework	—	—	—	—	Not in release
pdftohtml	—	—	—	—	Not in release
poppler	—	—	—	—	Fixed
tetex-bin	—	—	—	—	Not in release
texlive-bin	—	—	—	—	Not affected
xpdf	—	—	—	—	Not affected

Export to JSON

Results by page: