CVE-2009-0147 (CNNVD-200904-442)
MEDIUM
中文标题:
Foolabs Xpdf解码器JBIG2多个整数溢出漏洞
英文标题:
Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier,...
CVSS分数:
4.3
发布时间:
2009-04-23 17:00:00
漏洞类型:
数字错误
状态:
PUBLISHED
数据质量分数:
0.30
数据版本:
v3
漏洞描述
中文描述:
Xpdf是便携文档格式(PDF)文件的开放源码查看器。 Xpdf的JBIG2解码器中存在多个整数溢出漏洞。攻击者可以创建恶意的PDF文件,如果打开了该文件就会导致Xpdf崩溃或执行任意代码。
英文描述:
Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg, (2) JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap.
CWE类型:
CWE-189
标签:
(暂无数据)
受影响产品
| 厂商 | 产品 | 版本 | 版本范围 | 平台 | CPE |
|---|---|---|---|---|---|
| foolabs | xpdf | 0.5a | - | - |
cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*
|
| foolabs | xpdf | 0.7a | - | - |
cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*
|
| foolabs | xpdf | 0.91a | - | - |
cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*
|
| foolabs | xpdf | 0.91b | - | - |
cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*
|
| foolabs | xpdf | 0.91c | - | - |
cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*
|
| foolabs | xpdf | 0.92a | - | - |
cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*
|
| foolabs | xpdf | 0.92b | - | - |
cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*
|
| foolabs | xpdf | 0.92c | - | - |
cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*
|
| foolabs | xpdf | 0.92d | - | - |
cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*
|
| foolabs | xpdf | 0.92e | - | - |
cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*
|
| foolabs | xpdf | 0.93a | - | - |
cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*
|
| foolabs | xpdf | 0.93b | - | - |
cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*
|
| foolabs | xpdf | 0.93c | - | - |
cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*
|
| foolabs | xpdf | 1.00a | - | - |
cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*
|
| glyphandcog | xpdfreader | * | - | - |
cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*
|
| glyphandcog | xpdfreader | 0.2 | - | - |
cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*
|
| glyphandcog | xpdfreader | 0.3 | - | - |
cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*
|
| glyphandcog | xpdfreader | 0.4 | - | - |
cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*
|
| glyphandcog | xpdfreader | 0.5 | - | - |
cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*
|
| glyphandcog | xpdfreader | 0.6 | - | - |
cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*
|
| glyphandcog | xpdfreader | 0.7 | - | - |
cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*
|
| glyphandcog | xpdfreader | 0.80 | - | - |
cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*
|
| glyphandcog | xpdfreader | 0.90 | - | - |
cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*
|
| glyphandcog | xpdfreader | 0.91 | - | - |
cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*
|
| glyphandcog | xpdfreader | 0.92 | - | - |
cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*
|
| glyphandcog | xpdfreader | 0.93 | - | - |
cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*
|
| glyphandcog | xpdfreader | 1.00 | - | - |
cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*
|
| glyphandcog | xpdfreader | 1.01 | - | - |
cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*
|
| glyphandcog | xpdfreader | 2.00 | - | - |
cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*
|
| glyphandcog | xpdfreader | 2.01 | - | - |
cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*
|
| glyphandcog | xpdfreader | 2.02 | - | - |
cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*
|
| glyphandcog | xpdfreader | 2.03 | - | - |
cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*
|
| glyphandcog | xpdfreader | 3.00 | - | - |
cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*
|
| glyphandcog | xpdfreader | 3.01 | - | - |
cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*
|
| apple | cups | * | - | - |
cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*
|
| apple | cups | 1.1 | - | - |
cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*
|
| apple | cups | 1.1.1 | - | - |
cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*
|
| apple | cups | 1.1.2 | - | - |
cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*
|
| apple | cups | 1.1.3 | - | - |
cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*
|
| apple | cups | 1.1.4 | - | - |
cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*
|
| apple | cups | 1.1.5 | - | - |
cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*
|
| apple | cups | 1.1.5-1 | - | - |
cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*
|
| apple | cups | 1.1.5-2 | - | - |
cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*
|
| apple | cups | 1.1.6 | - | - |
cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*
|
| apple | cups | 1.1.6-1 | - | - |
cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*
|
| apple | cups | 1.1.6-2 | - | - |
cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*
|
| apple | cups | 1.1.6-3 | - | - |
cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*
|
| apple | cups | 1.1.7 | - | - |
cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*
|
| apple | cups | 1.1.8 | - | - |
cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*
|
| apple | cups | 1.1.9 | - | - |
cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*
|
| apple | cups | 1.1.9-1 | - | - |
cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*
|
| apple | cups | 1.1.10 | - | - |
cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*
|
| apple | cups | 1.1.10-1 | - | - |
cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*
|
| apple | cups | 1.1.11 | - | - |
cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*
|
| apple | cups | 1.1.12 | - | - |
cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*
|
| apple | cups | 1.1.13 | - | - |
cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*
|
| apple | cups | 1.1.14 | - | - |
cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*
|
| apple | cups | 1.1.15 | - | - |
cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*
|
| apple | cups | 1.1.16 | - | - |
cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*
|
| apple | cups | 1.1.17 | - | - |
cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*
|
| apple | cups | 1.1.18 | - | - |
cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*
|
| apple | cups | 1.1.19 | - | - |
cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*
|
| apple | cups | 1.1.20 | - | - |
cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*
|
| apple | cups | 1.1.21 | - | - |
cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*
|
| apple | cups | 1.1.22 | - | - |
cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*
|
| apple | cups | 1.1.23 | - | - |
cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*
|
| apple | cups | 1.2.0 | - | - |
cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*
|
| apple | cups | 1.2.1 | - | - |
cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*
|
| apple | cups | 1.2.2 | - | - |
cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*
|
| apple | cups | 1.2.3 | - | - |
cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*
|
| apple | cups | 1.2.4 | - | - |
cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*
|
| apple | cups | 1.2.5 | - | - |
cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*
|
| apple | cups | 1.2.6 | - | - |
cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*
|
| apple | cups | 1.2.7 | - | - |
cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*
|
| apple | cups | 1.2.8 | - | - |
cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*
|
| apple | cups | 1.2.9 | - | - |
cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*
|
| apple | cups | 1.2.10 | - | - |
cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*
|
| apple | cups | 1.2.11 | - | - |
cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*
|
| apple | cups | 1.2.12 | - | - |
cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*
|
| apple | cups | 1.3.0 | - | - |
cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*
|
| apple | cups | 1.3.1 | - | - |
cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*
|
| apple | cups | 1.3.2 | - | - |
cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*
|
| apple | cups | 1.3.3 | - | - |
cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*
|
| apple | cups | 1.3.4 | - | - |
cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*
|
| apple | cups | 1.3.5 | - | - |
cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*
|
| apple | cups | 1.3.6 | - | - |
cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*
|
| apple | cups | 1.3.7 | - | - |
cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*
|
| apple | cups | 1.3.8 | - | - |
cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*
|
| apple | cups | 1.3.10 | - | - |
cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*
|
| apple | cups | 1.3.11 | - | - |
cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*
|
解决方案
中文解决方案:
(暂无数据)
英文解决方案:
(暂无数据)
临时解决方案:
(暂无数据)
参考链接
DSA-1793
vendor-advisory
cve.org
访问
cve.org
GLSA-200904-20
vendor-advisory
cve.org
访问
cve.org
34963
third-party-advisory
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
DSA-1790
vendor-advisory
cve.org
访问
cve.org
35037
third-party-advisory
cve.org
访问
cve.org
ADV-2009-1077
vdb-entry
cve.org
访问
cve.org
ADV-2009-1621
vdb-entry
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
35064
third-party-advisory
cve.org
访问
cve.org
ADV-2009-1066
vdb-entry
cve.org
访问
cve.org
34481
third-party-advisory
cve.org
访问
cve.org
SSA:2009-129-01
vendor-advisory
cve.org
访问
cve.org
RHSA-2009:0431
vendor-advisory
cve.org
访问
cve.org
ADV-2009-1065
vdb-entry
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
35074
third-party-advisory
cve.org
访问
cve.org
RHSA-2009:0430
vendor-advisory
cve.org
访问
cve.org
FEDORA-2009-6972
vendor-advisory
cve.org
访问
cve.org
35618
third-party-advisory
cve.org
访问
cve.org
APPLE-SA-2009-06-17-1
vendor-advisory
cve.org
访问
cve.org
APPLE-SA-2009-05-12
vendor-advisory
cve.org
访问
cve.org
35065
third-party-advisory
cve.org
访问
cve.org
RHSA-2009:0480
vendor-advisory
cve.org
访问
cve.org
34568
vdb-entry
cve.org
访问
cve.org
20090417 rPSA-2009-0061-1 cups
mailing-list
cve.org
访问
cve.org
ADV-2010-1040
vdb-entry
cve.org
访问
cve.org
SUSE-SA:2009:024
vendor-advisory
cve.org
访问
cve.org
RHSA-2009:0458
vendor-advisory
cve.org
访问
cve.org
FEDORA-2009-6982
vendor-advisory
cve.org
访问
cve.org
34991
third-party-advisory
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
MDVSA-2009:101
vendor-advisory
cve.org
访问
cve.org
MDVSA-2010:087
vendor-advisory
cve.org
访问
cve.org
SUSE-SR:2009:010
vendor-advisory
cve.org
访问
cve.org
TA09-133A
third-party-advisory
cve.org
访问
cve.org
35685
third-party-advisory
cve.org
访问
cve.org
34756
third-party-advisory
cve.org
访问
cve.org
34291
third-party-advisory
cve.org
访问
cve.org
34755
third-party-advisory
cve.org
访问
cve.org
ADV-2009-1297
vdb-entry
cve.org
访问
cve.org
20090417 rPSA-2009-0059-1 poppler
mailing-list
cve.org
访问
cve.org
34852
third-party-advisory
cve.org
访问
cve.org
SUSE-SR:2009:012
vendor-advisory
cve.org
访问
cve.org
FEDORA-2009-6973
vendor-advisory
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
34959
third-party-advisory
cve.org
访问
cve.org
oval:org.mitre.oval:def:9941
vdb-entry
cve.org
访问
cve.org
RHSA-2009:0429
vendor-advisory
cve.org
访问
cve.org
1022073
vdb-entry
cve.org
访问
cve.org
CVSS评分详情
4.3
MEDIUM
CVSS向量:
AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSS版本:
2.0
机密性
NONE
完整性
NONE
可用性
PARTIAL
时间信息
发布时间:
2009-04-23 17:00:00
修改时间:
2024-08-07 04:24:18
创建时间:
2025-11-11 15:32:59
更新时间:
2025-11-11 15:49:34
利用信息
暂无可利用代码信息
数据源详情
| 数据源 | 记录ID | 版本 | 提取时间 |
|---|---|---|---|
| CVE | cve_CVE-2009-0147 |
2025-11-11 15:18:08 | 2025-11-11 07:32:59 |
| NVD | nvd_CVE-2009-0147 |
2025-11-11 14:52:59 | 2025-11-11 07:41:46 |
| CNNVD | cnnvd_CNNVD-200904-442 |
2025-11-11 15:09:05 | 2025-11-11 07:49:34 |
版本与语言
当前版本:
v3
主要语言:
EN
支持语言:
EN
ZH
安全公告
暂无安全公告信息
变更历史
v3
CNNVD
2025-11-11 15:49:34
vulnerability_type: 未提取 → 数字错误; cnnvd_id: 未提取 → CNNVD-200904-442; data_sources: ['cve', 'nvd'] → ['cnnvd', 'cve', 'nvd']
查看详细变更
- vulnerability_type: 未提取 -> 数字错误
- cnnvd_id: 未提取 -> CNNVD-200904-442
- data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
v2
NVD
2025-11-11 15:41:46
cvss_score: 未提取 → 4.3; cvss_vector: NOT_EXTRACTED → AV:N/AC:M/Au:N/C:N/I:N/A:P; cvss_version: NOT_EXTRACTED → 2.0; affected_products_count: 0 → 90; data_sources: ['cve'] → ['cve', 'nvd']
查看详细变更
- cvss_score: 未提取 -> 4.3
- cvss_vector: NOT_EXTRACTED -> AV:N/AC:M/Au:N/C:N/I:N/A:P
- cvss_version: NOT_EXTRACTED -> 2.0
- affected_products_count: 0 -> 90
- data_sources: ['cve'] -> ['cve', 'nvd']