CVE-2009-0146

Description

Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and (2) JBIG2Stream::readSymbolDictSeg.

Affected products

• Apple / cups1.3.11 – 1.3.11
• Apple / cups1.1.20 – 1.1.20
• Apple / cups1.1.20 – 1.1.20
• Apple / cups1.1.20 – 1.1.20
• Apple / cups1.1.21 – 1.1.21
• Apple / cups1.1.21 – 1.1.21
• Apple / cups1.1.21 – 1.1.21
• Apple / cups1.1.22 – 1.1.22
• Apple / cups1.1.22 – 1.1.22
• Apple / cups1.1.22 – 1.1.22
• Apple / cups1.1.23 – 1.1.23
• Apple / cups1.1.23 – 1.1.23
• Apple / cups1.2.0 – 1.2.0
• Apple / cups1.2.1 – 1.2.1
• Apple / cups1.2.2 – 1.2.2
• Apple / cups1.2.3 – 1.2.3
• Apple / cups1.2.4 – 1.2.4
• Apple / cups1.2.5 – 1.2.5
• Apple / cups1.2.6 – 1.2.6
• Apple / cups1.2.7 – 1.2.7
• Apple / cups1.2.8 – 1.2.8
• Apple / cups1.2.9 – 1.2.9
• Apple / cups1.2.10 – 1.2.10
• Apple / cups1.2.11 – 1.2.11
• Apple / cups1.2.12 – 1.2.12
• Apple / cups1.3.0 – 1.3.0
• Apple / cups1.3.1 – 1.3.1
• Apple / cups1.3.2 – 1.3.2
• Apple / cups1.3.3 – 1.3.3
• Apple / cups1.3.4 – 1.3.4
• Apple / cups1.3.5 – 1.3.5
• Apple / cups1.3.6 – 1.3.6
• Apple / cups1.3.7 – 1.3.7
• Apple / cups1.3.8 – 1.3.8
• Apple / cups1.3.10 – 1.3.10
• Apple / cups1.3.9
• Apple / cups1.1 – 1.1
• Apple / cups1.1.1 – 1.1.1
• Apple / cups1.1.2 – 1.1.2
• Apple / cups1.1.3 – 1.1.3
• Apple / cups1.1.4 – 1.1.4
• Apple / cups1.1.5 – 1.1.5
• Apple / cups1.1.5-1 – 1.1.5-1
• Apple / cups1.1.5-2 – 1.1.5-2
• Apple / cups1.1.6 – 1.1.6
• Apple / cups1.1.6-1 – 1.1.6-1
• Apple / cups1.1.6-2 – 1.1.6-2
• Apple / cups1.1.6-3 – 1.1.6-3
• Apple / cups1.1.7 – 1.1.7
• Apple / cups1.1.8 – 1.1.8
• Apple / cups1.1.9 – 1.1.9
• Apple / cups1.1.9-1 – 1.1.9-1
• Apple / cups1.1.10 – 1.1.10
• Apple / cups1.1.10-1 – 1.1.10-1
• Apple / cups1.1.11 – 1.1.11
• Apple / cups1.1.12 – 1.1.12
• Apple / cups1.1.13 – 1.1.13
• Apple / cups1.1.14 – 1.1.14
• Apple / cups1.1.15 – 1.1.15
• Apple / cups1.1.16 – 1.1.16
• Apple / cups1.1.17 – 1.1.17
• Apple / cups1.1.18 – 1.1.18
• Apple / cups1.1.19 – 1.1.19
• Apple / cups1.1.19 – 1.1.19
• Apple / cups1.1.19 – 1.1.19
• Apple / cups1.1.19 – 1.1.19
• Apple / cups1.1.19 – 1.1.19
• Apple / cups1.1.19 – 1.1.19
• Apple / cups1.1.20 – 1.1.20
• Apple / cups1.1.20 – 1.1.20
• Apple / cups1.1.20 – 1.1.20
• Apple / cups1.1.20 – 1.1.20
• foolabs / xpdf0.7a – 0.7a
• foolabs / xpdf0.91a – 0.91a
• foolabs / xpdf0.91b – 0.91b
• foolabs / xpdf0.91c – 0.91c
• foolabs / xpdf0.92a – 0.92a
• foolabs / xpdf0.92b – 0.92b
• foolabs / xpdf0.92c – 0.92c
• foolabs / xpdf0.92d – 0.92d
• foolabs / xpdf0.92e – 0.92e
• foolabs / xpdf0.93a – 0.93a
• foolabs / xpdf0.93b – 0.93b
• foolabs / xpdf0.93c – 0.93c
• foolabs / xpdf1.00a – 1.00a
• foolabs / xpdf0.5a – 0.5a
• glyphandcog / xpdfreader0.2 – 0.2
• glyphandcog / xpdfreader0.3 – 0.3
• glyphandcog / xpdfreader0.4 – 0.4
• glyphandcog / xpdfreader0.5 – 0.5
• glyphandcog / xpdfreader0.6 – 0.6
• glyphandcog / xpdfreader0.7 – 0.7
• glyphandcog / xpdfreader0.80 – 0.80
• glyphandcog / xpdfreader0.90 – 0.90
• glyphandcog / xpdfreader0.91 – 0.91
• glyphandcog / xpdfreader0.92 – 0.92
• glyphandcog / xpdfreader0.93 – 0.93
• glyphandcog / xpdfreader1.00 – 1.00
• glyphandcog / xpdfreader1.01 – 1.01
• glyphandcog / xpdfreader2.00 – 2.00
• glyphandcog / xpdfreader2.01 – 2.01
• glyphandcog / xpdfreader2.02 – 2.02
• glyphandcog / xpdfreader2.03 – 2.03
• glyphandcog / xpdfreader3.00 – 3.00
• glyphandcog / xpdfreader3.01 – 3.01
• glyphandcog / xpdfreader3.02

References

• VENDOR_ADVISORYhttp://www.debian.org/security/2009/dsa-1793
• MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9632
• MISChttp://security.gentoo.org/glsa/glsa-200904-20.xml
• VENDOR_ADVISORYhttp://secunia.com/advisories/34963
• VENDOR_ADVISORYhttp://support.apple.com/kb/HT3639
• VENDOR_ADVISORYhttp://www.debian.org/security/2009/dsa-1790
• VENDOR_ADVISORYhttp://secunia.com/advisories/35037
• VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2009/1077
• VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2009/1621
• VENDOR_ADVISORYhttp://support.apple.com/kb/HT3549
• VENDOR_ADVISORYhttp://secunia.com/advisories/35064
• VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2009/1066
• VENDOR_ADVISORYhttp://secunia.com/advisories/34481
• MISChttp://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477
• MISChttp://www.redhat.com/support/errata/RHSA-2009-0431.html
• VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2009/1065
• VENDOR_ADVISORYhttp://wiki.rpath.com/Advisories:rPSA-2009-0061
• MISChttp://bugs.gentoo.org/show_bug.cgi?id=263028
• VENDOR_ADVISORYhttp://secunia.com/advisories/35074
• MISChttp://www.redhat.com/support/errata/RHSA-2009-0430.html
• MISChttps://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html
• VENDOR_ADVISORYhttp://secunia.com/advisories/35618
• MAILING_LISThttp://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html
• MAILING_LISThttp://lists.apple.com/archives/security-announce/2009/May/msg00002.html
• MISChttps://bugzilla.redhat.com/show_bug.cgi?id=490612
• VENDOR_ADVISORYhttp://secunia.com/advisories/35065
• MISChttp://www.redhat.com/support/errata/RHSA-2009-0480.html
• MISChttp://www.securityfocus.com/bid/34568
• MISChttp://www.securityfocus.com/archive/1/502750/100/0/threaded
• VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2010/1040
• MAILING_LISThttp://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html
• MISChttp://rhn.redhat.com/errata/RHSA-2009-0458.html
• MISChttps://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html
• VENDOR_ADVISORYhttp://secunia.com/advisories/34991
• VENDOR_ADVISORYhttp://wiki.rpath.com/Advisories:rPSA-2009-0059
• VENDOR_ADVISORYhttp://www.mandriva.com/security/advisories?name=MDVSA-2009:101
• VENDOR_ADVISORYhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:087
• MAILING_LISThttp://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
• MISChttp://www.us-cert.gov/cas/techalerts/TA09-133A.html
• VENDOR_ADVISORYhttp://secunia.com/advisories/35685
• VENDOR_ADVISORYhttp://secunia.com/advisories/34756
• VENDOR_ADVISORYhttp://secunia.com/advisories/34291
• VENDOR_ADVISORYhttp://secunia.com/advisories/34755
• VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2009/1297
• MISChttp://www.securityfocus.com/archive/1/502761/100/0/threaded
• VENDOR_ADVISORYhttp://secunia.com/advisories/34852
• MAILING_LISThttp://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
• MISChttps://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html
• VENDOR_ADVISORYhttp://secunia.com/advisories/34959
• MISChttp://www.redhat.com/support/errata/RHSA-2009-0429.html
• MISChttp://www.securitytracker.com/id?1022073