SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information


 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips

Vulnerability Note VU#196617

Xpdf and poppler contain multiple vulnerabilities in the processing of JBIG2 data

Overview

Xpdf and poppler contain multiple vulnerabilities, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.

I. Description

Xpdf is an open source viewer for Portable Document Format (PDF) files. Several PDF viewing applications and libraries, such as poppler, are based on the Xpdf code. Xpdf contains multiple vulnerabilities related to the handling of PDF files that contain JBIG2 data. The vulnerabilities include, but are not limited to, a buffer overflow, an integer overflow, a null pointer dereference, and an infinite loop.

II. Impact

By convincing a user to open a malicious PDF file, an attacker may be able to execute code or cause a vulnerable PDF viewer to crash. The PDF could be emailed as an attachment or hosted on a website.

III. Solution

Apply an update

These issues are addressed in Xpdf 3.02-pl3 and poppler 0.10.6. Please check with your vendor for software updates.

Systems Affected

VendorStatusDate NotifiedDate Updated
Apple Computer, Inc.Vulnerable2009-02-232009-05-13
Artifex Software, Inc.Unknown2009-02-232009-02-23
Conectiva Inc.Unknown2009-04-062009-04-06
Cray Inc.Unknown2009-04-062009-04-06
Debian GNU/LinuxVulnerable2009-04-062009-05-06
EMC CorporationUnknown2009-04-062009-04-06
Engarde Secure LinuxUnknown2009-04-062009-04-06
F5 Networks, Inc.Unknown2009-04-062009-04-06
Fedora ProjectVulnerable2009-04-062009-04-16
Foxit Software CompanyUnknown2009-02-232009-02-23
FujitsuUnknown2009-04-062009-04-06
Gentoo LinuxVulnerable2009-04-16
GoogleUnknown2009-02-232009-04-08
Hewlett-Packard CompanyUnknown2009-04-062009-04-06
HitachiUnknown2009-04-062009-04-06
IBM CorporationUnknown2009-04-062009-04-06
IBM Corporation (zseries)Unknown2009-04-062009-04-06
IBM eServerUnknown2009-04-062009-04-06
Ingrian Networks, Inc.Unknown2009-04-062009-04-06
Juniper Networks, Inc.Unknown2009-04-062009-04-06
Mandriva S. A.Vulnerable2009-04-062009-04-29
Microsoft CorporationUnknown2009-04-062009-04-06
MontaVista Software, Inc.Unknown2009-04-062009-04-06
NEC CorporationUnknown2009-04-062009-04-06
NetBSDUnknown2009-04-062009-04-06
NokiaUnknown2009-04-062009-04-06
Novell, Inc.Vulnerable2009-03-122009-04-16
PopplerVulnerable2009-04-16
QNX, Software Systems, Inc.Unknown2009-04-062009-04-06
Red Hat, Inc.Vulnerable2009-03-122009-04-17
Research in Motion (RIM)Vulnerable2009-03-312009-04-16
Silicon Graphics, Inc.Unknown2009-04-062009-04-06
Slackware Linux Inc.Vulnerable2009-04-062009-04-16
Sony CorporationUnknown2009-04-062009-04-06
Sun Microsystems, Inc.Unknown2009-04-062009-04-06
SUSE LinuxVulnerable2009-03-302009-04-16
The SCO GroupUnknown2009-04-062009-04-06
TurbolinuxVulnerable2009-04-062009-04-16
UbuntuVulnerable2009-03-122009-04-16
UnisysUnknown2009-04-062009-04-06
Wind River Systems, Inc.Unknown2009-04-062009-04-06
xpdfVulnerable2009-02-232009-04-16
Yahoo, Inc.Unknown2009-02-232009-02-23

References

http://www.us-cert.gov/cas/tips/ST04-010.html
http://www.cert.org/tech_tips/securing_browser/
http://cgit.freedesktop.org/poppler/poppler/commit/?id=9f1312f3d7dfa7e536606a7c7296b7c876b11c00
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl3.patch
http://www.ubuntu.com/usn/usn-759-1
http://blackberry.com/btsc/KB17953
http://rhn.redhat.com/errata/RHSA-2009-0429.html
http://rhn.redhat.com/errata/RHSA-2009-0431.html
http://www.mandriva.com/en/security/advisories?name=MDVSA-2009:101
http://www.debian.org/security/2009/dsa-1790
http://support.apple.com/kb/HT3549
http://secunia.com/advisories/34291/
http://www.securitytracker.com/alerts/2009/Apr/1022072.html
http://www.securityfocus.com/bid/34568
http://jvn.jp/cert/JVNVU196617/index.html

Credit

These vulnerabilities were reported by Will Dormann of the CERT/CC.

This document was written by Will Dormann.

Other Information

Date Public:2009-04-16
Date First Published:2009-04-16
Date Last Updated:2009-05-13
CERT Advisory: 
CVE-ID(s):CVE-2009-0799; CVE-2009-0800; CVE-2009-1179; CVE-2009-1180; CVE-2009-1181; CVE-2009-1182; CVE-2009-1183; CVE-2009-1187; CVE-2009-1188
NVD-ID(s):CVE-2009-0799 CVE-2009-0800 CVE-2009-1179 CVE-2009-1180 CVE-2009-1181 CVE-2009-1182 CVE-2009-1183 CVE-2009-1187 CVE-2009-1188
US-CERT Technical Alerts: 
Metric:5.01
Document Revision:30

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

 
Page Corner Image
Produced 2009 by US-CERT, a government organization
Disclaimers and copyright information
Get Adobe Reader Get Adobe Reader