Vulnerability Note VU#196617

Xpdf and poppler contain multiple vulnerabilities in the processing of JBIG2 data

Original Release date: 16 Apr 2009 | Last revised: 28 Mar 2012


Xpdf and poppler contain multiple vulnerabilities, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.


Xpdf is an open source viewer for Portable Document Format (PDF) files. Several PDF viewing applications and libraries, such as poppler, are based on the Xpdf code. Xpdf contains multiple vulnerabilities related to the handling of PDF files that contain JBIG2 data. The vulnerabilities include, but are not limited to, a buffer overflow, an integer overflow, a null pointer dereference, and an infinite loop.


By convincing a user to open a malicious PDF file, an attacker may be able to execute code or cause a vulnerable PDF viewer to crash. The PDF could be emailed as an attachment or hosted on a website.


Apply an update

These issues are addressed in Xpdf 3.02-pl3 and poppler 0.10.6. Please check with your vendor for software updates.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
Apple Computer, Inc.Affected23 Feb 200913 May 2009
Debian GNU/LinuxAffected06 Apr 200906 May 2009
Fedora ProjectAffected06 Apr 200916 Apr 2009
Gentoo LinuxAffected-16 Apr 2009
Mandriva S. A.Affected06 Apr 200929 Apr 2009
Novell, Inc.Affected12 Mar 200916 Apr 2009
PopplerAffected-16 Apr 2009
Red Hat, Inc.Affected12 Mar 200917 Apr 2009
Research in Motion (RIM)Affected31 Mar 200916 Apr 2009
Slackware Linux Inc.Affected06 Apr 200916 Apr 2009
SUSE LinuxAffected30 Mar 200916 Apr 2009
TurbolinuxAffected06 Apr 200916 Apr 2009
UbuntuAffected12 Mar 200916 Apr 2009
xpdfAffected23 Feb 200916 Apr 2009
Artifex Software, Inc.Unknown23 Feb 200923 Feb 2009
If you are a vendor and your product is affected, let us know.View More »

CVSS Metrics (Learn More)

Group Score Vector
Base 9.0 AV:N/AC:M/Au:N/C:C/I:C/A:P
Temporal 7.0 E:POC/RL:OF/RC:C
Environmental 7.0 CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND



These vulnerabilities were reported by Will Dormann of the CERT/CC.

This document was written by Will Dormann.

Other Information


If you have feedback, comments, or additional information about this vulnerability, please send us email.