Several vulnerabilities have been identified in xpdf, a suite of tools
for viewing and converting Portable Document Format (PDF) files.
The Common Vulnerabilities and Exposures project identifies the
following problems:
- CVE-2009-0146
Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and
earlier, CUPS 1.3.9 and earlier, and other products allow remote
attackers to cause a denial of service (crash) via a crafted PDF file,
related to (1) JBIG2SymbolDict::setBitmap and (2)
JBIG2Stream::readSymbolDictSeg.
- CVE-2009-0147
Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and
earlier, CUPS 1.3.9 and earlier, and other products allow remote
attackers to cause a denial of service (crash) via a crafted PDF file,
related to (1) JBIG2Stream::readSymbolDictSeg, (2)
JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap.
- CVE-2009-0165
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as
used in Poppler and other products, when running on Mac OS X, has
unspecified impact, related to βg*allocn.β
- CVE-2009-0166
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and
earlier, and other products allows remote attackers to cause a denial
of service (crash) via a crafted PDF file that triggers a free of
uninitialized memory.
- CVE-2009-0799
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier,
Poppler before 0.10.6, and other products allows remote attackers to
cause a denial of service (crash) via a crafted PDF file that triggers
an out-of-bounds read.
- CVE-2009-0800
Multiple βinput validation flawsβ in the JBIG2 decoder in Xpdf 3.02pl2
and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other
products allow remote attackers to execute arbitrary code via a crafted
PDF file.
- CVE-2009-1179
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS
1.3.9 and earlier, Poppler before 0.10.6, and other products allows
remote attackers to execute arbitrary code via a crafted PDF file.
- CVE-2009-1180
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier,
Poppler before 0.10.6, and other products allows remote attackers to
execute arbitrary code via a crafted PDF file that triggers a free of
invalid data.
- CVE-2009-1181
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier,
Poppler before 0.10.6, and other products allows remote attackers to
cause a denial of service (crash) via a crafted PDF file that triggers a
NULL pointer dereference.
- CVE-2009-1182
Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and
earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other
products allow remote attackers to execute arbitrary code via a crafted
PDF file.
- CVE-2009-1183
The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and
earlier, Poppler before 0.10.6, and other products allows remote
attackers to cause a denial of service (infinite loop and hang) via a
crafted PDF file.
For the old stable distribution (etch), these problems have been fixed in version
3.01-9.1+etch6.
For the stable distribution (lenny), these problems have been fixed in version
3.02-1.4+lenny1.
For the unstable distribution (sid), these problems will be fixed in a
forthcoming version.
We recommend that you upgrade your xpdf packages.