Lucene search
Ubuntu.comUB:CVE-2009-3608HistoryOct 21, 2009 - 12:00 a.m.
CVE-2009-3608
2009-10-2100:00:00
ubuntu.com
ubuntu.com
14
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.086 Low
EPSS
Percentile
94.5%
Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in
Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf,
kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to
execute arbitrary code via a crafted PDF document that triggers a
heap-based buffer overflow.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 18.04 | noarch | ipe | < any | UNKNOWN |
| ubuntu | 20.04 | noarch | ipe | < any | UNKNOWN |
| ubuntu | 22.04 | noarch | ipe | < any | UNKNOWN |
| ubuntu | 23.10 | noarch | ipe | < any | UNKNOWN |
| ubuntu | 24.04 | noarch | ipe | < any | UNKNOWN |
| ubuntu | 16.04 | noarch | ipe | < any | UNKNOWN |
| ubuntu | 9.04 | noarch | koffice | < 1:1.6.3-7ubuntu6.1 | UNKNOWN |
| ubuntu | 17.10 | noarch | poppler | < 0.12.2-2.1ubuntu1 | UNKNOWN |
| ubuntu | 18.04 | noarch | poppler | < 0.12.2-2.1ubuntu1 | UNKNOWN |
| ubuntu | 18.10 | noarch | poppler | < 0.12.2-2.1ubuntu1 | UNKNOWN |
Related
securityvulns
securityvulns
[oCERT-2009-016] Poppler, xpdf integer overflow during heap allocation
2009-10-22 00:00:00
CUPS / poppler / xpdf / Adobe Reader multipls security vulnerabilities
2009-10-28 00:00:00
[USN-850-1] poppler vulnerabilities
2009-10-22 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package kdegraphics version 3.5.10-alt3
2009-10-19 00:00:00
Security fix for the ALT Linux 5 package poppler5 version 0.12.1-alt1
2009-10-19 00:00:00
Security fix for the ALT Linux 5 package xpdf version 3.02-alt7
2009-11-15 00:00:00
cvelist
cvelist
CVE-2009-3608
2009-10-21 17:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:38:29
prion
prion
Integer overflow
2009-10-21 17:30:00
cve
cve
CVE-2009-3608
2009-10-21 17:30:00
CVE-2009-3908
2022-10-03 16:23:56
nvd
nvd
CVE-2009-3608
2009-10-21 17:30:00
CVE-2009-3908
2009-12-12 02:30:00
debiancve
debiancve
CVE-2009-3608
2009-10-21 17:30:00
nessus
nessus
SuSE 10 Security Update : kdegraphics3-pdf (ZYPP Patch Number 6652)
2010-10-11 00:00:00
openSUSE 10 Security Update : cups (cups-6565)
2009-11-16 00:00:00
openSUSE Security Update : kdegraphics3-pdf (kdegraphics3-pdf-1536)
2009-11-16 00:00:00
openvas
openvas
Mandriva Update for irqbalance MDVA-2010:086 (irqbalance)
2010-03-12 00:00:00
SLES10: Security update for kdegraphics3-pdf
2009-11-17 00:00:00
Mandrake Security Advisory MDVSA-2009:280 (cups)
2009-10-27 00:00:00
redhat
redhat
(RHSA-2009:1513) Moderate: cups security update
2009-10-15 00:00:00
(RHSA-2009:1504) Important: poppler security and bug fix update
2009-10-15 00:00:00
(RHSA-2009:1512) Important: kdegraphics security update
2009-10-15 00:00:00
oraclelinux
oraclelinux
cups security update
2009-10-15 00:00:00
poppler security and bug fix update
2009-10-15 00:00:00
kdegraphics security update
2009-10-15 00:00:00
centos
centos
cups security update
2009-10-30 14:43:47
poppler security update
2009-10-30 14:43:58
kdegraphics security update
2009-10-16 13:29:57
ubuntu
ubuntu
poppler vulnerabilities
2009-11-02 00:00:00
poppler vulnerabilities
2009-10-21 00:00:00
KOffice vulnerabilities
2010-08-17 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: poppler-0.8.7-7.fc10
2009-10-27 07:05:29
[SECURITY] Fedora 12 Update: pdfedit-0.4.3-4.fc12
2010-02-20 00:25:46
[SECURITY] Fedora 11 Update: poppler-0.10.7-3.fc11
2009-10-27 07:15:39
debian
debian
[SECURITY] [DSA 2028-1] New xpdf packages fix several vulnerabilities
2010-04-05 15:23:30
[SECURITY] [DSA 2050-1] New kdegraphics packages fix several vulnerabilities
2010-05-24 15:38:34
osv
osv
xpdf - several vulnerabilities
2010-04-05 00:00:00
kdegraphics - several vulnerabilities
2010-05-24 00:00:00
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.086 Low
EPSS
Percentile
94.5%
Related for UB:CVE-2009-3608