National Cyber Awareness System

Vulnerability Summary for CVE-2009-0165

Overview

Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X, has unspecified impact, related to "g*allocn."

Impact

CVSS Severity (version 2.0):

CVSS Version 2 Metrics:

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

US-CERT Technical Alert: TA09-133A

Name: TA09-133A

Hyperlink:http://www.us-cert.gov/cas/techalerts/TA09-133A.html

External Source: CONFIRM

Name: http://bugs.gentoo.org/show_bug.cgi?id=263028

Type: Patch Information

Hyperlink:http://bugs.gentoo.org/show_bug.cgi?id=263028

External Source: XF

Name: multiple-jbig2-unspecified(50377)

Hyperlink:http://xforce.iss.net/xforce/xfdb/50377

External Source: VUPEN

Name: ADV-2009-1621

Hyperlink:http://www.vupen.com/english/advisories/2009/1621

External Source: VUPEN

Name: ADV-2009-1297

Hyperlink:http://www.vupen.com/english/advisories/2009/1297

External Source: BID

Name: 34568

Hyperlink:http://www.securityfocus.com/bid/34568

External Source: MANDRIVA

Name: MDVSA-2009:101

Hyperlink:http://www.mandriva.com/security/advisories?name=MDVSA-2009:101

External Source: DEBIAN

Name: DSA-1793

Hyperlink:http://www.debian.org/security/2009/dsa-1793

External Source: DEBIAN

Name: DSA-1790

Hyperlink:http://www.debian.org/security/2009/dsa-1790

External Source: CONFIRM

Name: http://support.apple.com/kb/HT3639

Hyperlink:http://support.apple.com/kb/HT3639

External Source: CONFIRM

Name: http://support.apple.com/kb/HT3549

Hyperlink:http://support.apple.com/kb/HT3549

External Source: SLACKWARE

Name: SSA:2009-129-01

Hyperlink:http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477

External Source: SECUNIA

Name: 35685

Hyperlink:http://secunia.com/advisories/35685

External Source: SECUNIA

Name: 35074

Hyperlink:http://secunia.com/advisories/35074

External Source: SECUNIA

Name: 35065

Hyperlink:http://secunia.com/advisories/35065

External Source: SECUNIA

Name: 35037

Hyperlink:http://secunia.com/advisories/35037

External Source: SECUNIA

Name: 34991

Hyperlink:http://secunia.com/advisories/34991

External Source: SECUNIA

Name: 34959

Hyperlink:http://secunia.com/advisories/34959

External Source: SECUNIA

Name: 34852

Hyperlink:http://secunia.com/advisories/34852

External Source: SUSE

Name: SUSE-SR:2009:012

Hyperlink:http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html

External Source: SUSE

Name: SUSE-SR:2009:010

Hyperlink:http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html

External Source: SUSE

Name: SUSE-SA:2009:024

Hyperlink:http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html

External Source: APPLE

Name: APPLE-SA-2009-05-12

Hyperlink:http://lists.apple.com/archives/security-announce/2009/May/msg00002.html

External Source: APPLE

Name: APPLE-SA-2009-06-17-1

Hyperlink:http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html