Improper input validation in Apple Cups
CVE-2009-0800
Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.
Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)
EPSS: 0.055 (91.8th percentile) — read the EPSS interpretation.
Affected products
- Apple Cups — versions 1.1, 1.1.1, 1.1.2
- Foolabs Xpdf — versions 0.5a, 0.7a, 0.91a
- Glyphandcog Xpdfreader — versions 0.2, 0.3, 0.4
- Poppler — versions 0.1, 0.1.1, 0.1.2
- N/a — versions n/a
Weakness classification (CWE)
References
- secalert@redhat.com (vendor-advisory, x_refsource_DEBIAN)
- secalert@redhat.com (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- secalert@redhat.com (vendor-advisory, x_refsource_DEBIAN)
- secalert@redhat.com (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- secalert@redhat.com (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
- secalert@redhat.com (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- secalert@redhat.com (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
- secalert@redhat.com (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- secalert@redhat.com (vendor-advisory, x_refsource_SLACKWARE)
- secalert@redhat.com (x_refsource_REDHAT, vendor-advisory)