What is CVE-2009-1183?

CVE-2009-1183 is a vulnerability in Apple Cups, classified under CWE-399. Published 2009-04-23.

Is CVE-2009-1183 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Apple Cups

CVE-2009-1183

The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file.

EPSS: 0.038 (88.5th percentile) — read the EPSS interpretation.

Affected products

Apple Cups — versions 1.1, 1.1.1, 1.1.2
Foolabs Xpdf — versions 0.5a, 0.7a, 0.91a
Glyphandcog Xpdfreader — versions 0.2, 0.3, 0.4
Poppler — versions 0.1, 0.1.1, 0.1.2
N/a — versions n/a

Weakness classification (CWE)

CWE-399

Public proof-of-concept exploits

References

secalert@redhat.com (vendor-advisory, Patch, x_refsource_DEBIAN)
secalert@redhat.com (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
secalert@redhat.com (vendor-advisory, Patch, x_refsource_DEBIAN)
secalert@redhat.com (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
secalert@redhat.com (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
secalert@redhat.com (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
secalert@redhat.com (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
secalert@redhat.com (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
secalert@redhat.com (vendor-advisory, x_refsource_SLACKWARE)
secalert@redhat.com (vdb-entry, x_refsource_SECTRACK)

Frequently asked questions

What is CVE-2009-1183?: CVE-2009-1183 is a vulnerability in Apple Cups, classified under CWE-399. Published 2009-04-23.
Is CVE-2009-1183 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.