Unrated severityNVD Advisory· Published Apr 23, 2009· Updated Apr 23, 2026
CVE-2009-1179
CVE-2009-1179
Description
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file.
Affected products
154cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*+ 71 more
- cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*range: <=1.3.9
- cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*+ 13 more
- cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*
- cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*
- cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*
- cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*
- cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*
- cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*
- cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*
- cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*
- cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*
- cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*
- cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*
- cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*
- cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*
- cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*+ 19 more
- cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*range: <=3.02
- cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*
- cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*
- cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*
- cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*
- cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*
- cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*
- cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*
- cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*
- cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*
- cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*
- cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*
- cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*
- cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*
- cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*
- cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*
- cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*
- cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*
- cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*
- cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*
cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*+ 47 more
- cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*range: <=0.10.5
- cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
49- www.redhat.com/support/errata/RHSA-2009-0430.htmlnvdPatch
- secunia.com/advisories/34291nvdVendor Advisory
- secunia.com/advisories/34481nvdVendor Advisory
- secunia.com/advisories/34746nvdVendor Advisory
- secunia.com/advisories/34755nvdVendor Advisory
- secunia.com/advisories/34756nvdVendor Advisory
- secunia.com/advisories/34852nvdVendor Advisory
- secunia.com/advisories/34959nvdVendor Advisory
- secunia.com/advisories/34963nvdVendor Advisory
- secunia.com/advisories/34991nvdVendor Advisory
- secunia.com/advisories/35037nvdVendor Advisory
- secunia.com/advisories/35064nvdVendor Advisory
- secunia.com/advisories/35065nvdVendor Advisory
- secunia.com/advisories/35379nvdVendor Advisory
- secunia.com/advisories/35618nvdVendor Advisory
- secunia.com/advisories/35685nvdVendor Advisory
- www.vupen.com/english/advisories/2009/1065nvdVendor Advisory
- www.vupen.com/english/advisories/2009/1066nvdVendor Advisory
- www.vupen.com/english/advisories/2009/1076nvdVendor Advisory
- www.vupen.com/english/advisories/2009/1077nvdVendor Advisory
- www.vupen.com/english/advisories/2009/1522nvdVendor Advisory
- www.vupen.com/english/advisories/2009/1621nvdVendor Advisory
- www.vupen.com/english/advisories/2010/1040nvdVendor Advisory
- www.kb.cert.org/vuls/id/196617nvdUS Government Resource
- lists.apple.com/archives/security-announce/2009/Jun/msg00005.htmlnvd
- lists.apple.com/archives/security-announce/2009/jun/msg00002.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.htmlnvd
- poppler.freedesktop.org/releases.htmlnvd
- rhn.redhat.com/errata/RHSA-2009-0458.htmlnvd
- slackware.com/security/viewer.phpnvd
- support.apple.com/kb/HT3613nvd
- support.apple.com/kb/HT3639nvd
- www.debian.org/security/2009/dsa-1790nvd
- www.debian.org/security/2009/dsa-1793nvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.redhat.com/support/errata/RHSA-2009-0429.htmlnvd
- www.redhat.com/support/errata/RHSA-2009-0431.htmlnvd
- www.redhat.com/support/errata/RHSA-2009-0480.htmlnvd
- www.securityfocus.com/bid/34568nvd
- www.securitytracker.com/idnvd
- bugzilla.redhat.com/show_bug.cginvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11892nvd
- www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.htmlnvd
News mentions
0No linked articles in our index yet.