Medium severity5.4NVD Advisory· Published May 11, 2009· Updated Jun 16, 2026
CVE-2009-1605
CVE-2009-1605
Description
Heap-based buffer overflow in the loadexponentialfunc function in mupdf/pdf_function.c in MuPDF in the mupdf-20090223-win32 package, as used in SumatraPDF 0.9.3 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF file. NOTE: some of these details are obtained from third party information.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
15cpe:2.3:a:sumatrapdfreader:sumatrapdf:*:*:*:*:*:*:*:*+ 13 more
- cpe:2.3:a:sumatrapdfreader:sumatrapdf:*:*:*:*:*:*:*:*range: <=0.9.3
- cpe:2.3:a:sumatrapdfreader:sumatrapdf:0.1:*:*:*:*:*:*:*
- cpe:2.3:a:sumatrapdfreader:sumatrapdf:0.2:*:*:*:*:*:*:*
- cpe:2.3:a:sumatrapdfreader:sumatrapdf:0.3:*:*:*:*:*:*:*
- cpe:2.3:a:sumatrapdfreader:sumatrapdf:0.4:*:*:*:*:*:*:*
- cpe:2.3:a:sumatrapdfreader:sumatrapdf:0.5:*:*:*:*:*:*:*
- cpe:2.3:a:sumatrapdfreader:sumatrapdf:0.6:*:*:*:*:*:*:*
- cpe:2.3:a:sumatrapdfreader:sumatrapdf:0.7:*:*:*:*:*:*:*
- cpe:2.3:a:sumatrapdfreader:sumatrapdf:0.8:*:*:*:*:*:*:*
- cpe:2.3:a:sumatrapdfreader:sumatrapdf:0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:sumatrapdfreader:sumatrapdf:0.9:*:*:*:*:*:*:*
- cpe:2.3:a:sumatrapdfreader:sumatrapdf:0.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:sumatrapdfreader:sumatrapdf:0.9.2:*:*:*:*:*:*:*
- (no CPE)range: <=0.9.3
- Range: mupdf-20090223-win32
Patches
Vulnerability mechanics
References
6- archives.neohapsis.com/archives/fulldisclosure/2009-04/0258.htmlnvdExploit
- secunia.com/advisories/34916nvdVendor Advisory
- www.vupen.com/english/advisories/2009/1185nvdVendor Advisory
- www.vupen.com/english/advisories/2009/1186nvdVendor Advisory
- bugs.ghostscript.com/show_bug.cginvd
- cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/nvd
News mentions
0No linked articles in our index yet.