CVE-2009-0195

CVE Database · CVE-2009-0195

CVE-2009-0195

· N/AModified

CVSS v3.1

N/A

EPSS

5.37%

Published

Apr 23, 2009

Modified

Apr 22, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execute arbitrary code via a PDF file with crafted JBIG2 symbol dictionary segments.

Weaknesses (CWE)

CWE-119

Affected Products (35)

apple · cupsvulnerable

foolabs · xpdfvulnerable

· xpdf

References (20)

http://rhn.redhat.com/errata/RHSA-2009-0458.html

http://secunia.com/advisories/34291

http://secunia.com/advisories/34481

http://secunia.com/advisories/34756

http://secunia.com/advisories/34963

http://secunia.com/advisories/35064

http://secunia.com/secunia_research/2009-17/

Vendor Advisory

http://secunia.com/secunia_research/2009-18/

Vendor Advisory

http://www.mandriva.com/security/advisories?name=MDVSA-2010:087

http://www.redhat.com/support/errata/RHSA-2009-0480.html

http://www.securityfocus.com/archive/1/502759/100/0/threaded

KEV Catalog EPSS Scores Vendors All CVEs