CVE-2009-0800

CVE Database · CVE-2009-0800

CVE-2009-0800

· N/AModified

CVSS v3.1

N/A

EPSS

5.49%

Published

Apr 23, 2009

Modified

Apr 22, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.

Weaknesses (CWE)

CWE-20

Affected Products (154)

foolabs · xpdfvulnerable

· xpdf

References (20)

http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html

http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html

http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html

http://poppler.freedesktop.org/releases.html

http://rhn.redhat.com/errata/RHSA-2009-0458.html

http://secunia.com/advisories/34291

Vendor Advisory

http://secunia.com/advisories/34481

Vendor Advisory

http://secunia.com/advisories/34746

Vendor Advisory

http://secunia.com/advisories/34755

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs

foolabs · xpdfvulnerable

glyphandcog · xpdfreadervulnerable

poppler · popplervulnerable