CVE-2009-1179

CVE Database · CVE-2009-1179

CVE-2009-1179

· N/AModified

CVSS v3.1

N/A

EPSS

5.55%

Published

Apr 23, 2009

Modified

Apr 22, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file.

Weaknesses (CWE)

CWE-189

Affected Products (154)

foolabs · xpdfvulnerable

· xpdf

References (20)

http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html

http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html

http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html

http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html

http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html

http://poppler.freedesktop.org/releases.html

http://rhn.redhat.com/errata/RHSA-2009-0458.html

http://secunia.com/advisories/34291

Vendor Advisory

http://secunia.com/advisories/34481

Vendor Advisory

http://secunia.com/advisories/34746

KEV Catalog EPSS Scores Vendors All CVEs

foolabs · xpdfvulnerable

glyphandcog · xpdfreadervulnerable

poppler · popplervulnerable