CVE-2009-1182

CVE Database · CVE-2009-1182

CVE-2009-1182

· N/AModified

CVSS v3.1

N/A

EPSS

7.35%

Published

Apr 23, 2009

Modified

Apr 22, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.

Weaknesses (CWE)

CWE-119

Affected Products (154)

foolabs · xpdfvulnerable

· xpdf

References (20)

http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html

http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html

http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html

http://poppler.freedesktop.org/releases.html

http://rhn.redhat.com/errata/RHSA-2009-0458.html

Vendor Advisory

http://secunia.com/advisories/34291

Vendor Advisory

http://secunia.com/advisories/34481

Vendor Advisory

http://secunia.com/advisories/34746

Vendor Advisory

http://secunia.com/advisories/34755

KEV Catalog EPSS Scores Vendors All CVEs

foolabs · xpdfvulnerable

glyphandcog · xpdfreadervulnerable

poppler · popplervulnerable