Details of VAR-200904-0811

ID

VAR-200904-0811

CVE

CVE-2009-1179

TITLE

Xpdf and poppler contain multiple vulnerabilities in the processing of JBIG2 data

Trust: 0.8

sources: CERT/CC: VU#196617

DESCRIPTION

Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file. Xpdf is an open source viewer for Portable Document Format (PDF) files. =========================================================== Ubuntu Security Notice USN-973-1 August 17, 2010 koffice vulnerabilities CVE-2009-0146, CVE-2009-0147, CVE-2009-0165, CVE-2009-0166, CVE-2009-0195, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, CVE-2009-3606, CVE-2009-3608, CVE-2009-3609 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 9.04: kword 1:1.6.3-7ubuntu6.1 In general, a standard system update will make all the necessary changes. Details follow: Will Dormann, Alin Rad Pop, Braden Thomas, and Drew Yao discovered that the Xpdf used in KOffice contained multiple security issues in its JBIG2 decoder. (CVE-2009-0146, CVE-2009-0147, CVE-2009-0166, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181) It was discovered that the Xpdf used in KOffice contained multiple security issues when parsing malformed PDF documents. (CVE-2009-3606, CVE-2009-3608, CVE-2009-3609) KOffice in Ubuntu 9.04 uses a very old version of Xpdf to import PDFs into KWord. Upstream KDE no longer supports PDF import in KOffice and as a result it was dropped in Ubuntu 9.10. While an attempt was made to fix the above issues, the maintenance burden for supporting this very old version of Xpdf outweighed its utility, and PDF import is now also disabled in Ubuntu 9.04. (CVE-2009-0165). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2010:055 http://www.mandriva.com/security/ _______________________________________________________________________ Package : poppler Date : March 4, 2010 Affected: 2008.0 _______________________________________________________________________ Problem Description: An out-of-bounds reading flaw in the JBIG2 decoder allows remote attackers to cause a denial of service (crash) via a crafted PDF file (CVE-2009-0799). NOTE: some of these details are obtained from third party information. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1188 (CVE-2009-3603). NOTE: this may overlap CVE-2009-0791 (CVE-2009-3605). NOTE: some of these details are obtained from third party information (CVE-2009-3607). This update provides fixes for that vulnerabilities. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3607 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3938 _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.0: 0b4c544fea742c847cb56b9fbc33f412 2008.0/i586/libpoppler3-0.8.7-2.4mdv2008.0.i586.rpm b991aecb282a882f6ee5640bcc832e5d 2008.0/i586/libpoppler-devel-0.8.7-2.4mdv2008.0.i586.rpm afe27149192bdca20b911965febc5ee2 2008.0/i586/libpoppler-glib3-0.8.7-2.4mdv2008.0.i586.rpm 379d7bdd3dde6cbf9bd43c7b9e2723c3 2008.0/i586/libpoppler-glib-devel-0.8.7-2.4mdv2008.0.i586.rpm d7f58c500ff93f75998e1a0ba8e05c9e 2008.0/i586/libpoppler-qt2-0.8.7-2.4mdv2008.0.i586.rpm 64a5f31e3feb593c1ce0be10a24aec43 2008.0/i586/libpoppler-qt4-3-0.8.7-2.4mdv2008.0.i586.rpm 5e3182c22daabbf93056b8a94545fbd9 2008.0/i586/libpoppler-qt4-devel-0.8.7-2.4mdv2008.0.i586.rpm 9eaa15826e2ab184de24cf0b1aeda2e6 2008.0/i586/libpoppler-qt-devel-0.8.7-2.4mdv2008.0.i586.rpm 53fa179984dc9c0442292a77bab496b0 2008.0/i586/poppler-0.8.7-2.4mdv2008.0.i586.rpm c8146a94a038650fc5a1704196b1b087 2008.0/SRPMS/poppler-0.8.7-2.4mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: ebde9bf055ba6854f7348da4dd2ba7b4 2008.0/x86_64/lib64poppler3-0.8.7-2.4mdv2008.0.x86_64.rpm c200ff892641cebd5e49ebc2d05fb1c0 2008.0/x86_64/lib64poppler-devel-0.8.7-2.4mdv2008.0.x86_64.rpm 6ee35af2904995be70a1d83adc2a2d86 2008.0/x86_64/lib64poppler-glib3-0.8.7-2.4mdv2008.0.x86_64.rpm a4ad93d7caf1bfaa25f1e511da8c9208 2008.0/x86_64/lib64poppler-glib-devel-0.8.7-2.4mdv2008.0.x86_64.rpm 86205b42fd719dd722799de7f215d021 2008.0/x86_64/lib64poppler-qt2-0.8.7-2.4mdv2008.0.x86_64.rpm 523f9debc4c5db056eb5484aa066960e 2008.0/x86_64/lib64poppler-qt4-3-0.8.7-2.4mdv2008.0.x86_64.rpm 79a6a65ada1a4e4573d9ca50ea1995f0 2008.0/x86_64/lib64poppler-qt4-devel-0.8.7-2.4mdv2008.0.x86_64.rpm ea0e41c890b571f6bbc217983aa2f3ec 2008.0/x86_64/lib64poppler-qt-devel-0.8.7-2.4mdv2008.0.x86_64.rpm 2086f89f02c674a8428f9d88d9e3c8d2 2008.0/x86_64/poppler-0.8.7-2.4mdv2008.0.x86_64.rpm c8146a94a038650fc5a1704196b1b087 2008.0/SRPMS/poppler-0.8.7-2.4mdv2008.0.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFLkQPLmqjQ0CJFipgRAh18AKC9klNDmYh9cWPAgnry39C+ILqtbgCgk0x1 TR6oNGOz4KatmzdzlfhR5eI= =Exwz -----END PGP SIGNATURE----- . (CVE-2009-1183) Two integer overflow flaws were found in the CUPS pdftops filter. Update: Packages for 2008.0 are being provided due to extended support for Corporate products. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . For the old stable distribution (etch), these problems have been fixed in version 3.01-9.1+etch6. For the stable distribution (lenny), these problems have been fixed in version 3.02-1.4+lenny1. For the unstable distribution (sid), these problems will be fixed in a forthcoming version. We recommend that you upgrade your xpdf packages. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - ------------------------------- Debian GNU/Linux 5.0 alias lenny - -------------------------------- Debian (oldstable) - ------------------ Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch6.dsc Size/MD5 checksum: 974 9c04059981f8b036d7e6e39c7f0aeb21 http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch6.diff.gz Size/MD5 checksum: 46835 c69a67b9ff487403e7c3ff819c6ff734 http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01.orig.tar.gz Size/MD5 checksum: 599778 e004c69c7dddef165d768b1362b44268 Architecture independent packages: http://security.debian.org/pool/updates/main/x/xpdf/xpdf-common_3.01-9.1+etch6_all.deb Size/MD5 checksum: 62834 dd8f37161c3b2430cb1cd65c911e9f86 http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch6_all.deb Size/MD5 checksum: 1278 d6da8e00b02ab3f17ec44b90fff6bb30 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_alpha.deb Size/MD5 checksum: 920352 83b7d74d9ebae9b26da91de7c91d3502 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_alpha.deb Size/MD5 checksum: 1687294 9862913548fff9bfda37a6fe075df5b0 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_amd64.deb Size/MD5 checksum: 809202 171520d7642019943bfe7166876f5da5 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_amd64.deb Size/MD5 checksum: 1493308 9575f135e9ec312f9e6d7d2517dd8f5b arm architecture (ARM) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_arm.deb Size/MD5 checksum: 803714 6db06ffcba7f6d7576ed356e7989557d http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_arm.deb Size/MD5 checksum: 1468616 9afde01dda379acd4e7edfbccc7c7b2d hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_hppa.deb Size/MD5 checksum: 1773794 c9012a9d3919ec40dcea1264ac27a6fe http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_hppa.deb Size/MD5 checksum: 963060 565daaf6f15ff7593d560ef7a2f94364 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_i386.deb Size/MD5 checksum: 796992 5270bef04f1c2e924b813dffe6050d89 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_i386.deb Size/MD5 checksum: 1458826 b2f3cbaac0ffcce0bb8d7e656bf11b02 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_ia64.deb Size/MD5 checksum: 1217142 afeaf9bfc66ebb69767703bfb30bbd4c http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_ia64.deb Size/MD5 checksum: 2218472 6545e9b6f58a84c0daa76baa8a0db629 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_mipsel.deb Size/MD5 checksum: 946638 5323268be89e54c5c8eb7ae13f0eab14 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_mipsel.deb Size/MD5 checksum: 1721268 0b710c0bcc6ffefe29f683ab09d3cbe8 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_powerpc.deb Size/MD5 checksum: 1554798 eadd6236b778761086d436dd8db986e4 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_powerpc.deb Size/MD5 checksum: 849204 d22f5d59f03d6484e149d7536a25a517 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_s390.deb Size/MD5 checksum: 1401814 0e3f588c64e8fa9a102ebcae29c4d807 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_s390.deb Size/MD5 checksum: 767392 4b7c1a868f2f909c2dce25087da77817 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_sparc.deb Size/MD5 checksum: 1394680 8b17e2339e2a908a610271eb678495b1 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_sparc.deb Size/MD5 checksum: 763618 f3897333018702ee926e41ca5f58dc92 Debian (stable) - --------------- Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny1.dsc Size/MD5 checksum: 1266 faeebc4dfc74129ca708a6345bb483f7 http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02.orig.tar.gz Size/MD5 checksum: 674912 599dc4cc65a07ee868cf92a667a913d2 http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny1.diff.gz Size/MD5 checksum: 42280 362f72e95494f51a19eeb898b9a527ac Architecture independent packages: http://security.debian.org/pool/updates/main/x/xpdf/xpdf-common_3.02-1.4+lenny1_all.deb Size/MD5 checksum: 67664 b5f063bf32cbeaf1aaeec315dc8aff0a http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny1_all.deb Size/MD5 checksum: 1268 f67780458dac3c38cd59bfde186f9a3b alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_alpha.deb Size/MD5 checksum: 1896344 f65f591413c25a23ea2aaccba2b5b634 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_alpha.deb Size/MD5 checksum: 1018434 cb679c93bbc428ea852bd4ef3103e42d amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_amd64.deb Size/MD5 checksum: 1709514 1e1277251a6dd0bb0a551997efd39175 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_amd64.deb Size/MD5 checksum: 921892 fb7de1db5e3885365c3ad74c3646ab57 arm architecture (ARM) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_arm.deb Size/MD5 checksum: 1667088 58ddefe40598d6fe4a5016145163ef45 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_arm.deb Size/MD5 checksum: 907908 881594298fe547cefa3d528c519d369f armel architecture (ARM EABI) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_armel.deb Size/MD5 checksum: 886242 51d55f7c4de41c5d4051f41fde9b7389 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_armel.deb Size/MD5 checksum: 1602392 bc996edfad6d1995cb4ef2f4c7760b51 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_hppa.deb Size/MD5 checksum: 1076286 fa3ac4a1001abf3e892bb1397b06ff17 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_hppa.deb Size/MD5 checksum: 1985520 e95263d094e2c8d6aa72ee1edb9105f3 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_i386.deb Size/MD5 checksum: 876656 441042932886fa29adae731338f6b5bd http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_i386.deb Size/MD5 checksum: 1611730 52516381da25dbb0c1145e2b7cdf692a ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_ia64.deb Size/MD5 checksum: 1380222 0ffaee560534c9d69df433340679c8fc http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_ia64.deb Size/MD5 checksum: 2519970 eb4f4e5c173557fa8ae713f123cbb193 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_mips.deb Size/MD5 checksum: 1894924 58b336b114ef5c8fb9fc6244411b4cf4 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_mips.deb Size/MD5 checksum: 1040834 ae8ed06ea2ed07e3a064c6bd28e80933 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_mipsel.deb Size/MD5 checksum: 1026954 eac8167230b8fa208cdbc5b196f0c624 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_mipsel.deb Size/MD5 checksum: 1872050 8f2e99ce5a102d099ba22543f246d5bd powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_powerpc.deb Size/MD5 checksum: 1788584 7d1466cc8770bd92f299c1cc772f64e7 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_powerpc.deb Size/MD5 checksum: 968838 7cc8568d6b74348300066e42b27f90c2 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_s390.deb Size/MD5 checksum: 871666 1dde93a4cc0a28b90f92c05f0d181079 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_s390.deb Size/MD5 checksum: 1598270 201ad07e4853843dce22f22daa41fd35 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_sparc.deb Size/MD5 checksum: 863662 446f2d8fe6483d3741648c4db1ff5b82 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_sparc.deb Size/MD5 checksum: 1586262 52861c00f406c35db8a6e6f3269cc37d These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFKAJvfYrVLjBFATsMRAvL3AJ48hk1Vsp4ZvDGoQfwOunErKHxElQCfepN+ rFYyqIcPRzz8zBGVGObkTr8= =xhzW -----END PGP SIGNATURE-----

Trust: 3.06

sources: NVD: CVE-2009-1179 // CERT/CC: VU#196617 // JVNDB: JVNDB-2009-001263 // VULHUB: VHN-38625 // VULMON: CVE-2009-1179 // PACKETSTORM: 92846 // PACKETSTORM: 82088 // PACKETSTORM: 77104 // PACKETSTORM: 86958 // PACKETSTORM: 83554 // PACKETSTORM: 77279

AFFECTED PRODUCTS

vendor:	apple	model:	cups	scope:	eq	version:	1.1.22	Trust: 1.6
vendor:	apple	model:	cups	scope:	eq	version:	1.1.23	Trust: 1.6
vendor:	apple	model:	cups	scope:	eq	version:	1.1.20	Trust: 1.6
vendor:	apple	model:	cups	scope:	eq	version:	1.1.21	Trust: 1.6
vendor:	poppler	model:	poppler	scope:	eq	version:	0.2.0	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.18	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.10-1	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.4.1	Trust: 1.0
vendor:	foolabs	model:	xpdf	scope:	eq	version:	0.91c	Trust: 1.0
vendor:	foolabs	model:	xpdf	scope:	eq	version:	0.92e	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.7	Trust: 1.0
vendor:	foolabs	model:	xpdf	scope:	eq	version:	0.93a	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.6-3	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.4.0	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	2.02	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.5.1	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.12	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	0.92	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.10.1	Trust: 1.0
vendor:	foolabs	model:	xpdf	scope:	eq	version:	0.92c	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.3.6	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	0.5	Trust: 1.0
vendor:	foolabs	model:	xpdf	scope:	eq	version:	0.92d	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	2.03	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	0.4	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.1	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.6	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.12	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.10.0	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.8	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.1	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.8.6	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.17	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.7.0	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.4.3	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.8.4	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.6.4	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.3.11	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.3.0	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.3.1	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.3.2	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.16	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.5.3	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.3.3	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.3	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.1.1	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	2.00	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.1.2	Trust: 1.0
vendor:	foolabs	model:	xpdf	scope:	eq	version:	0.5a	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.13	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.3.7	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.5-1	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.6-1	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.9.0	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	2.01	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.10.4	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.5.4	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.8.1	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.19	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.4	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	3.01	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.10	Trust: 1.0
vendor:	apple	model:	cups	scope:	lte	version:	1.3.9	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.9	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	0.2	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.5.0	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.4.2	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.8.5	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	3.00	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.3.1	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.3.5	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.10.3	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.5	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	lte	version:	3.02	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.5.90	Trust: 1.0
vendor:	foolabs	model:	xpdf	scope:	eq	version:	0.91a	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	lte	version:	0.10.5	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.5.91	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.6.3	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	1.01	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.5	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.3.8	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.8.7	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.9	Trust: 1.0
vendor:	foolabs	model:	xpdf	scope:	eq	version:	0.93b	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.7.3	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.10	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	0.90	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.9.2	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.9-1	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.11	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	0.6	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.2	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.3	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.7.2	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.4.4	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.7.1	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.8.0	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.3.10	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.5-2	Trust: 1.0
vendor:	foolabs	model:	xpdf	scope:	eq	version:	0.91b	Trust: 1.0
vendor:	foolabs	model:	xpdf	scope:	eq	version:	0.92b	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.4	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.9.3	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.0	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.8	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.5.2	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.3.3	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.3.2	Trust: 1.0
vendor:	foolabs	model:	xpdf	scope:	eq	version:	1.00a	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	0.93	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.2	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.9.1	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	0.91	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.6.0	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.6	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.15	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.3.4	Trust: 1.0
vendor:	foolabs	model:	xpdf	scope:	eq	version:	0.93c	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	0.3	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	0.80	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.8.2	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.6-2	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	1.00	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.7	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.3.0	Trust: 1.0
vendor:	foolabs	model:	xpdf	scope:	eq	version:	0.92a	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.14	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.5.9	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.6.1	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.8.3	Trust: 1.0
vendor:	foolabs	model:	xpdf	scope:	eq	version:	0.7a	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.1	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.6.2	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.11	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	0.7	Trust: 1.0
vendor:	poppler	model:	poppler	scope:	eq	version:	0.10.2	Trust: 1.0
vendor:	apple computer	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	debian gnu linux	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	fedora	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	gentoo linux	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	mandriva s a	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	novell	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	poppler	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	red hat	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	research in motion rim	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	suse linux	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	slackware linux	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	turbolinux	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	ubuntu	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	xpdf	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	cups	model:	cups	scope:	lte	version:	1.3.9	Trust: 0.8
vendor:	freedesktop	model:	poppler	scope:	lt	version:	0.10.6	Trust: 0.8
vendor:	glyph cog	model:	xpdf	scope:	lte	version:	3.02pl2	Trust: 0.8
vendor:	apple	model:	ios	scope:	eq	version:	1.0 to 2.2.1	Trust: 0.8
vendor:	apple	model:	ios for ipod touch	scope:	eq	version:	1.1 to 2.2.1	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	4.0	Trust: 0.8
vendor:	cybertrust	model:	asianux server	scope:	eq	version:	3 (x86)	Trust: 0.8
vendor:	cybertrust	model:	asianux server	scope:	eq	version:	3 (x86-64)	Trust: 0.8
vendor:	cybertrust	model:	asianux server	scope:	eq	version:	4.0	Trust: 0.8
vendor:	cybertrust	model:	asianux server	scope:	eq	version:	4.0 (x86-64)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	3 (as)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	3 (es)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	3 (ws)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	4 (as)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	4 (es)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	4 (ws)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	4.7 (as)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	4.7 (es)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	4.8 (as)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	4.8 (es)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	5 (server)	Trust: 0.8
vendor:	red hat	model:	enterprise linux desktop	scope:	eq	version:	3.0	Trust: 0.8
vendor:	red hat	model:	enterprise linux desktop	scope:	eq	version:	4.0	Trust: 0.8
vendor:	red hat	model:	enterprise linux desktop	scope:	eq	version:	5.0 (client)	Trust: 0.8
vendor:	red hat	model:	enterprise linux eus	scope:	eq	version:	5.3.z (server)	Trust: 0.8
vendor:	red hat	model:	rhel desktop workstation	scope:	eq	version:	5 (client)	Trust: 0.8
vendor:	red hat	model:	rhel optional productivity applications	scope:	eq	version:	5 (server)	Trust: 0.8
vendor:	red hat	model:	rhel optional productivity applications eus	scope:	eq	version:	5.3.z (server)	Trust: 0.8
vendor:	nec	model:	infoframe documentskipper	scope:	-	version:	-	Trust: 0.8
vendor:	nec	model:	infoframe imagingcore	scope:	-	version:	-	Trust: 0.8

sources: CERT/CC: VU#196617 // JVNDB: JVNDB-2009-001263 // CNNVD: CNNVD-200904-451 // NVD: CVE-2009-1179

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2009-1179
value:	MEDIUM
Trust: 1.0
CARNEGIE MELLON:	VU#196617
value:	HIGH
Trust: 0.8
NVD:	CVE-2009-1179
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-200904-451
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-38625
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2009-1179
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2009-1179
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CARNEGIE MELLON:	VU#196617
severity:	HIGH
baseScore:	9.0
vectorString:	NONE
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	9.5
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-38625
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#196617 // VULHUB: VHN-38625 // VULMON: CVE-2009-1179 // JVNDB: JVNDB-2009-001263 // CNNVD: CNNVD-200904-451 // NVD: CVE-2009-1179

PROBLEMTYPE DATA

problemtype:

CWE-189

Trust: 1.9

sources: VULHUB: VHN-38625 // JVNDB: JVNDB-2009-001263 // NVD: CVE-2009-1179

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200904-451

TYPE

digital error

Trust: 0.6

sources: CNNVD: CNNVD-200904-451

CONFIGURATIONS

sources: JVNDB: JVNDB-2009-001263

EXPLOIT AVAILABILITY

sources: CERT/CC: VU#196617

PATCH

title:	HT3613	url:	http://support.apple.com/kb/HT3613	Trust: 0.8
title:	HT3639	url:	http://support.apple.com/kb/HT3639	Trust: 0.8
title:	HT3613	url:	http://support.apple.com/kb/HT3613?viewlocale=ja_JP	Trust: 0.8
title:	HT3639	url:	http://support.apple.com/kb/HT3639?viewlocale=ja_JP	Trust: 0.8
title:	tetex-3.0-33.8.5.0.1.AXS3	url:	https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=1040	Trust: 0.8
title:	poppler-0.5.4-4.4.9.1AXS3	url:	https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=437	Trust: 0.8
title:	kdegraphics-3.5.5-3.5AXS3	url:	https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=766	Trust: 0.8
title:	cups-1.3.7-8.4.1AXS3	url:	https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=428	Trust: 0.8
title:	Top Page	url:	http://www.cups.org/	Trust: 0.8
title:	2059	url:	http://www.miraclelinux.com/support/index.php?q=node/99&errata_id=2059	Trust: 0.8
title:	NV10-003	url:	http://www.nec.co.jp/security-info/secinfo/nv10-003.html	Trust: 0.8
title:	Poppler 0.11 Releases	url:	http://poppler.freedesktop.org/releases.html	Trust: 0.8
title:	RHSA-2009:0429	url:	https://rhn.redhat.com/errata/RHSA-2009-0429.html	Trust: 0.8
title:	RHSA-2009:0430	url:	https://rhn.redhat.com/errata/RHSA-2009-0430.html	Trust: 0.8
title:	RHSA-2009:0431	url:	https://rhn.redhat.com/errata/RHSA-2009-0431.html	Trust: 0.8
title:	RHSA-2010:0399	url:	https://rhn.redhat.com/errata/RHSA-2010-0399.html	Trust: 0.8
title:	RHSA-2009:0458	url:	https://rhn.redhat.com/errata/RHSA-2009-0458.html	Trust: 0.8
title:	RHSA-2010:0400	url:	https://rhn.redhat.com/errata/RHSA-2010-0400.html	Trust: 0.8
title:	RHSA-2009:0480	url:	https://rhn.redhat.com/errata/RHSA-2009-0480.html	Trust: 0.8
title:	Top Page	url:	http://www.foolabs.com/xpdf/	Trust: 0.8
title:	RHSA-2009:0458	url:	https://www.jp.redhat.com/support/errata/RHSA/RHSA-2009-0458J.html	Trust: 0.8
title:	RHSA-2009:0480	url:	https://www.jp.redhat.com/support/errata/RHSA/RHSA-2009-0480J.html	Trust: 0.8
title:	RHSA-2009:0429	url:	https://www.jp.redhat.com/support/errata/RHSA/RHSA-2009-0429J.html	Trust: 0.8
title:	RHSA-2009:0430	url:	https://www.jp.redhat.com/support/errata/RHSA/RHSA-2009-0430J.html	Trust: 0.8
title:	RHSA-2009:0431	url:	https://www.jp.redhat.com/support/errata/RHSA/RHSA-2009-0431J.html	Trust: 0.8
title:	Debian CVElist Bug Report Logs: cupsys: CVE-2009-0791 integer overflow vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=22c7db924de15c5764c0ff045606eb1e	Trust: 0.1
title:	Red Hat: Important: xpdf security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20090430 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: kdegraphics security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20090431 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: gpdf security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20090458 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: cups security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20090429 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: poppler security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20090480 - Security Advisory	Trust: 0.1
title:	Ubuntu Security Notice: poppler vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-759-1	Trust: 0.1
title:	Ubuntu Security Notice: koffice vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-973-1	Trust: 0.1
title:	Debian CVElist Bug Report Logs: xpdf: multiple vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=773868e24bff06cb90f9c91803114d93	Trust: 0.1
title:	Debian Security Advisories: DSA-1790-1 xpdf -- multiple vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=6375d8b8a733e9a6329048ef00e50271	Trust: 0.1
title:	Debian CVElist Bug Report Logs: poppler: multiple vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=1ea2bd34c90a7e17e7b2d6fe49c98e66	Trust: 0.1
title:	CVE-T4PDF Table of contents List of CVEs List of Techniques	url:	https://github.com/0xCyberY/CVE-T4PDF	Trust: 0.1

sources: VULMON: CVE-2009-1179 // JVNDB: JVNDB-2009-001263

EXTERNAL IDS

db:	BID	id:	34568	Trust: 3.4
db:	SECUNIA	id:	34291	Trust: 3.4
db:	CERT/CC	id:	VU#196617	Trust: 3.4
db:	NVD	id:	CVE-2009-1179	Trust: 3.2
db:	VUPEN	id:	ADV-2009-1077	Trust: 2.6
db:	VUPEN	id:	ADV-2009-1076	Trust: 2.6
db:	VUPEN	id:	ADV-2009-1066	Trust: 2.6
db:	VUPEN	id:	ADV-2009-1065	Trust: 2.6
db:	SECUNIA	id:	34481	Trust: 2.6
db:	SECUNIA	id:	35064	Trust: 2.6
db:	SECUNIA	id:	34746	Trust: 2.6
db:	SECUNIA	id:	34756	Trust: 2.6
db:	SECUNIA	id:	34963	Trust: 2.6
db:	SECUNIA	id:	34755	Trust: 2.6
db:	SECTRACK	id:	1022073	Trust: 2.6
db:	VUPEN	id:	ADV-2009-1522	Trust: 1.8
db:	VUPEN	id:	ADV-2009-1621	Trust: 1.8
db:	VUPEN	id:	ADV-2010-1040	Trust: 1.8
db:	SECUNIA	id:	35618	Trust: 1.8
db:	SECUNIA	id:	34852	Trust: 1.8
db:	SECUNIA	id:	35065	Trust: 1.8
db:	SECUNIA	id:	34959	Trust: 1.8
db:	SECUNIA	id:	35685	Trust: 1.8
db:	SECUNIA	id:	35379	Trust: 1.8
db:	SECUNIA	id:	34991	Trust: 1.8
db:	SECUNIA	id:	35037	Trust: 1.8
db:	SECTRACK	id:	1022072	Trust: 0.8
db:	JVNDB	id:	JVNDB-2009-001263	Trust: 0.8
db:	CNNVD	id:	CNNVD-200904-451	Trust: 0.6
db:	VULHUB	id:	VHN-38625	Trust: 0.1
db:	VULMON	id:	CVE-2009-1179	Trust: 0.1
db:	PACKETSTORM	id:	92846	Trust: 0.1
db:	PACKETSTORM	id:	82088	Trust: 0.1
db:	PACKETSTORM	id:	77104	Trust: 0.1
db:	PACKETSTORM	id:	86958	Trust: 0.1
db:	PACKETSTORM	id:	83554	Trust: 0.1
db:	PACKETSTORM	id:	77279	Trust: 0.1

sources: CERT/CC: VU#196617 // VULHUB: VHN-38625 // VULMON: CVE-2009-1179 // JVNDB: JVNDB-2009-001263 // PACKETSTORM: 92846 // PACKETSTORM: 82088 // PACKETSTORM: 77104 // PACKETSTORM: 86958 // PACKETSTORM: 83554 // PACKETSTORM: 77279 // CNNVD: CNNVD-200904-451 // NVD: CVE-2009-1179

REFERENCES

url:	http://www.securityfocus.com/bid/34568	Trust: 4.0
url:	http://www.debian.org/security/2009/dsa-1790	Trust: 3.2
url:	http://www.kb.cert.org/vuls/id/196617	Trust: 2.7
url:	http://www.securitytracker.com/id?1022073	Trust: 2.6
url:	http://secunia.com/advisories/34291	Trust: 2.6
url:	http://secunia.com/advisories/34481	Trust: 2.6
url:	http://secunia.com/advisories/34746	Trust: 2.6
url:	http://secunia.com/advisories/34755	Trust: 2.6
url:	http://secunia.com/advisories/34756	Trust: 2.6
url:	http://secunia.com/advisories/34963	Trust: 2.6
url:	http://secunia.com/advisories/35064	Trust: 2.6
url:	http://www.vupen.com/english/advisories/2009/1065	Trust: 2.6
url:	http://www.vupen.com/english/advisories/2009/1066	Trust: 2.6
url:	http://www.vupen.com/english/advisories/2009/1076	Trust: 2.6
url:	http://www.vupen.com/english/advisories/2009/1077	Trust: 2.6
url:	http://www.debian.org/security/2009/dsa-1793	Trust: 2.4
url:	http://secunia.com/advisories/34852	Trust: 1.8
url:	http://secunia.com/advisories/34959	Trust: 1.8
url:	http://secunia.com/advisories/34991	Trust: 1.8
url:	http://secunia.com/advisories/35037	Trust: 1.8
url:	http://secunia.com/advisories/35065	Trust: 1.8
url:	http://secunia.com/advisories/35379	Trust: 1.8
url:	http://secunia.com/advisories/35618	Trust: 1.8
url:	http://secunia.com/advisories/35685	Trust: 1.8
url:	http://www.vupen.com/english/advisories/2009/1522	Trust: 1.8
url:	http://www.vupen.com/english/advisories/2009/1621	Trust: 1.8
url:	http://www.vupen.com/english/advisories/2010/1040	Trust: 1.8
url:	http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html	Trust: 1.8
url:	http://lists.apple.com/archives/security-announce/2009/jun/msg00005.html	Trust: 1.8
url:	https://www.redhat.com/archives/fedora-package-announce/2009-july/msg00567.html	Trust: 1.8
url:	https://www.redhat.com/archives/fedora-package-announce/2009-june/msg01277.html	Trust: 1.8
url:	https://www.redhat.com/archives/fedora-package-announce/2009-june/msg01291.html	Trust: 1.8
url:	http://www.mandriva.com/security/advisories?name=mdvsa-2009:101	Trust: 1.8
url:	http://www.mandriva.com/security/advisories?name=mdvsa-2010:087	Trust: 1.8
url:	http://www.mandriva.com/security/advisories?name=mdvsa-2011:175	Trust: 1.8
url:	http://www.redhat.com/support/errata/rhsa-2009-0429.html	Trust: 1.8
url:	http://www.redhat.com/support/errata/rhsa-2009-0430.html	Trust: 1.8
url:	http://www.redhat.com/support/errata/rhsa-2009-0431.html	Trust: 1.8
url:	http://rhn.redhat.com/errata/rhsa-2009-0458.html	Trust: 1.8
url:	http://www.redhat.com/support/errata/rhsa-2009-0480.html	Trust: 1.8
url:	http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html	Trust: 1.8
url:	http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html	Trust: 1.8
url:	http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html	Trust: 1.8
url:	http://poppler.freedesktop.org/releases.html	Trust: 1.8
url:	http://support.apple.com/kb/ht3613	Trust: 1.8
url:	http://support.apple.com/kb/ht3639	Trust: 1.8
url:	https://bugzilla.redhat.com/show_bug.cgi?id=495889	Trust: 1.8
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11892	Trust: 1.8
url:	http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1179	Trust: 1.2
url:	http://cgit.freedesktop.org/poppler/poppler/commit/?id=9f1312f3d7dfa7e536606a7c7296b7c876b11c00	Trust: 0.8
url:	ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl3.patch	Trust: 0.8
url:	http://www.ubuntu.com/usn/usn-759-1	Trust: 0.8
url:	http://blackberry.com/btsc/kb17953	Trust: 0.8
url:	http://rhn.redhat.com/errata/rhsa-2009-0429.html	Trust: 0.8
url:	http://rhn.redhat.com/errata/rhsa-2009-0431.html	Trust: 0.8
url:	http://www.mandriva.com/en/security/advisories?name=mdvsa-2009:101	Trust: 0.8
url:	http://support.apple.com/kb/ht3549	Trust: 0.8
url:	http://secunia.com/advisories/34291/	Trust: 0.8
url:	http://www.securitytracker.com/alerts/2009/apr/1022072.html	Trust: 0.8
url:	http://jvn.jp/cert/jvnvu196617/index.html	Trust: 0.8
url:	http://jvn.jp/cert/jvnvu196617/	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-1179	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2009-1181	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2009-0799	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2009-1180	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2009-1179	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2009-0800	Trust: 0.6
url:	https://access.redhat.com/errata/rhsa-2009:0480	Trust: 0.6
url:	https://access.redhat.com/errata/rhsa-2009:0431	Trust: 0.6
url:	https://access.redhat.com/errata/rhsa-2010:0399	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2009-1179	Trust: 0.6
url:	https://access.redhat.com/errata/rhsa-2010:0400	Trust: 0.6
url:	https://access.redhat.com/errata/rhsa-2009:0458	Trust: 0.6
url:	https://access.redhat.com/errata/rhsa-2009:0430	Trust: 0.6
url:	https://access.redhat.com/errata/rhsa-2009:0429	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2009-0166	Trust: 0.5
url:	https://nvd.nist.gov/vuln/detail/cve-2009-0146	Trust: 0.5
url:	https://nvd.nist.gov/vuln/detail/cve-2009-0147	Trust: 0.5
url:	https://nvd.nist.gov/vuln/detail/cve-2009-1182	Trust: 0.5
url:	https://nvd.nist.gov/vuln/detail/cve-2009-1183	Trust: 0.5
url:	https://nvd.nist.gov/vuln/detail/cve-2009-3609	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2009-3608	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2009-0165	Trust: 0.4
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1181	Trust: 0.4
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0800	Trust: 0.4
url:	http://www.mandriva.com/security/	Trust: 0.4
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0799	Trust: 0.4
url:	http://www.mandriva.com/security/advisories	Trust: 0.4
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1180	Trust: 0.4
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1183	Trust: 0.4
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1182	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2009-0195	Trust: 0.3
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0147	Trust: 0.3
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0166	Trust: 0.3
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0146	Trust: 0.3
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3609	Trust: 0.3
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3608	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2009-3606	Trust: 0.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0163	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2009-0791	Trust: 0.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0791	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2009-0163	Trust: 0.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0949	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2009-0949	Trust: 0.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0195	Trust: 0.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0165	Trust: 0.2
url:	http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477	Trust: 0.1
url:	https://cwe.mitre.org/data/definitions/189.html	Trust: 0.1
url:	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=535488	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://usn.ubuntu.com/759-1/	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/koshell_1.6.3-7ubuntu6.1_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/kivio_1.6.3-7ubuntu6.1_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/kplato_1.6.3-7ubuntu6.1_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/kugar_1.6.3-7ubuntu6.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.6.3-7ubuntu6.1.dsc	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/koffice-libs_1.6.3-7ubuntu6.1_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/krita_1.6.3-7ubuntu6.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita_1.6.3-7ubuntu6.1_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-doc_1.6.3-7ubuntu6.1_all.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/koffice-libs_1.6.3-7ubuntu6.1_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/kplato_1.6.3-7ubuntu6.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter-data_1.6.3-7ubuntu6.1_all.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.6.3.orig.tar.gz	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kspread_1.6.3-7ubuntu6.1_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-libs_1.6.3-7ubuntu6.1_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/kugar_1.6.3-7ubuntu6.1_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/kthesaurus_1.6.3-7ubuntu6.1_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/kugar_1.6.3-7ubuntu6.1_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/koffice-dbg_1.6.3-7ubuntu6.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-doc-html_1.6.3-7ubuntu6.1_all.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/kthesaurus_1.6.3-7ubuntu6.1_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/kexi_1.6.3-7ubuntu6.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-data_1.6.3-7ubuntu6.1_all.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/koffice-dev_1.6.3-7ubuntu6.1_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/koshell_1.6.3-7ubuntu6.1_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/kformula_1.6.3-7ubuntu6.1_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/kchart_1.6.3-7ubuntu6.1_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/kpresenter_1.6.3-7ubuntu6.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kthesaurus_1.6.3-7ubuntu6.1_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/kchart_1.6.3-7ubuntu6.1_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/kspread_1.6.3-7ubuntu6.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-libs_1.6.3-7ubuntu6.1_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/koffice-dbg_1.6.3-7ubuntu6.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kformula_1.6.3-7ubuntu6.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter_1.6.3-7ubuntu6.1_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/karbon_1.6.3-7ubuntu6.1_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/krita_1.6.3-7ubuntu6.1_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/kspread_1.6.3-7ubuntu6.1_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/kword_1.6.3-7ubuntu6.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kformula_1.6.3-7ubuntu6.1_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kexi_1.6.3-7ubuntu6.1_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita_1.6.3-7ubuntu6.1_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/kplato_1.6.3-7ubuntu6.1_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/kthesaurus_1.6.3-7ubuntu6.1_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/kformula_1.6.3-7ubuntu6.1_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/kpresenter_1.6.3-7ubuntu6.1_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/kspread_1.6.3-7ubuntu6.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koshell_1.6.3-7ubuntu6.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kplato_1.6.3-7ubuntu6.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kchart_1.6.3-7ubuntu6.1_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter_1.6.3-7ubuntu6.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kthesaurus_1.6.3-7ubuntu6.1_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/kformula_1.6.3-7ubuntu6.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kugar_1.6.3-7ubuntu6.1_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/karbon_1.6.3-7ubuntu6.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dbg_1.6.3-7ubuntu6.1_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/koffice-dev_1.6.3-7ubuntu6.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kexi_1.6.3-7ubuntu6.1_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/krita_1.6.3-7ubuntu6.1_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio-data_1.6.3-7ubuntu6.1_all.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dev_1.6.3-7ubuntu6.1_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dev_1.6.3-7ubuntu6.1_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/kexi_1.6.3-7ubuntu6.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kchart_1.6.3-7ubuntu6.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kplato_1.6.3-7ubuntu6.1_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/koffice-libs_1.6.3-7ubuntu6.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.6.3-7ubuntu6.1.diff.gz	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/kivio_1.6.3-7ubuntu6.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword-data_1.6.3-7ubuntu6.1_all.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/karbon_1.6.3-7ubuntu6.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword_1.6.3-7ubuntu6.1_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/koffice-dbg_1.6.3-7ubuntu6.1_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koshell_1.6.3-7ubuntu6.1_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/koffice-dev_1.6.3-7ubuntu6.1_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/kpresenter_1.6.3-7ubuntu6.1_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio_1.6.3-7ubuntu6.1_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/kivio_1.6.3-7ubuntu6.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dbg_1.6.3-7ubuntu6.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kugar_1.6.3-7ubuntu6.1_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/karbon_1.6.3-7ubuntu6.1_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/koshell_1.6.3-7ubuntu6.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.6.3-7ubuntu6.1_all.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/kchart_1.6.3-7ubuntu6.1_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/kword_1.6.3-7ubuntu6.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio_1.6.3-7ubuntu6.1_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/karbon_1.6.3-7ubuntu6.1_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/kword_1.6.3-7ubuntu6.1_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/k/koffice/kexi_1.6.3-7ubuntu6.1_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita-data_1.6.3-7ubuntu6.1_all.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword_1.6.3-7ubuntu6.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kspread_1.6.3-7ubuntu6.1_amd64.deb	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1196	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-1196	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-1188	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3605	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-3607	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-3938	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3938	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3603	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3606	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1188	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-3604	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3607	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3604	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-3605	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-3603	Trust: 0.1
url:	http://secunia.com/	Trust: 0.1
url:	http://lists.grok.org.uk/full-disclosure-charter.html	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch6_all.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny1_all.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_ia64.deb	Trust: 0.1
url:	http://www.debian.org/security/faq	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_hppa.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_armel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_hppa.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02.orig.tar.gz	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_hppa.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_mips.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01.orig.tar.gz	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-common_3.02-1.4+lenny1_all.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny1.dsc	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_mips.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_armel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch6.diff.gz	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny1.diff.gz	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-common_3.01-9.1+etch6_all.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_amd64.deb	Trust: 0.1
url:	http://packages.debian.org/<pkg>	Trust: 0.1
url:	http://security.debian.org/	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_hppa.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_amd64.deb	Trust: 0.1
url:	http://www.debian.org/security/	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch6.dsc	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_powerpc.deb	Trust: 0.1

CREDITS

Alin Rad Pop Will Dormann

Trust: 0.6

sources: CNNVD: CNNVD-200904-451

SOURCES

db:	CERT/CC	id:	VU#196617
db:	VULHUB	id:	VHN-38625
db:	VULMON	id:	CVE-2009-1179
db:	JVNDB	id:	JVNDB-2009-001263
db:	PACKETSTORM	id:	92846
db:	PACKETSTORM	id:	82088
db:	PACKETSTORM	id:	77104
db:	PACKETSTORM	id:	86958
db:	PACKETSTORM	id:	83554
db:	PACKETSTORM	id:	77279
db:	CNNVD	id:	CNNVD-200904-451
db:	NVD	id:	CVE-2009-1179

LAST UPDATE DATE

2025-04-30T02:34:11.531000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#196617	date:	2012-03-28T00:00:00
db:	VULHUB	id:	VHN-38625	date:	2023-02-13T00:00:00
db:	VULMON	id:	CVE-2009-1179	date:	2023-02-13T00:00:00
db:	JVNDB	id:	JVNDB-2009-001263	date:	2010-05-26T00:00:00
db:	CNNVD	id:	CNNVD-200904-451	date:	2023-04-28T00:00:00
db:	NVD	id:	CVE-2009-1179	date:	2025-04-09T00:30:58.490

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#196617	date:	2009-04-16T00:00:00
db:	VULHUB	id:	VHN-38625	date:	2009-04-23T00:00:00
db:	VULMON	id:	CVE-2009-1179	date:	2009-04-23T00:00:00
db:	JVNDB	id:	JVNDB-2009-001263	date:	2009-05-28T00:00:00
db:	PACKETSTORM	id:	92846	date:	2010-08-17T22:47:11
db:	PACKETSTORM	id:	82088	date:	2009-10-21T03:01:09
db:	PACKETSTORM	id:	77104	date:	2009-04-29T19:11:04
db:	PACKETSTORM	id:	86958	date:	2010-03-06T15:35:47
db:	PACKETSTORM	id:	83554	date:	2009-12-08T01:31:40
db:	PACKETSTORM	id:	77279	date:	2009-05-05T22:51:02
db:	CNNVD	id:	CNNVD-200904-451	date:	2009-04-23T00:00:00
db:	NVD	id:	CVE-2009-1179	date:	2009-04-23T17:30:01.750