| Snyk

Threat Intelligence

38.44% (98^th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk IDSNYK-UBUNTU1810-IPE-672954
published23 Apr 2009
disclosed23 Apr 2009

Report a new vulnerability Found a mistake?

Introduced: 23 Apr 2009

CVE-2009-0195 (opens in a new tab) CWE-119 (opens in a new tab)

Amendment

The Ubuntu security team deemed this advisory irrelevant for Ubuntu:18.10.

NVD Description

Note: Versions mentioned in the description apply only to the upstream ipe package and not the ipe package as distributed by Ubuntu.

Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execute arbitrary code via a PDF file with crafted JBIG2 symbol dictionary segments.

References

http://people.ubuntu.com/~ubuntu-security/cve/CVE-2009-0195
http://www.securityfocus.com/archive/1/502759/100/0/threaded
http://www.securityfocus.com/archive/1/502762/100/0/threaded
https://security-tracker.debian.org/tracker/CVE-2009-0195
http://secunia.com/secunia_research/2009-17/
http://secunia.com/secunia_research/2009-18/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10076
http://rhn.redhat.com/errata/RHSA-2009-0458.html
http://secunia.com/advisories/34291
http://secunia.com/advisories/34481
http://secunia.com/advisories/34756
http://secunia.com/advisories/34963
http://secunia.com/advisories/35064
http://www.securityfocus.com/bid/34791
http://www.vupen.com/english/advisories/2010/1040
http://www.mandriva.com/security/advisories?name=MDVSA-2010:087
http://www.redhat.com/support/errata/RHSA-2009-0480.html