Launchpad.net

CVE 2009-0166

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory.

Related bugs and status

CVE-2009-0166 (Candidate) is related to these bugs:

Bug #361875: FreezeException for poppler (12 different CVE numbers)

Summary				In	Importance	Status
	361875	FreezeException for poppler (12 different CVE numbers)		poppler (Ubuntu)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://bugzilla.redha...
REDHAT: RHSA-2009:0430
SECUNIA: 34755
REDHAT: RHSA-2009:0429
REDHAT: RHSA-2009:0431
SUSE: SUSE-SA:2009:024
BID: 34568
SECTRACK: 1022073
SECUNIA: 34291
SECUNIA: 34481
SECUNIA: 34852
VUPEN: ADV-2009-1065
VUPEN: ADV-2009-1066
VUPEN: ADV-2009-1077
CONFIRM: http://wiki.rpath.com/...
GENTOO: GLSA-200904-20
SECUNIA: 34756
MANDRIVA: MDVSA-2009:101
DEBIAN: DSA-1790
SECUNIA: 34959
REDHAT: RHSA-2009:0458
SECUNIA: 34963
SECUNIA: 35037
SUSE: SUSE-SR:2009:010
SECUNIA: 35065
REDHAT: RHSA-2009:0480
DEBIAN: DSA-1793
SECUNIA: 34991
SECUNIA: 35064
SUSE: SUSE-SR:2009:012
FEDORA: FEDORA-2009-6973
FEDORA: FEDORA-2009-6982
SECUNIA: 35618
SECUNIA: 35685
FEDORA: FEDORA-2009-6972
MANDRIVA: MDVSA-2010:087
VUPEN: ADV-2010-1040
SLACKWARE: SSA:2009-129-01
OVAL: oval:org.mitre.oval:de...
BUGTRAQ: 20090417 rPSA-2009-006...