Details of VAR-200904-0808

ID

VAR-200904-0808

CVE

CVE-2009-0146

TITLE

Xpdf and poppler contain multiple vulnerabilities in the processing of JBIG2 data

Trust: 0.8

sources: CERT/CC: VU#196617

DESCRIPTION

Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and (2) JBIG2Stream::readSymbolDictSeg. Xpdf and poppler contain multiple vulnerabilities, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Xpdf and CUPS of JBIG2 The decoder PDF Impaired service operation due to incomplete file processing (DoS) There is a vulnerability that becomes a condition.Crafted by a third party PDF Service disruption by processing files (DoS) There is a possibility of being put into a state. Xpdf is an open source viewer for Portable Document Format (PDF) files. (CVE-2009-0165). (CVE-2009-0163) Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X, has unspecified impact, related to g*allocn. NOTE: the JBIG2Stream.cxx vector may overlap CVE-2009-1179. (CVE-2009-1183) Two integer overflow flaws were found in the CUPS pdftops filter. An attacker could create a malicious PDF file that would cause pdftops to crash or, potentially, execute arbitrary code as the lp user if the file was printed. (CVE-2009-3608, CVE-2009-3609) This update corrects the problems. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0163 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0165 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0791 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0949 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609 _______________________________________________________________________ Updated Packages: Mandriva Linux 2009.0: 5afef470fbd90b1ba91bb3c4ba83d3d9 2009.0/i586/acl-2.2.47-4.1mdv2009.0.i586.rpm f6c458ac101765b7be2b03983f5053e9 2009.0/i586/cups-1.3.10-0.2mdv2009.0.i586.rpm 57e96e7061b8f648555171a54f4de57d 2009.0/i586/cups-common-1.3.10-0.2mdv2009.0.i586.rpm 9ceeca29ea654b5941ce9dc119d77915 2009.0/i586/cups-serial-1.3.10-0.2mdv2009.0.i586.rpm 3de9be03b7c47725cecce48a981623ec 2009.0/i586/libacl1-2.2.47-4.1mdv2009.0.i586.rpm ad812a8c58c3d07c98262df1f3e3f45b 2009.0/i586/libacl-devel-2.2.47-4.1mdv2009.0.i586.rpm 6fddee7c9701335f4b6505ba1a125417 2009.0/i586/libcups2-1.3.10-0.2mdv2009.0.i586.rpm 668ee622e663fef6d458cfc08ac345a3 2009.0/i586/libcups2-devel-1.3.10-0.2mdv2009.0.i586.rpm f02791fa357fd1b11d627184fe6023f9 2009.0/i586/libpoppler3-0.8.7-2.3mdv2009.0.i586.rpm 237284c6152a84eb858256a347250e31 2009.0/i586/libpoppler-devel-0.8.7-2.3mdv2009.0.i586.rpm e6008cb60171a0f2ddbc76a394b87c4b 2009.0/i586/libpoppler-glib3-0.8.7-2.3mdv2009.0.i586.rpm 24755af7d9d2f4dee1c90fc592e9f576 2009.0/i586/libpoppler-glib-devel-0.8.7-2.3mdv2009.0.i586.rpm d7e9ced5a0d7056a27ef2ca3df50188a 2009.0/i586/libpoppler-qt2-0.8.7-2.3mdv2009.0.i586.rpm ddafea6d6ff4be8996d681b50e71360d 2009.0/i586/libpoppler-qt4-3-0.8.7-2.3mdv2009.0.i586.rpm 6debb46b2e51bb9abae8ae224f8db0f1 2009.0/i586/libpoppler-qt4-devel-0.8.7-2.3mdv2009.0.i586.rpm f0fbc61c0e1d631e97f22f6a4d278c70 2009.0/i586/libpoppler-qt-devel-0.8.7-2.3mdv2009.0.i586.rpm ca32c3f529c9a1e676ea8dacc3c6f888 2009.0/i586/php-cups-1.3.10-0.2mdv2009.0.i586.rpm ab5e168e0e4d8e473f45b7a44fb1c8f0 2009.0/i586/poppler-0.8.7-2.3mdv2009.0.i586.rpm 65c09a60591a58ae496b323e0e8fe86a 2009.0/SRPMS/acl-2.2.47-4.1mdv2009.0.src.rpm 089453e069614cf9f4a9b0b81e93706e 2009.0/SRPMS/cups-1.3.10-0.2mdv2009.0.src.rpm be5c0733d2cdd537ac1eea6c995a940f 2009.0/SRPMS/poppler-0.8.7-2.3mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: a76ac52d03f6f4dc3fe1506801e1e21b 2009.0/x86_64/acl-2.2.47-4.1mdv2009.0.x86_64.rpm 525c24a89bab12d3e15b51b4c97d1358 2009.0/x86_64/cups-1.3.10-0.2mdv2009.0.x86_64.rpm 3571d5eb4f123e668b5adf69e986372b 2009.0/x86_64/cups-common-1.3.10-0.2mdv2009.0.x86_64.rpm b39c9243e550ffc65de2237195bc26a4 2009.0/x86_64/cups-serial-1.3.10-0.2mdv2009.0.x86_64.rpm 2837588f649089d0821304b0805d340c 2009.0/x86_64/lib64acl1-2.2.47-4.1mdv2009.0.x86_64.rpm cdfca8cfad651d282f96d40fd75a4596 2009.0/x86_64/lib64acl-devel-2.2.47-4.1mdv2009.0.x86_64.rpm f6af0d4a008cfef6ee33d57e0d968833 2009.0/x86_64/lib64cups2-1.3.10-0.2mdv2009.0.x86_64.rpm 5b60fff9db65f33fef1e8b279d27297f 2009.0/x86_64/lib64cups2-devel-1.3.10-0.2mdv2009.0.x86_64.rpm aae343ba528a86feb7f4f4ea958e6830 2009.0/x86_64/lib64poppler3-0.8.7-2.3mdv2009.0.x86_64.rpm de8da0007d86c8331ab187f03f07f57b 2009.0/x86_64/lib64poppler-devel-0.8.7-2.3mdv2009.0.x86_64.rpm 3dde1055871d4ac1dad4a66017fd0b0a 2009.0/x86_64/lib64poppler-glib3-0.8.7-2.3mdv2009.0.x86_64.rpm 8ccbbd75f41f86c803eb9ccdca254d4c 2009.0/x86_64/lib64poppler-glib-devel-0.8.7-2.3mdv2009.0.x86_64.rpm a1daabbf13cded9a785d62f088c76661 2009.0/x86_64/lib64poppler-qt2-0.8.7-2.3mdv2009.0.x86_64.rpm a2d283827fd14321ab42c8eda701b7f2 2009.0/x86_64/lib64poppler-qt4-3-0.8.7-2.3mdv2009.0.x86_64.rpm 9e2f0f9b23c1365a0b1d49254aab3199 2009.0/x86_64/lib64poppler-qt4-devel-0.8.7-2.3mdv2009.0.x86_64.rpm bb32350e6a9ee7a7be1b3562ed1282fc 2009.0/x86_64/lib64poppler-qt-devel-0.8.7-2.3mdv2009.0.x86_64.rpm cb750cc3313fdb7f045c85aa186735d5 2009.0/x86_64/php-cups-1.3.10-0.2mdv2009.0.x86_64.rpm 8882c7aef8572a7342db51dca0d0f444 2009.0/x86_64/poppler-0.8.7-2.3mdv2009.0.x86_64.rpm 65c09a60591a58ae496b323e0e8fe86a 2009.0/SRPMS/acl-2.2.47-4.1mdv2009.0.src.rpm 089453e069614cf9f4a9b0b81e93706e 2009.0/SRPMS/cups-1.3.10-0.2mdv2009.0.src.rpm be5c0733d2cdd537ac1eea6c995a940f 2009.0/SRPMS/poppler-0.8.7-2.3mdv2009.0.src.rpm Mandriva Enterprise Server 5: 3d022011977e4a10551f4a56251ce5fa mes5/i586/acl-2.2.47-4.1mdvmes5.i586.rpm c29a689a2db186046756a9e5e2c0a8f3 mes5/i586/cups-1.3.10-0.2mdvmes5.i586.rpm 36e0bdd3bbf5e634b55d4694380c84dc mes5/i586/cups-common-1.3.10-0.2mdvmes5.i586.rpm 00c15febde2ad95d12d7635661d47945 mes5/i586/cups-serial-1.3.10-0.2mdvmes5.i586.rpm f4df21360fd911b246a12c1848e53581 mes5/i586/libacl1-2.2.47-4.1mdvmes5.i586.rpm 8aea7eac71eac4b9149d80b4218af3c2 mes5/i586/libacl-devel-2.2.47-4.1mdvmes5.i586.rpm 2e9611bb9cefdb97750fe45670996543 mes5/i586/libcups2-1.3.10-0.2mdvmes5.i586.rpm 1303d2339e5f85a9051385c6c1477e3b mes5/i586/libcups2-devel-1.3.10-0.2mdvmes5.i586.rpm 5ffb04e2aeb3d81c715d321ca7f6493d mes5/i586/libopenslp1-1.2.1-8.1mdvmes5.i586.rpm 5de6f8ac79499f879c2595c91233bbf3 mes5/i586/libopenslp1-devel-1.2.1-8.1mdvmes5.i586.rpm 8bb39d8ce2ad2d4709918445815208fc mes5/i586/libpoppler3-0.8.7-2.3mdvmes5.i586.rpm 0e8f25804f2159b90fdd8e7095131588 mes5/i586/libpoppler-devel-0.8.7-2.3mdvmes5.i586.rpm 9ebc1e0b9b3c82859d739493a858cae9 mes5/i586/libpoppler-glib3-0.8.7-2.3mdvmes5.i586.rpm 51e64a439af77b2312767f7d644a6a4f mes5/i586/libpoppler-glib-devel-0.8.7-2.3mdvmes5.i586.rpm 7c704efde4af7a2a210b5bccd2fedea2 mes5/i586/libpoppler-qt2-0.8.7-2.3mdvmes5.i586.rpm ebfbf333cc37cb01a069228b6f4239b9 mes5/i586/libpoppler-qt4-3-0.8.7-2.3mdvmes5.i586.rpm 308efdd8971843a2d2d62e5259deb313 mes5/i586/libpoppler-qt4-devel-0.8.7-2.3mdvmes5.i586.rpm b8ef53aed48f4495abbda78f967c6b03 mes5/i586/libpoppler-qt-devel-0.8.7-2.3mdvmes5.i586.rpm 41dbe03f2d9348e06e3ba8e3d1f26cc9 mes5/i586/openslp-1.2.1-8.1mdvmes5.i586.rpm 4a30887d3b5cfbe996f6216dfd2af9de mes5/i586/php-cups-1.3.10-0.2mdvmes5.i586.rpm e99f800df740a1104f2e55e454dba0e2 mes5/i586/poppler-0.8.7-2.3mdvmes5.i586.rpm 635e5f08f9bd9bcf938c7e6acc2bcd40 mes5/SRPMS/acl-2.2.47-4.1mdvmes5.src.rpm 45443396fd1b86d7d305d203f058d4f6 mes5/SRPMS/cups-1.3.10-0.2mdvmes5.src.rpm 3f7d68de39f4e1eed0c6095db6c69837 mes5/SRPMS/openslp-1.2.1-8.1mdvmes5.src.rpm 6b77ace4f59963baf78a0ba041070cfe mes5/SRPMS/poppler-0.8.7-2.3mdvmes5.src.rpm Mandriva Enterprise Server 5/X86_64: 3d95d16026af177290e0cea353da380c mes5/x86_64/acl-2.2.47-4.1mdvmes5.x86_64.rpm cb71f3f8b76b599d72fa15930ead4194 mes5/x86_64/cups-1.3.10-0.2mdvmes5.x86_64.rpm c3580a98d4248e4746d1021800916675 mes5/x86_64/cups-common-1.3.10-0.2mdvmes5.x86_64.rpm 39c78f07835385585189c4c984eeb86c mes5/x86_64/cups-serial-1.3.10-0.2mdvmes5.x86_64.rpm b78b05598b1ddd50a0d5ffc1e63a9d5f mes5/x86_64/lib64acl1-2.2.47-4.1mdvmes5.x86_64.rpm 10eb04184447f9a76052a4c57d99f7ab mes5/x86_64/lib64acl-devel-2.2.47-4.1mdvmes5.x86_64.rpm 0696874c98c99972866e26d90ee38d6f mes5/x86_64/lib64cups2-1.3.10-0.2mdvmes5.x86_64.rpm 4bd0ea0f775617400ce40b1c4f957603 mes5/x86_64/lib64cups2-devel-1.3.10-0.2mdvmes5.x86_64.rpm 7e545a67886d3a94f173b84531694cca mes5/x86_64/lib64openslp1-1.2.1-8.1mdvmes5.x86_64.rpm a084b392e3db81f7f7ba9886dc745a67 mes5/x86_64/lib64openslp1-devel-1.2.1-8.1mdvmes5.x86_64.rpm a91173c222b22c42775e545bcd728a74 mes5/x86_64/lib64poppler3-0.8.7-2.3mdvmes5.x86_64.rpm 8b3196f11e5acded6268e8a3e5e2a855 mes5/x86_64/lib64poppler-devel-0.8.7-2.3mdvmes5.x86_64.rpm d805bec2817b0479c45aa54fe36a4c06 mes5/x86_64/lib64poppler-glib3-0.8.7-2.3mdvmes5.x86_64.rpm a5385b959453bfe0cd9f86083866dc18 mes5/x86_64/lib64poppler-glib-devel-0.8.7-2.3mdvmes5.x86_64.rpm 36bd4a56b2e0e681433f37bd06a10a81 mes5/x86_64/lib64poppler-qt2-0.8.7-2.3mdvmes5.x86_64.rpm 237b15170b5066ac55f8a8b4327b80bb mes5/x86_64/lib64poppler-qt4-3-0.8.7-2.3mdvmes5.x86_64.rpm 06c3a86abdac6e1eeda86f916fe06026 mes5/x86_64/lib64poppler-qt4-devel-0.8.7-2.3mdvmes5.x86_64.rpm b5b086ecfbe4629ef2ab3d2d5472d655 mes5/x86_64/lib64poppler-qt-devel-0.8.7-2.3mdvmes5.x86_64.rpm 790c7f128775137459a5d406ddc05c8b mes5/x86_64/openslp-1.2.1-8.1mdvmes5.x86_64.rpm f21671c76a063dfd784ef9afa363777e mes5/x86_64/php-cups-1.3.10-0.2mdvmes5.x86_64.rpm 39d5d335a1564962ac7868c53a2cb2a5 mes5/x86_64/poppler-0.8.7-2.3mdvmes5.x86_64.rpm 635e5f08f9bd9bcf938c7e6acc2bcd40 mes5/SRPMS/acl-2.2.47-4.1mdvmes5.src.rpm 45443396fd1b86d7d305d203f058d4f6 mes5/SRPMS/cups-1.3.10-0.2mdvmes5.src.rpm 3f7d68de39f4e1eed0c6095db6c69837 mes5/SRPMS/openslp-1.2.1-8.1mdvmes5.src.rpm 6b77ace4f59963baf78a0ba041070cfe mes5/SRPMS/poppler-0.8.7-2.3mdvmes5.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFK3N0BmqjQ0CJFipgRAvcCAJ4hYpfRAN3/ki8VBji+B/PMrRZlUwCgqkiE kgmoMK5ov330kU4qfIGFxlM= =aISl -----END PGP SIGNATURE----- . NOTE: some of these details are obtained from third party information (CVE-2010-0739). For the old stable distribution (etch), these problems have been fixed in version 3.01-9.1+etch6. For the stable distribution (lenny), these problems have been fixed in version 3.02-1.4+lenny1. For the unstable distribution (sid), these problems will be fixed in a forthcoming version. We recommend that you upgrade your xpdf packages. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - ------------------------------- Debian GNU/Linux 5.0 alias lenny - -------------------------------- Debian (oldstable) - ------------------ Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch6.dsc Size/MD5 checksum: 974 9c04059981f8b036d7e6e39c7f0aeb21 http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch6.diff.gz Size/MD5 checksum: 46835 c69a67b9ff487403e7c3ff819c6ff734 http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01.orig.tar.gz Size/MD5 checksum: 599778 e004c69c7dddef165d768b1362b44268 Architecture independent packages: http://security.debian.org/pool/updates/main/x/xpdf/xpdf-common_3.01-9.1+etch6_all.deb Size/MD5 checksum: 62834 dd8f37161c3b2430cb1cd65c911e9f86 http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch6_all.deb Size/MD5 checksum: 1278 d6da8e00b02ab3f17ec44b90fff6bb30 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_alpha.deb Size/MD5 checksum: 920352 83b7d74d9ebae9b26da91de7c91d3502 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_alpha.deb Size/MD5 checksum: 1687294 9862913548fff9bfda37a6fe075df5b0 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_amd64.deb Size/MD5 checksum: 809202 171520d7642019943bfe7166876f5da5 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_amd64.deb Size/MD5 checksum: 1493308 9575f135e9ec312f9e6d7d2517dd8f5b arm architecture (ARM) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_arm.deb Size/MD5 checksum: 803714 6db06ffcba7f6d7576ed356e7989557d http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_arm.deb Size/MD5 checksum: 1468616 9afde01dda379acd4e7edfbccc7c7b2d hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_hppa.deb Size/MD5 checksum: 1773794 c9012a9d3919ec40dcea1264ac27a6fe http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_hppa.deb Size/MD5 checksum: 963060 565daaf6f15ff7593d560ef7a2f94364 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_i386.deb Size/MD5 checksum: 796992 5270bef04f1c2e924b813dffe6050d89 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_i386.deb Size/MD5 checksum: 1458826 b2f3cbaac0ffcce0bb8d7e656bf11b02 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_ia64.deb Size/MD5 checksum: 1217142 afeaf9bfc66ebb69767703bfb30bbd4c http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_ia64.deb Size/MD5 checksum: 2218472 6545e9b6f58a84c0daa76baa8a0db629 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_mipsel.deb Size/MD5 checksum: 946638 5323268be89e54c5c8eb7ae13f0eab14 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_mipsel.deb Size/MD5 checksum: 1721268 0b710c0bcc6ffefe29f683ab09d3cbe8 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_powerpc.deb Size/MD5 checksum: 1554798 eadd6236b778761086d436dd8db986e4 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_powerpc.deb Size/MD5 checksum: 849204 d22f5d59f03d6484e149d7536a25a517 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_s390.deb Size/MD5 checksum: 1401814 0e3f588c64e8fa9a102ebcae29c4d807 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_s390.deb Size/MD5 checksum: 767392 4b7c1a868f2f909c2dce25087da77817 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_sparc.deb Size/MD5 checksum: 1394680 8b17e2339e2a908a610271eb678495b1 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_sparc.deb Size/MD5 checksum: 763618 f3897333018702ee926e41ca5f58dc92 Debian (stable) - --------------- Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny1.dsc Size/MD5 checksum: 1266 faeebc4dfc74129ca708a6345bb483f7 http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02.orig.tar.gz Size/MD5 checksum: 674912 599dc4cc65a07ee868cf92a667a913d2 http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny1.diff.gz Size/MD5 checksum: 42280 362f72e95494f51a19eeb898b9a527ac Architecture independent packages: http://security.debian.org/pool/updates/main/x/xpdf/xpdf-common_3.02-1.4+lenny1_all.deb Size/MD5 checksum: 67664 b5f063bf32cbeaf1aaeec315dc8aff0a http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny1_all.deb Size/MD5 checksum: 1268 f67780458dac3c38cd59bfde186f9a3b alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_alpha.deb Size/MD5 checksum: 1896344 f65f591413c25a23ea2aaccba2b5b634 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_alpha.deb Size/MD5 checksum: 1018434 cb679c93bbc428ea852bd4ef3103e42d amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_amd64.deb Size/MD5 checksum: 1709514 1e1277251a6dd0bb0a551997efd39175 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_amd64.deb Size/MD5 checksum: 921892 fb7de1db5e3885365c3ad74c3646ab57 arm architecture (ARM) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_arm.deb Size/MD5 checksum: 1667088 58ddefe40598d6fe4a5016145163ef45 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_arm.deb Size/MD5 checksum: 907908 881594298fe547cefa3d528c519d369f armel architecture (ARM EABI) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_armel.deb Size/MD5 checksum: 886242 51d55f7c4de41c5d4051f41fde9b7389 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_armel.deb Size/MD5 checksum: 1602392 bc996edfad6d1995cb4ef2f4c7760b51 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_hppa.deb Size/MD5 checksum: 1076286 fa3ac4a1001abf3e892bb1397b06ff17 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_hppa.deb Size/MD5 checksum: 1985520 e95263d094e2c8d6aa72ee1edb9105f3 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_i386.deb Size/MD5 checksum: 876656 441042932886fa29adae731338f6b5bd http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_i386.deb Size/MD5 checksum: 1611730 52516381da25dbb0c1145e2b7cdf692a ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_ia64.deb Size/MD5 checksum: 1380222 0ffaee560534c9d69df433340679c8fc http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_ia64.deb Size/MD5 checksum: 2519970 eb4f4e5c173557fa8ae713f123cbb193 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_mips.deb Size/MD5 checksum: 1894924 58b336b114ef5c8fb9fc6244411b4cf4 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_mips.deb Size/MD5 checksum: 1040834 ae8ed06ea2ed07e3a064c6bd28e80933 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_mipsel.deb Size/MD5 checksum: 1026954 eac8167230b8fa208cdbc5b196f0c624 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_mipsel.deb Size/MD5 checksum: 1872050 8f2e99ce5a102d099ba22543f246d5bd powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_powerpc.deb Size/MD5 checksum: 1788584 7d1466cc8770bd92f299c1cc772f64e7 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_powerpc.deb Size/MD5 checksum: 968838 7cc8568d6b74348300066e42b27f90c2 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_s390.deb Size/MD5 checksum: 871666 1dde93a4cc0a28b90f92c05f0d181079 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_s390.deb Size/MD5 checksum: 1598270 201ad07e4853843dce22f22daa41fd35 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_sparc.deb Size/MD5 checksum: 863662 446f2d8fe6483d3741648c4db1ff5b82 http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_sparc.deb Size/MD5 checksum: 1586262 52861c00f406c35db8a6e6f3269cc37d These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFKAJvfYrVLjBFATsMRAvL3AJ48hk1Vsp4ZvDGoQfwOunErKHxElQCfepN+ rFYyqIcPRzz8zBGVGObkTr8= =xhzW -----END PGP SIGNATURE-----

Trust: 2.79

sources: NVD: CVE-2009-0146 // CERT/CC: VU#196617 // JVNDB: JVNDB-2009-001258 // VULHUB: VHN-37592 // PACKETSTORM: 77104 // PACKETSTORM: 82087 // PACKETSTORM: 89656 // PACKETSTORM: 77279

AFFECTED PRODUCTS

vendor:	apple	model:	cups	scope:	eq	version:	1.1.18	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.10-1	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.20	Trust: 1.0
vendor:	foolabs	model:	xpdf	scope:	eq	version:	0.91c	Trust: 1.0
vendor:	foolabs	model:	xpdf	scope:	eq	version:	0.92e	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.7	Trust: 1.0
vendor:	foolabs	model:	xpdf	scope:	eq	version:	0.93a	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.6-3	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.12	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	2.02	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	0.92	Trust: 1.0
vendor:	foolabs	model:	xpdf	scope:	eq	version:	0.92c	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.3.6	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	0.5	Trust: 1.0
vendor:	foolabs	model:	xpdf	scope:	eq	version:	0.92d	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	2.03	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	0.4	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.1	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.12	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.8	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.17	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.3.11	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.16	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.3	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.13	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	2.00	Trust: 1.0
vendor:	foolabs	model:	xpdf	scope:	eq	version:	0.5a	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.3.7	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.5-1	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.6-1	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.19	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	2.01	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.3.2	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.4	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.23	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.10	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	3.01	Trust: 1.0
vendor:	apple	model:	cups	scope:	lte	version:	1.3.9	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.9	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.22	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	0.2	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	3.00	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.3.1	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.3.5	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.5	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	lte	version:	3.02	Trust: 1.0
vendor:	foolabs	model:	xpdf	scope:	eq	version:	0.91a	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.5	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	1.01	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.3.8	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.9	Trust: 1.0
vendor:	foolabs	model:	xpdf	scope:	eq	version:	0.93b	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.10	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	0.90	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.9-1	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.11	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	0.6	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.2	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.3	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.3.10	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.5-2	Trust: 1.0
vendor:	foolabs	model:	xpdf	scope:	eq	version:	0.91b	Trust: 1.0
vendor:	foolabs	model:	xpdf	scope:	eq	version:	0.92b	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.4	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.21	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.0	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.8	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.3.3	Trust: 1.0
vendor:	foolabs	model:	xpdf	scope:	eq	version:	1.00a	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	0.93	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.2	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	0.91	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.6	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.15	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.3.4	Trust: 1.0
vendor:	foolabs	model:	xpdf	scope:	eq	version:	0.93c	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	0.3	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	0.80	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.6-2	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	1.00	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.7	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.3.0	Trust: 1.0
vendor:	foolabs	model:	xpdf	scope:	eq	version:	0.92a	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.14	Trust: 1.0
vendor:	foolabs	model:	xpdf	scope:	eq	version:	0.7a	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.1	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.6	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.11	Trust: 1.0
vendor:	glyphandcog	model:	xpdfreader	scope:	eq	version:	0.7	Trust: 1.0
vendor:	apple computer	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	debian gnu linux	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	fedora	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	gentoo linux	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	mandriva s a	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	novell	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	poppler	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	red hat	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	research in motion rim	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	suse linux	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	slackware linux	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	turbolinux	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	ubuntu	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	xpdf	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	cups	model:	cups	scope:	lte	version:	1.3.9	Trust: 0.8
vendor:	glyph cog	model:	xpdf	scope:	lte	version:	3.02pl2	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	v10.4.11	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	v10.5 to v10.5.6	Trust: 0.8
vendor:	apple	model:	mac os x server	scope:	eq	version:	v10.4.11	Trust: 0.8
vendor:	apple	model:	mac os x server	scope:	eq	version:	v10.5 to v10.5.6	Trust: 0.8
vendor:	apple	model:	ios	scope:	eq	version:	1.0 to 2.2.1	Trust: 0.8
vendor:	apple	model:	ios for ipod touch	scope:	eq	version:	1.1 to 2.2.1	Trust: 0.8
vendor:	cybertrust	model:	asianux server	scope:	eq	version:	3 (x86)	Trust: 0.8
vendor:	cybertrust	model:	asianux server	scope:	eq	version:	3 (x86-64)	Trust: 0.8
vendor:	cybertrust	model:	asianux server	scope:	eq	version:	4.0	Trust: 0.8
vendor:	cybertrust	model:	asianux server	scope:	eq	version:	4.0 (x86-64)	Trust: 0.8
vendor:	turbo linux	model:	turbolinux appliance server	scope:	eq	version:	3.0	Trust: 0.8
vendor:	turbo linux	model:	turbolinux appliance server	scope:	eq	version:	3.0 (x64)	Trust: 0.8
vendor:	turbo linux	model:	turbolinux client	scope:	eq	version:	2008	Trust: 0.8
vendor:	turbo linux	model:	turbolinux server	scope:	eq	version:	11	Trust: 0.8
vendor:	turbo linux	model:	turbolinux server	scope:	eq	version:	11 (x64)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	3 (as)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	3 (es)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	3 (ws)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	4 (as)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	4 (es)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	4 (ws)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	4.7 (as)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	4.7 (es)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	4.8 (as)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	4.8 (es)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	5 (server)	Trust: 0.8
vendor:	red hat	model:	enterprise linux desktop	scope:	eq	version:	3.0	Trust: 0.8
vendor:	red hat	model:	enterprise linux desktop	scope:	eq	version:	4.0	Trust: 0.8
vendor:	red hat	model:	enterprise linux desktop	scope:	eq	version:	5.0 (client)	Trust: 0.8
vendor:	red hat	model:	enterprise linux eus	scope:	eq	version:	5.3.z (server)	Trust: 0.8
vendor:	red hat	model:	rhel desktop workstation	scope:	eq	version:	5 (client)	Trust: 0.8
vendor:	red hat	model:	rhel optional productivity applications	scope:	eq	version:	5 (server)	Trust: 0.8
vendor:	red hat	model:	rhel optional productivity applications eus	scope:	eq	version:	5.3.z (server)	Trust: 0.8

sources: CERT/CC: VU#196617 // JVNDB: JVNDB-2009-001258 // NVD: CVE-2009-0146

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2009-0146
value:	MEDIUM
Trust: 1.0
CARNEGIE MELLON:	VU#196617
value:	HIGH
Trust: 0.8
NVD:	CVE-2009-0146
value:	MEDIUM
Trust: 0.8
VULHUB:	VHN-37592
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2009-0146
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CARNEGIE MELLON:	VU#196617
severity:	HIGH
baseScore:	9.0
vectorString:	NONE
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	9.5
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-37592
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#196617 // VULHUB: VHN-37592 // JVNDB: JVNDB-2009-001258 // NVD: CVE-2009-0146

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-37592 // JVNDB: JVNDB-2009-001258 // NVD: CVE-2009-0146

TYPE

overflow

Trust: 0.2

sources: PACKETSTORM: 77104 // PACKETSTORM: 82087

CONFIGURATIONS

sources: JVNDB: JVNDB-2009-001258

EXPLOIT AVAILABILITY

sources: CERT/CC: VU#196617 // VULHUB: VHN-37592

PATCH

title:	HT3549	url:	http://support.apple.com/kb/HT3549	Trust: 0.8
title:	HT3639	url:	http://support.apple.com/kb/HT3639	Trust: 0.8
title:	HT3549	url:	http://support.apple.com/kb/HT3549?viewlocale=ja_JP	Trust: 0.8
title:	HT3639	url:	http://support.apple.com/kb/HT3639?viewlocale=ja_JP	Trust: 0.8
title:	poppler-0.5.4-4.4.9.1AXS3	url:	https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=437	Trust: 0.8
title:	kdegraphics-3.5.5-3.5AXS3	url:	https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=766	Trust: 0.8
title:	tetex-3.0-33.8.5.0.1.AXS3	url:	https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=1040	Trust: 0.8
title:	cups-1.3.7-8.4.1AXS3	url:	https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=428	Trust: 0.8
title:	Top Page	url:	http://www.cups.org/	Trust: 0.8
title:	1710	url:	http://www.miraclelinux.com/support/index.php?q=node/99&errata_id=1710	Trust: 0.8
title:	2059	url:	http://www.miraclelinux.com/support/index.php?q=node/99&errata_id=2059	Trust: 0.8
title:	1714	url:	http://www.miraclelinux.com/support/index.php?q=node/99&errata_id=1714	Trust: 0.8
title:	RHSA-2010:0399	url:	https://rhn.redhat.com/errata/RHSA-2010-0399.html	Trust: 0.8
title:	RHSA-2010:0400	url:	https://rhn.redhat.com/errata/RHSA-2010-0400.html	Trust: 0.8
title:	RHSA-2009:0430	url:	https://rhn.redhat.com/errata/RHSA-2009-0430.html	Trust: 0.8
title:	RHSA-2009:0431	url:	https://rhn.redhat.com/errata/RHSA-2009-0431.html	Trust: 0.8
title:	RHSA-2009:0458	url:	https://rhn.redhat.com/errata/RHSA-2009-0458.html	Trust: 0.8
title:	RHSA-2009:0480	url:	https://rhn.redhat.com/errata/RHSA-2009-0480.html	Trust: 0.8
title:	RHSA-2009:0429	url:	https://rhn.redhat.com/errata/RHSA-2009-0429.html	Trust: 0.8
title:	Top Page	url:	http://www.foolabs.com/xpdf/	Trust: 0.8
title:	RHSA-2009:0430	url:	https://www.jp.redhat.com/support/errata/RHSA/RHSA-2009-0430J.html	Trust: 0.8
title:	RHSA-2009:0429	url:	https://www.jp.redhat.com/support/errata/RHSA/RHSA-2009-0429J.html	Trust: 0.8
title:	RHSA-2009:0431	url:	https://www.jp.redhat.com/support/errata/RHSA/RHSA-2009-0431J.html	Trust: 0.8
title:	RHSA-2009:0458	url:	https://www.jp.redhat.com/support/errata/RHSA/RHSA-2009-0458J.html	Trust: 0.8
title:	RHSA-2009:0480	url:	https://www.jp.redhat.com/support/errata/RHSA/RHSA-2009-0480J.html	Trust: 0.8
title:	TLSA-2010-13	url:	http://www.turbolinux.co.jp/security/2010/TLSA-2010-13j.txt	Trust: 0.8

sources: JVNDB: JVNDB-2009-001258

EXTERNAL IDS

db:	BID	id:	34568	Trust: 2.7
db:	SECUNIA	id:	34291	Trust: 2.7
db:	NVD	id:	CVE-2009-0146	Trust: 2.3
db:	SECUNIA	id:	34481	Trust: 1.9
db:	SECUNIA	id:	34756	Trust: 1.9
db:	SECUNIA	id:	35074	Trust: 1.9
db:	SECUNIA	id:	35064	Trust: 1.9
db:	SECUNIA	id:	34755	Trust: 1.9
db:	VUPEN	id:	ADV-2009-1066	Trust: 1.9
db:	VUPEN	id:	ADV-2009-1297	Trust: 1.9
db:	VUPEN	id:	ADV-2009-1077	Trust: 1.9
db:	VUPEN	id:	ADV-2009-1065	Trust: 1.9
db:	SECTRACK	id:	1022073	Trust: 1.9
db:	USCERT	id:	TA09-133A	Trust: 1.9
db:	SECUNIA	id:	35618	Trust: 1.1
db:	SECUNIA	id:	35065	Trust: 1.1
db:	SECUNIA	id:	35685	Trust: 1.1
db:	SECUNIA	id:	34963	Trust: 1.1
db:	SECUNIA	id:	35037	Trust: 1.1
db:	SECUNIA	id:	34852	Trust: 1.1
db:	SECUNIA	id:	34959	Trust: 1.1
db:	SECUNIA	id:	34991	Trust: 1.1
db:	VUPEN	id:	ADV-2009-1621	Trust: 1.1
db:	VUPEN	id:	ADV-2010-1040	Trust: 1.1
db:	SECTRACK	id:	1022072	Trust: 0.8
db:	CERT/CC	id:	VU#196617	Trust: 0.8
db:	JVNDB	id:	JVNDB-2009-001258	Trust: 0.8
db:	PACKETSTORM	id:	82087	Trust: 0.2
db:	PACKETSTORM	id:	77104	Trust: 0.2
db:	PACKETSTORM	id:	77279	Trust: 0.2
db:	PACKETSTORM	id:	89656	Trust: 0.2
db:	PACKETSTORM	id:	83554	Trust: 0.1
db:	PACKETSTORM	id:	76918	Trust: 0.1
db:	PACKETSTORM	id:	89072	Trust: 0.1
db:	PACKETSTORM	id:	92846	Trust: 0.1
db:	PACKETSTORM	id:	76751	Trust: 0.1
db:	PACKETSTORM	id:	82088	Trust: 0.1
db:	PACKETSTORM	id:	77313	Trust: 0.1
db:	PACKETSTORM	id:	77000	Trust: 0.1
db:	PACKETSTORM	id:	123523	Trust: 0.1
db:	PACKETSTORM	id:	83707	Trust: 0.1
db:	PACKETSTORM	id:	84482	Trust: 0.1
db:	PACKETSTORM	id:	82086	Trust: 0.1
db:	VULHUB	id:	VHN-37592	Trust: 0.1

sources: CERT/CC: VU#196617 // VULHUB: VHN-37592 // PACKETSTORM: 77104 // PACKETSTORM: 82087 // PACKETSTORM: 89656 // PACKETSTORM: 77279 // JVNDB: JVNDB-2009-001258 // NVD: CVE-2009-0146

REFERENCES

url:	http://www.securityfocus.com/bid/34568	Trust: 2.7
url:	http://www.debian.org/security/2009/dsa-1790	Trust: 1.9
url:	http://support.apple.com/kb/ht3549	Trust: 1.9
url:	http://www.us-cert.gov/cas/techalerts/ta09-133a.html	Trust: 1.9
url:	http://www.securitytracker.com/id?1022073	Trust: 1.9
url:	http://secunia.com/advisories/34291	Trust: 1.9
url:	http://secunia.com/advisories/34481	Trust: 1.9
url:	http://secunia.com/advisories/34755	Trust: 1.9
url:	http://secunia.com/advisories/34756	Trust: 1.9
url:	http://secunia.com/advisories/35064	Trust: 1.9
url:	http://secunia.com/advisories/35074	Trust: 1.9
url:	http://www.vupen.com/english/advisories/2009/1065	Trust: 1.9
url:	http://www.vupen.com/english/advisories/2009/1066	Trust: 1.9
url:	http://www.vupen.com/english/advisories/2009/1077	Trust: 1.9
url:	http://www.vupen.com/english/advisories/2009/1297	Trust: 1.9
url:	http://lists.apple.com/archives/security-announce/2009/may/msg00002.html	Trust: 1.1
url:	http://lists.apple.com/archives/security-announce/2009/jun/msg00005.html	Trust: 1.1
url:	http://www.securityfocus.com/archive/1/502761/100/0/threaded	Trust: 1.1
url:	http://www.securityfocus.com/archive/1/502750/100/0/threaded	Trust: 1.1
url:	http://bugs.gentoo.org/show_bug.cgi?id=263028	Trust: 1.1
url:	http://support.apple.com/kb/ht3639	Trust: 1.1
url:	http://wiki.rpath.com/advisories:rpsa-2009-0059	Trust: 1.1
url:	http://wiki.rpath.com/advisories:rpsa-2009-0061	Trust: 1.1
url:	https://bugzilla.redhat.com/show_bug.cgi?id=490612	Trust: 1.1
url:	http://www.debian.org/security/2009/dsa-1793	Trust: 1.1
url:	https://www.redhat.com/archives/fedora-package-announce/2009-july/msg00567.html	Trust: 1.1
url:	https://www.redhat.com/archives/fedora-package-announce/2009-june/msg01277.html	Trust: 1.1
url:	https://www.redhat.com/archives/fedora-package-announce/2009-june/msg01291.html	Trust: 1.1
url:	http://security.gentoo.org/glsa/glsa-200904-20.xml	Trust: 1.1
url:	http://www.mandriva.com/security/advisories?name=mdvsa-2009:101	Trust: 1.1
url:	http://www.mandriva.com/security/advisories?name=mdvsa-2010:087	Trust: 1.1
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9632	Trust: 1.1
url:	http://www.redhat.com/support/errata/rhsa-2009-0429.html	Trust: 1.1
url:	http://www.redhat.com/support/errata/rhsa-2009-0430.html	Trust: 1.1
url:	http://www.redhat.com/support/errata/rhsa-2009-0431.html	Trust: 1.1
url:	http://rhn.redhat.com/errata/rhsa-2009-0458.html	Trust: 1.1
url:	http://www.redhat.com/support/errata/rhsa-2009-0480.html	Trust: 1.1
url:	http://secunia.com/advisories/34852	Trust: 1.1
url:	http://secunia.com/advisories/34959	Trust: 1.1
url:	http://secunia.com/advisories/34963	Trust: 1.1
url:	http://secunia.com/advisories/34991	Trust: 1.1
url:	http://secunia.com/advisories/35037	Trust: 1.1
url:	http://secunia.com/advisories/35065	Trust: 1.1
url:	http://secunia.com/advisories/35618	Trust: 1.1
url:	http://secunia.com/advisories/35685	Trust: 1.1
url:	http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html	Trust: 1.1
url:	http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html	Trust: 1.1
url:	http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2009/1621	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2010/1040	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0146	Trust: 1.1
url:	http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477	Trust: 1.0
url:	http://cgit.freedesktop.org/poppler/poppler/commit/?id=9f1312f3d7dfa7e536606a7c7296b7c876b11c00	Trust: 0.8
url:	ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl3.patch	Trust: 0.8
url:	http://www.ubuntu.com/usn/usn-759-1	Trust: 0.8
url:	http://blackberry.com/btsc/kb17953	Trust: 0.8
url:	http://rhn.redhat.com/errata/rhsa-2009-0429.html	Trust: 0.8
url:	http://rhn.redhat.com/errata/rhsa-2009-0431.html	Trust: 0.8
url:	http://www.mandriva.com/en/security/advisories?name=mdvsa-2009:101	Trust: 0.8
url:	http://secunia.com/advisories/34291/	Trust: 0.8
url:	http://www.securitytracker.com/alerts/2009/apr/1022072.html	Trust: 0.8
url:	http://jvn.jp/cert/jvnvu196617/index.html	Trust: 0.8
url:	http://jvn.jp/cert/jvnta09-133a/	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-0146	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2009-0166	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2009-0147	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2009-0146	Trust: 0.4
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0147	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2009-1180	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2009-1179	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2009-1182	Trust: 0.3
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0166	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2009-0799	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2009-0165	Trust: 0.3
url:	http://www.mandriva.com/security/	Trust: 0.3
url:	http://www.mandriva.com/security/advisories	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2009-0800	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2009-1181	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2009-1183	Trust: 0.3
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1181	Trust: 0.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0800	Trust: 0.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0799	Trust: 0.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0165	Trust: 0.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1180	Trust: 0.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1183	Trust: 0.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1182	Trust: 0.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1179	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2009-0195	Trust: 0.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3608	Trust: 0.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0195	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2009-3608	Trust: 0.2
url:	http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0163	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-0791	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-3609	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3609	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0791	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-0163	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0949	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-0949	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1284	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-1440	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-0827	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0829	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1440	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-0739	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-1284	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0827	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-0829	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0739	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch6_all.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny1_all.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_ia64.deb	Trust: 0.1
url:	http://www.debian.org/security/faq	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_hppa.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_armel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_hppa.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02.orig.tar.gz	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_hppa.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_mips.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01.orig.tar.gz	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-common_3.02-1.4+lenny1_all.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny1.dsc	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_mips.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_armel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch6.diff.gz	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny1.diff.gz	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-common_3.01-9.1+etch6_all.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny1_amd64.deb	Trust: 0.1
url:	http://packages.debian.org/<pkg>	Trust: 0.1
url:	http://security.debian.org/	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_hppa.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch6_amd64.deb	Trust: 0.1
url:	http://www.debian.org/security/	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch6_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch6.dsc	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny1_powerpc.deb	Trust: 0.1

CREDITS

Mandriva

Trust: 0.3

sources: PACKETSTORM: 77104 // PACKETSTORM: 82087 // PACKETSTORM: 89656

SOURCES

db:	CERT/CC	id:	VU#196617
db:	VULHUB	id:	VHN-37592
db:	PACKETSTORM	id:	77104
db:	PACKETSTORM	id:	82087
db:	PACKETSTORM	id:	89656
db:	PACKETSTORM	id:	77279
db:	JVNDB	id:	JVNDB-2009-001258
db:	NVD	id:	CVE-2009-0146

LAST UPDATE DATE

2026-02-06T21:04:43.759000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#196617	date:	2012-03-28T00:00:00
db:	VULHUB	id:	VHN-37592	date:	2019-03-06T00:00:00
db:	JVNDB	id:	JVNDB-2009-001258	date:	2010-06-01T00:00:00
db:	NVD	id:	CVE-2009-0146	date:	2025-04-09T00:30:58.490

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#196617	date:	2009-04-16T00:00:00
db:	VULHUB	id:	VHN-37592	date:	2009-04-23T00:00:00
db:	PACKETSTORM	id:	77104	date:	2009-04-29T19:11:04
db:	PACKETSTORM	id:	82087	date:	2009-10-21T02:57:54
db:	PACKETSTORM	id:	89656	date:	2010-05-19T04:25:31
db:	PACKETSTORM	id:	77279	date:	2009-05-05T22:51:02
db:	JVNDB	id:	JVNDB-2009-001258	date:	2009-05-27T00:00:00
db:	NVD	id:	CVE-2009-0146	date:	2009-04-23T17:30:01.547