Search CVE reports

81 – 90 of 142 results

Detailed view

Sort by:

CVE-2009-0949

Medium priority

Fixed

The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and...

2 affected packages

cups, cupsys

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
cups	—	—	—	—
cupsys	—	—	—	—

CVE-2009-0791

Medium priority

Not affected

Multiple integer overflows in Xpdf 2.x and 3.x and Poppler 0.x, as used in the pdftops filter in CUPS 1.1.17, 1.1.22, and 1.3.7, GPdf, and kdegraphics KPDF, allow remote attackers to cause a denial of service (application crash)...

2 affected packages

cups, cupsys

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
cups	—	—	—	—
cupsys	—	—	—	—

CVE-2009-0164

Low priority

Ignored

The web interface for CUPS before 1.3.10 does not validate the HTTP Host header in a client request, which makes it easier for remote attackers to conduct DNS rebinding attacks.

2 affected packages

cups, cupsys

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
cups	—	—	—	—
cupsys	—	—	—	—

CVE-2009-0163

Medium priority

Fixed

Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and earlier allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a crafted TIFF image, which is not properly...

2 affected packages

cups, cupsys

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
cups	—	—	—	—
cupsys	—	—	—	—

CVE-2009-1188

Medium priority

Some fixes available 34 of 74

Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to...

14 affected packages

koffice, xpdf, libextractor, cups, cupsys...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
koffice	—	Not in release	Not in release	Not in release
xpdf	—	Not affected	Not in release	Not affected
libextractor	—	Not affected	Not affected	Not affected
cups	—	Not affected	Not affected	Not affected
cupsys	—	Not in release	Not in release	Not in release
evince	—	Not affected	Not affected	Not affected
gpdf	—	Not in release	Not in release	Not in release
ipe	—	Not affected	Not affected	Not affected
kdegraphics	—	Not in release	Not in release	Not in release
pdfkit.framework	—	Not in release	Not in release	Not in release
pdftohtml	—	Not in release	Not in release	Not in release
poppler	—	Fixed	Fixed	Fixed
tetex-bin	—	Not in release	Not in release	Not in release
texlive-bin	—	Not affected	Not affected	Not affected

CVE-2009-1187

Medium priority

Some fixes available 5 of 19

Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).

14 affected packages

cupsys, cups, evince, gpdf, ipe...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
cupsys	—	—	—	—
cups	—	—	—	—
evince	—	—	—	—
gpdf	—	—	—	—
ipe	—	—	—	—
kdegraphics	—	—	—	—
koffice	—	—	—	—
libextractor	—	—	—	—
pdfkit.framework	—	—	—	—
pdftohtml	—	—	—	—
poppler	—	—	—	—
tetex-bin	—	—	—	—
texlive-bin	—	—	—	—
xpdf	—	—	—	—

CVE-2009-1183

Medium priority

Some fixes available 34 of 76

The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file.

14 affected packages

cups, cupsys, evince, gpdf, ipe...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
cups	—	Not affected	Not affected	Not affected
cupsys	—	Not in release	Not in release	Not in release
evince	—	Not affected	Not affected	Not affected
gpdf	—	Not in release	Not in release	Not in release
ipe	—	Not affected	Not affected	Not affected
kdegraphics	—	Not in release	Not in release	Not in release
koffice	—	Not in release	Not in release	Not in release
libextractor	—	Not affected	Not affected	Not affected
pdfkit.framework	—	Not in release	Not in release	Not in release
pdftohtml	—	Not in release	Not in release	Not in release
poppler	—	Fixed	Fixed	Fixed
tetex-bin	—	Not in release	Not in release	Not in release
texlive-bin	—	Not affected	Not affected	Not affected
xpdf	—	Not affected	Not in release	Not affected

CVE-2009-1182

Medium priority

Some fixes available 34 of 76

Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.

14 affected packages

cupsys, gpdf, cups, evince, ipe...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
cupsys	—	Not in release	Not in release	Not in release
gpdf	—	Not in release	Not in release	Not in release
cups	—	Not affected	Not affected	Not affected
evince	—	Not affected	Not affected	Not affected
ipe	—	Not affected	Not affected	Not affected
kdegraphics	—	Not in release	Not in release	Not in release
koffice	—	Not in release	Not in release	Not in release
libextractor	—	Not affected	Not affected	Not affected
pdfkit.framework	—	Not in release	Not in release	Not in release
pdftohtml	—	Not in release	Not in release	Not in release
poppler	—	Fixed	Fixed	Fixed
tetex-bin	—	Not in release	Not in release	Not in release
texlive-bin	—	Not affected	Not affected	Not affected
xpdf	—	Not affected	Not in release	Not affected

CVE-2009-1181

Medium priority

Some fixes available 35 of 78

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a NULL pointer dereference.

14 affected packages

cups, libextractor, cupsys, evince, gpdf...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
cups	—	Not affected	Not affected	Not affected
libextractor	—	Not affected	Not affected	Not affected
cupsys	—	Not in release	Not in release	Not in release
evince	—	Not affected	Not affected	Not affected
gpdf	—	Not in release	Not in release	Not in release
ipe	—	Not affected	Not affected	Not affected
kdegraphics	—	Not in release	Not in release	Not in release
koffice	—	Not in release	Not in release	Not in release
pdfkit.framework	—	Not in release	Not in release	Not in release
pdftohtml	—	Not in release	Not in release	Not in release
poppler	—	Fixed	Fixed	Fixed
tetex-bin	—	Not in release	Not in release	Not in release
texlive-bin	—	Not affected	Not affected	Not affected
xpdf	—	Not affected	Not in release	Not affected

CVE-2009-1180

Medium priority

Some fixes available 35 of 78

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data.

14 affected packages

koffice, gpdf, libextractor, cups, cupsys...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
koffice	—	Not in release	Not in release	Not in release
gpdf	—	Not in release	Not in release	Not in release
libextractor	—	Not affected	Not affected	Not affected
cups	—	Not affected	Not affected	Not affected
cupsys	—	Not in release	Not in release	Not in release
evince	—	Not affected	Not affected	Not affected
ipe	—	Not affected	Not affected	Not affected
kdegraphics	—	Not in release	Not in release	Not in release
pdfkit.framework	—	Not in release	Not in release	Not in release
pdftohtml	—	Not in release	Not in release	Not in release
poppler	—	Fixed	Fixed	Fixed
texlive-bin	—	Not affected	Not affected	Not affected
xpdf	—	Not affected	Not in release	Not affected
tetex-bin	—	Not in release	Not in release	Not in release

Export to JSON

Results by page: