CVE-2009-0165

NameCVE-2009-0165
DescriptionInteger overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X, has unspecified impact, related to "g*allocn."
SourceCVE (at NVD; oss-sec, fulldisc, OSVDB, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, more)
ReferencesDSA-1790-1, DSA-1793-1
NVD severityhigh (attack range: remote)
Debian Bugs524809, 528369
Debian/oldoldstablenot vulnerable.
Debian/oldstablenot vulnerable.
Debian/stablenot vulnerable.
Debian/testingnot vulnerable.
Debian/unstablenot vulnerable.

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
kdegraphics (PTS)squeeze4:4.4.5-2fixed
xpdf (PTS)squeeze3.02-12+squeeze1fixed
wheezy3.03-10fixed
stretch, sid, jessie3.03-17fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
kdegraphicssource(unstable)4:4.0low528369
kdegraphicssourceetch4:3.5.5-3etch3highDSA-1793-1
kdegraphicssourcelenny4:3.5.9-3+lenny1highDSA-1793-1
xpdfsource(unstable)3.02-1.4+lenny1low524809
xpdfsourceetch3.01-9.1+etch6highDSA-1790-1
xpdfsourcelenny3.02-1.4+lenny1highDSA-1790-1
xpdfsourcesqueeze3.02-1.4+lenny1high

Search for package or bug name: Reporting problems