Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Fedora Local Security Checks
Title:Fedora Core 9 FEDORA-2009-3794 (xpdf)
The remote host is missing an update to xpdf
announced via advisory FEDORA-2009-3794.

Update Information:

Fix several security updates in xpdf (3.02pl3 patch applied).


* Thu Apr 16 2009 Tom spot Callaway - 1:3.02-13
- apply xpdf-3.02pl3 security patch to fix:
CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180
CVE-2009-1181, CVE-2009-1182, CVE-2009-1183


[ 1 ] Bug #495886 - CVE-2009-0799 PDF JBIG2 decoder OOB read
[ 2 ] Bug #495887 - CVE-2009-0800 PDF JBIG2 multiple input validation flaws
[ 3 ] Bug #495889 - CVE-2009-1179 PDF JBIG2 integer overflow
[ 4 ] Bug #495892 - CVE-2009-1180 PDF JBIG2 invalid free()
[ 5 ] Bug #495894 - CVE-2009-1181 PDF JBIG2 NULL dereference
[ 6 ] Bug #495896 - CVE-2009-1182 PDF JBIG2 MMR decoder buffer overflows
[ 7 ] Bug #495899 - CVE-2009-1183 PDF JBIG2 MMR infinite loop DoS
[ 8 ] Bug #490612 - CVE-2009-0146 xpdf: Multiple buffer overflows in JBIG2 decoder (setBitmap, readSymbolDictSeg)
[ 9 ] Bug #490614 - CVE-2009-0147 xpdf: Multiple integer overflows in JBIG2 decoder
[ 10 ] Bug #490625 - CVE-2009-0166 xpdf: Freeing of potentially uninitialized memory in JBIG2 decoder

Solution: Apply the appropriate updates.

This update can be installed with the yum update program. Use
su -c 'yum update xpdf' at the command line.
For more information, refer to Managing Software with yum,
available at

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2009-0799
BugTraq ID: 34568
CERT/CC vulnerability note: VU#196617
Debian Security Information: DSA-1790 (Google Search)
Debian Security Information: DSA-1793 (Google Search)
RedHat Security Advisories: RHSA-2009:0458
SuSE Security Announcement: SUSE-SA:2009:024 (Google Search)
SuSE Security Announcement: SUSE-SR:2009:010 (Google Search)
SuSE Security Announcement: SUSE-SR:2009:012 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2009-0800
Common Vulnerability Exposure (CVE) ID: CVE-2009-1179
Common Vulnerability Exposure (CVE) ID: CVE-2009-1180
Common Vulnerability Exposure (CVE) ID: CVE-2009-1181
Common Vulnerability Exposure (CVE) ID: CVE-2009-1182
Common Vulnerability Exposure (CVE) ID: CVE-2009-1183
Common Vulnerability Exposure (CVE) ID: CVE-2009-0146
Bugtraq: 20090417 rPSA-2009-0059-1 poppler (Google Search)
Bugtraq: 20090417 rPSA-2009-0061-1 cups (Google Search)
Cert/CC Advisory: TA09-133A
Common Vulnerability Exposure (CVE) ID: CVE-2009-0147
Common Vulnerability Exposure (CVE) ID: CVE-2009-0166
CopyrightCopyright (c) 2009 E-Soft Inc.

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2023 E-Soft Inc. All rights reserved.