CVE-2009-1182

Priority
Description
Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and
earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products
allow remote attackers to execute arbitrary code via a crafted PDF file.
References
Assigned-to
mdeslaur
Notes
jdstrandCUPS on Ubuntu uses system pdftops (compiled with --disable-pdftops)
Package
Source: cups (LP Ubuntu Debian)
Priority: Negligible
Upstream:released (1.3.10)
Ubuntu 18.04 LTS:not-affected
Ubuntu 20.04 LTS:not-affected
Ubuntu 21.10:not-affected
Ubuntu 16.04 ESM:not-affected
Ubuntu 22.04 LTS:not-affected
Ubuntu 14.04 ESM:DNE (trusty was not-affected)
Patches:
Package
Priority: Negligible
Upstream:released (1.3.10)
Ubuntu 18.04 LTS:DNE
Ubuntu 20.04 LTS:DNE
Ubuntu 21.10:DNE
Ubuntu 22.04 LTS:DNE
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:not-affected (linked to poppler)
Ubuntu 18.04 LTS:not-affected (linked to poppler)
Ubuntu 20.04 LTS:not-affected (linked to poppler)
Ubuntu 21.10:not-affected (linked to poppler)
Ubuntu 16.04 ESM:not-affected (linked to poppler)
Ubuntu 22.04 LTS:not-affected (linked to poppler)
Ubuntu 14.04 ESM:DNE (trusty was not-affected [linked to poppler])
Patches:
Package
Source: gpdf (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 18.04 LTS:DNE
Ubuntu 20.04 LTS:DNE
Ubuntu 21.10:DNE
Ubuntu 22.04 LTS:DNE
Ubuntu 14.04 ESM:DNE
Patches:
Package
Source: ipe (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 18.04 LTS:not-affected (uses system pdflatex)
Ubuntu 20.04 LTS:not-affected (uses system pdflatex)
Ubuntu 21.10:not-affected (uses system pdflatex)
Ubuntu 22.04 LTS:not-affected (uses system pdflatex)
Ubuntu 14.04 ESM:DNE (trusty was not-affected [uses system pdflatex])
Patches:
Package
Upstream:needs-triage
Ubuntu 18.04 LTS:DNE
Ubuntu 20.04 LTS:DNE
Ubuntu 21.10:DNE
Ubuntu 22.04 LTS:DNE
Ubuntu 14.04 ESM:DNE
Patches:
Package
Priority: Low
Upstream:needs-triage
Ubuntu 18.04 LTS:DNE
Ubuntu 20.04 LTS:DNE
Ubuntu 21.10:DNE
Ubuntu 22.04 LTS:DNE
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:needs-triage
Ubuntu 18.04 LTS:needs-triage
Ubuntu 20.04 LTS:needs-triage
Ubuntu 21.10:needs-triage
Ubuntu 22.04 LTS:needs-triage
Ubuntu 14.04 ESM:DNE (trusty was needs-triage)
Patches:
Package
Upstream:needs-triage
Ubuntu 18.04 LTS:DNE
Ubuntu 20.04 LTS:DNE
Ubuntu 21.10:DNE
Ubuntu 22.04 LTS:DNE
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:needs-triage
Ubuntu 18.04 LTS:DNE
Ubuntu 20.04 LTS:DNE
Ubuntu 21.10:DNE
Ubuntu 22.04 LTS:DNE
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:needs-triage
Ubuntu 18.04 LTS:released (0.10.5-1ubuntu2)
Ubuntu 20.04 LTS:released (0.10.5-1ubuntu2)
Ubuntu 21.10:released (0.10.5-1ubuntu2)
Ubuntu 16.04 ESM:released (0.10.5-1ubuntu2)
Ubuntu 22.04 LTS:released (0.10.5-1ubuntu2)
Ubuntu 14.04 ESM:DNE (trusty was released [0.10.5-1ubuntu2])
Patches:
Package
Upstream:needs-triage
Ubuntu 18.04 LTS:DNE
Ubuntu 20.04 LTS:DNE
Ubuntu 21.10:DNE
Ubuntu 22.04 LTS:DNE
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:needs-triage
Ubuntu 18.04 LTS:not-affected (linked to poppler)
Ubuntu 20.04 LTS:not-affected (linked to poppler)
Ubuntu 21.10:not-affected (linked to poppler)
Ubuntu 16.04 ESM:not-affected (linked to poppler)
Ubuntu 22.04 LTS:not-affected (linked to poppler)
Ubuntu 14.04 ESM:DNE (trusty was not-affected [linked to poppler])
Patches:
Package
Source: xpdf (LP Ubuntu Debian)
Upstream:released (3.02-2)
Ubuntu 18.04 LTS:not-affected (3.02-2)
Ubuntu 20.04 LTS:DNE
Ubuntu 21.10:not-affected
Ubuntu 22.04 LTS:not-affected
Ubuntu 14.04 ESM:DNE (trusty was not-affected [3.02-2])
Patches:
More Information

Updated: 2022-04-25 00:14:21 UTC (commit ecc1009cb19540b950de59270950018900f37f15)