Home > Vulnerability Database > CVE-2009-0165

Mend.io Vulnerability Database

CVE-2009-0165

Date: April 23, 2009

Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X, has unspecified impact, related to "g*allocn."

Severity Score

6.1

Related Resources (27)

Url: http://secunia.com/advisories/34852

Url: http://bugs.gentoo.org/show_bug.cgi?id=263028

Url: http://www.vupen.com/english/advisories/2009/1297

Url: http://secunia.com/advisories/35065

Url: http://secunia.com/advisories/34991

Url: https://nvd.nist.gov/vuln/detail/CVE-2009-0165

Url: http://secunia.com/advisories/35685

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2009-0165

Url: http://www.securityfocus.com/bid/34568

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/50377

Url: http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html

Url: http://secunia.com/advisories/35074

Url: http://secunia.com/advisories/34959

Url: http://www.debian.org/security/2009/dsa-1790

Url: http://www.mandriva.com/security/advisories?name=MDVSA-2009:101

Url: http://www.us-cert.gov/cas/techalerts/TA09-133A.html

Url: http://support.apple.com/kb/HT3639

Url: http://www.debian.org/security/2009/dsa-1793

Url: http://www.vupen.com/english/advisories/2009/1621

Url: http://lists.apple.com/archives/security-announce/2009/May/msg00002.html

Url: http://secunia.com/advisories/35037

Url: http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477

Url: http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html

Url: http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html

Url: http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html

Url: http://support.apple.com/kb/HT3549

Url: https://www.mend.io/vulnerability-database/CVE-2009-0165

Severity Score

6.1

Weakness Type (CWE)

Numeric Errors

CWE-189

CVSS v3.1

Base Score:	6.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	CHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	NONE

CVSS v2

Base Score:	10.0
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	COMPLETE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2009-0165

Date: April 23, 2009

Severity Score

Related Resources (27)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?