CVE-2009-0800

Publication date 23 April 2009

Last updated 24 July 2024

Ubuntu priority

Medium

Why this priority?

Multiple “input validation flaws” in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.

Read the notes from the security team

Status

Package Ubuntu Release Status
cups 23.04 lunar
Not affected
22.10 kinetic
Not affected
22.04 LTS jammy
Not affected
21.10 impish
Not affected
21.04 hirsute
Not affected
20.10 groovy
Not affected
20.04 LTS focal
Not affected
19.10 eoan
Not affected
19.04 disco
Not affected
18.10 cosmic
Not affected
18.04 LTS bionic
Not affected
17.10 artful
Not affected
17.04 zesty
Not affected
16.10 yakkety
Not affected
16.04 LTS xenial
Not affected
15.10 wily
Not affected
15.04 vivid
Not affected
14.10 utopic
Not affected
14.04 LTS trusty Not in release
13.10 saucy
Not affected
13.04 raring
Not affected
12.10 quantal
Not affected
12.04 LTS precise
Not affected
11.10 oneiric
Not affected
11.04 natty
Not affected
10.10 maverick
Not affected
10.04 LTS lucid
Not affected
9.10 karmic
Not affected
9.04 jaunty
Not affected
8.10 intrepid
Not affected
8.04 LTS hardy Not in release
7.10 gutsy Not in release
6.06 LTS dapper Not in release
cupsys 23.04 lunar Not in release
22.10 kinetic Not in release
22.04 LTS jammy Not in release
21.10 impish Not in release
21.04 hirsute Not in release
20.10 groovy Not in release
20.04 LTS focal Not in release
19.10 eoan Not in release
19.04 disco Not in release
18.10 cosmic Not in release
18.04 LTS bionic Not in release
17.10 artful Not in release
17.04 zesty Not in release
16.10 yakkety Not in release
16.04 LTS xenial Not in release
15.10 wily Not in release
15.04 vivid Not in release
14.10 utopic Not in release
14.04 LTS trusty Not in release
13.10 saucy Not in release
13.04 raring Not in release
12.10 quantal Not in release
12.04 LTS precise Not in release
11.10 oneiric Not in release
11.04 natty Not in release
10.10 maverick Not in release
10.04 LTS lucid Not in release
9.10 karmic Not in release
9.04 jaunty Not in release
8.10 intrepid Not in release
8.04 LTS hardy
Not affected
7.10 gutsy
Not affected
6.06 LTS dapper
Not affected
evince 23.04 lunar
Not affected
22.10 kinetic
Not affected
22.04 LTS jammy
Not affected
21.10 impish
Not affected
21.04 hirsute
Not affected
20.10 groovy
Not affected
20.04 LTS focal
Not affected
19.10 eoan
Not affected
19.04 disco
Not affected
18.10 cosmic
Not affected
18.04 LTS bionic
Not affected
17.10 artful
Not affected
17.04 zesty
Not affected
16.10 yakkety
Not affected
16.04 LTS xenial
Not affected
15.10 wily
Not affected
15.04 vivid
Not affected
14.10 utopic
Not affected
14.04 LTS trusty Not in release
13.10 saucy
Not affected
13.04 raring
Not affected
12.10 quantal
Not affected
12.04 LTS precise
Not affected
11.10 oneiric
Not affected
11.04 natty
Not affected
10.10 maverick
Not affected
10.04 LTS lucid
Not affected
9.10 karmic
Not affected
9.04 jaunty
Not affected
8.10 intrepid
Not affected
8.04 LTS hardy
Not affected
7.10 gutsy
Not affected
6.06 LTS dapper
Not affected
gpdf 23.04 lunar Not in release
22.10 kinetic Not in release
22.04 LTS jammy Not in release
21.10 impish Not in release
21.04 hirsute Not in release
20.10 groovy Not in release
20.04 LTS focal Not in release
19.10 eoan Not in release
19.04 disco Not in release
18.10 cosmic Not in release
18.04 LTS bionic Not in release
17.10 artful Not in release
17.04 zesty Not in release
16.10 yakkety Not in release
16.04 LTS xenial Not in release
15.10 wily Not in release
15.04 vivid Not in release
14.10 utopic Not in release
14.04 LTS trusty Not in release
13.10 saucy Not in release
13.04 raring Not in release
12.10 quantal Not in release
12.04 LTS precise Not in release
11.10 oneiric Not in release
11.04 natty Not in release
10.10 maverick Not in release
10.04 LTS lucid Not in release
9.10 karmic Not in release
9.04 jaunty Not in release
8.10 intrepid Not in release
8.04 LTS hardy Not in release
7.10 gutsy Not in release
6.06 LTS dapper Ignored end of life
ipe 23.04 lunar
Not affected
22.10 kinetic
Not affected
22.04 LTS jammy
Not affected
21.10 impish
Not affected
21.04 hirsute
Not affected
20.10 groovy
Not affected
20.04 LTS focal
Not affected
19.10 eoan
Not affected
19.04 disco
Not affected
18.10 cosmic
Not affected
18.04 LTS bionic
Not affected
17.10 artful
Not affected
17.04 zesty
Not affected
16.10 yakkety
Not affected
16.04 LTS xenial
Not affected
15.10 wily
Not affected
15.04 vivid
Not affected
14.10 utopic
Not affected
14.04 LTS trusty Not in release
13.10 saucy
Not affected
13.04 raring
Not affected
12.10 quantal
Not affected
12.04 LTS precise
Not affected
11.10 oneiric
Not affected
11.04 natty
Not affected
10.10 maverick
Not affected
10.04 LTS lucid
Not affected
9.10 karmic Ignored end of life
9.04 jaunty Ignored end of life
8.10 intrepid Ignored end of life, was needs-triage
8.04 LTS hardy
Not affected
7.10 gutsy Ignored end of life, was needs-triage
6.06 LTS dapper Ignored end of life
kdegraphics 23.04 lunar Not in release
22.10 kinetic Not in release
22.04 LTS jammy Not in release
21.10 impish Not in release
21.04 hirsute Not in release
20.10 groovy Not in release
20.04 LTS focal Not in release
19.10 eoan Not in release
19.04 disco Not in release
18.10 cosmic Not in release
18.04 LTS bionic Not in release
17.10 artful Not in release
17.04 zesty Not in release
16.10 yakkety Not in release
16.04 LTS xenial Not in release
15.10 wily Not in release
15.04 vivid Not in release
14.10 utopic Not in release
14.04 LTS trusty Not in release
13.10 saucy Not in release
13.04 raring Not in release
12.10 quantal Not in release
12.04 LTS precise Not in release
11.10 oneiric Not in release
11.04 natty
Not affected
10.10 maverick
Not affected
10.04 LTS lucid
Not affected
9.10 karmic
Not affected
9.04 jaunty
Not affected
8.10 intrepid
Not affected
8.04 LTS hardy
Not affected
7.10 gutsy
Not affected
6.06 LTS dapper
Not affected
koffice 23.04 lunar Not in release
22.10 kinetic Not in release
22.04 LTS jammy Not in release
21.10 impish Not in release
21.04 hirsute Not in release
20.10 groovy Not in release
20.04 LTS focal Not in release
19.10 eoan Not in release
19.04 disco Not in release
18.10 cosmic Not in release
18.04 LTS bionic Not in release
17.10 artful Not in release
17.04 zesty Not in release
16.10 yakkety Not in release
16.04 LTS xenial Not in release
15.10 wily Not in release
15.04 vivid Not in release
14.10 utopic Not in release
14.04 LTS trusty Not in release
13.10 saucy Not in release
13.04 raring Not in release
12.10 quantal Not in release
12.04 LTS precise Not in release
11.10 oneiric
Not affected
11.04 natty
Not affected
10.10 maverick
Not affected
10.04 LTS lucid
Not affected
9.10 karmic
Not affected
9.04 jaunty
Fixed 1:1.6.3-7ubuntu6.1
8.10 intrepid Ignored end of life, was needed
8.04 LTS hardy Ignored end of life
7.10 gutsy Ignored end of life, was needs-triage
6.06 LTS dapper Ignored end of life
libextractor 23.04 lunar
Not affected
22.10 kinetic
Not affected
22.04 LTS jammy
Not affected
21.10 impish Ignored end of life
21.04 hirsute Ignored end of life
20.10 groovy Ignored end of life
20.04 LTS focal
Not affected
19.10 eoan Ignored end of life
19.04 disco Ignored end of life
18.10 cosmic Ignored end of life
18.04 LTS bionic
Not affected
17.10 artful Ignored end of life
17.04 zesty Ignored end of life
16.10 yakkety Ignored end of life
16.04 LTS xenial
Not affected
15.10 wily Ignored end of life
15.04 vivid Ignored end of life
14.10 utopic Ignored end of life
14.04 LTS trusty
Not affected
13.10 saucy Ignored end of life
13.04 raring Ignored end of life
12.10 quantal Ignored end of life
12.04 LTS precise Ignored end of life
11.10 oneiric Ignored end of life
11.04 natty Ignored end of life
10.10 maverick Ignored end of life
10.04 LTS lucid Ignored end of life
9.10 karmic Ignored end of life
9.04 jaunty Ignored end of life
8.10 intrepid Ignored end of life, was needs-triage
8.04 LTS hardy Ignored end of life
7.10 gutsy Ignored end of life, was needs-triage
6.06 LTS dapper Ignored end of life
pdfkit.framework 23.04 lunar Not in release
22.10 kinetic Not in release
22.04 LTS jammy Not in release
21.10 impish Not in release
21.04 hirsute Not in release
20.10 groovy Not in release
20.04 LTS focal Not in release
19.10 eoan Not in release
19.04 disco Not in release
18.10 cosmic Not in release
18.04 LTS bionic Not in release
17.10 artful Not in release
17.04 zesty Not in release
16.10 yakkety Not in release
16.04 LTS xenial Not in release
15.10 wily Not in release
15.04 vivid Not in release
14.10 utopic Not in release
14.04 LTS trusty Not in release
13.10 saucy Not in release
13.04 raring Not in release
12.10 quantal Not in release
12.04 LTS precise Not in release
11.10 oneiric Not in release
11.04 natty Not in release
10.10 maverick Not in release
10.04 LTS lucid Not in release
9.10 karmic Not in release
9.04 jaunty Not in release
8.10 intrepid Not in release
8.04 LTS hardy Not in release
7.10 gutsy Not in release
6.06 LTS dapper Ignored end of life
pdftohtml 23.04 lunar Not in release
22.10 kinetic Not in release
22.04 LTS jammy Not in release
21.10 impish Not in release
21.04 hirsute Not in release
20.10 groovy Not in release
20.04 LTS focal Not in release
19.10 eoan Not in release
19.04 disco Not in release
18.10 cosmic Not in release
18.04 LTS bionic Not in release
17.10 artful Not in release
17.04 zesty Not in release
16.10 yakkety Not in release
16.04 LTS xenial Not in release
15.10 wily Not in release
15.04 vivid Not in release
14.10 utopic Not in release
14.04 LTS trusty Not in release
13.10 saucy Not in release
13.04 raring Not in release
12.10 quantal Not in release
12.04 LTS precise Not in release
11.10 oneiric Not in release
11.04 natty Not in release
10.10 maverick Not in release
10.04 LTS lucid Not in release
9.10 karmic Not in release
9.04 jaunty Not in release
8.10 intrepid Not in release
8.04 LTS hardy Not in release
7.10 gutsy Not in release
6.06 LTS dapper Ignored end of life
poppler 23.04 lunar
Fixed 0.10.5-1ubuntu2
22.10 kinetic
Fixed 0.10.5-1ubuntu2
22.04 LTS jammy
Fixed 0.10.5-1ubuntu2
21.10 impish
Fixed 0.10.5-1ubuntu2
21.04 hirsute
Fixed 0.10.5-1ubuntu2
20.10 groovy
Fixed 0.10.5-1ubuntu2
20.04 LTS focal
Fixed 0.10.5-1ubuntu2
19.10 eoan
Fixed 0.10.5-1ubuntu2
19.04 disco
Fixed 0.10.5-1ubuntu2
18.10 cosmic
Fixed 0.10.5-1ubuntu2
18.04 LTS bionic
Fixed 0.10.5-1ubuntu2
17.10 artful
Fixed 0.10.5-1ubuntu2
17.04 zesty
Fixed 0.10.5-1ubuntu2
16.10 yakkety
Fixed 0.10.5-1ubuntu2
16.04 LTS xenial
Fixed 0.10.5-1ubuntu2
15.10 wily
Fixed 0.10.5-1ubuntu2
15.04 vivid
Fixed 0.10.5-1ubuntu2
14.10 utopic
Fixed 0.10.5-1ubuntu2
14.04 LTS trusty
Fixed 0.10.5-1ubuntu2
13.10 saucy
Fixed 0.10.5-1ubuntu2
13.04 raring
Fixed 0.10.5-1ubuntu2
12.10 quantal
Fixed 0.10.5-1ubuntu2
12.04 LTS precise
Fixed 0.10.5-1ubuntu2
11.10 oneiric
Fixed 0.10.5-1ubuntu2
11.04 natty
Fixed 0.10.5-1ubuntu2
10.10 maverick
Fixed 0.10.5-1ubuntu2
10.04 LTS lucid
Fixed 0.10.5-1ubuntu2
9.10 karmic
Fixed 0.10.5-1ubuntu2
9.04 jaunty
Fixed 0.10.5-1ubuntu2
8.10 intrepid
Fixed 0.8.7-1ubuntu0.2
8.04 LTS hardy
Fixed 0.6.4-1ubuntu3.2
7.10 gutsy Ignored end of life, was needs-triage
6.06 LTS dapper
Fixed 0.5.1-0ubuntu7.5
tetex-bin 23.04 lunar Not in release
22.10 kinetic Not in release
22.04 LTS jammy Not in release
21.10 impish Not in release
21.04 hirsute Not in release
20.10 groovy Not in release
20.04 LTS focal Not in release
19.10 eoan Not in release
19.04 disco Not in release
18.10 cosmic Not in release
18.04 LTS bionic Not in release
17.10 artful Not in release
17.04 zesty Not in release
16.10 yakkety Not in release
16.04 LTS xenial Not in release
15.10 wily Not in release
15.04 vivid Not in release
14.10 utopic Not in release
14.04 LTS trusty Not in release
13.10 saucy Not in release
13.04 raring Not in release
12.10 quantal Not in release
12.04 LTS precise Not in release
11.10 oneiric Not in release
11.04 natty Not in release
10.10 maverick Not in release
10.04 LTS lucid Not in release
9.10 karmic Not in release
9.04 jaunty Not in release
8.10 intrepid Not in release
8.04 LTS hardy Not in release
7.10 gutsy Not in release
6.06 LTS dapper
Not affected
texlive-bin 23.04 lunar
Not affected
22.10 kinetic
Not affected
22.04 LTS jammy
Not affected
21.10 impish
Not affected
21.04 hirsute
Not affected
20.10 groovy
Not affected
20.04 LTS focal
Not affected
19.10 eoan
Not affected
19.04 disco
Not affected
18.10 cosmic
Not affected
18.04 LTS bionic
Not affected
17.10 artful
Not affected
17.04 zesty
Not affected
16.10 yakkety
Not affected
16.04 LTS xenial
Not affected
15.10 wily
Not affected
15.04 vivid
Not affected
14.10 utopic
Not affected
14.04 LTS trusty Not in release
13.10 saucy
Not affected
13.04 raring
Not affected
12.10 quantal
Not affected
12.04 LTS precise
Not affected
11.10 oneiric
Not affected
11.04 natty
Not affected
10.10 maverick
Not affected
10.04 LTS lucid
Not affected
9.10 karmic
Not affected
9.04 jaunty
Not affected
8.10 intrepid
Not affected
8.04 LTS hardy
Not affected
7.10 gutsy
Not affected
6.06 LTS dapper Not in release
xpdf 23.04 lunar
Not affected
22.10 kinetic
Not affected
22.04 LTS jammy
Not affected
21.10 impish
Not affected
21.04 hirsute
Not affected
20.10 groovy Not in release
20.04 LTS focal Not in release
19.10 eoan
Not affected
19.04 disco
Not affected
18.10 cosmic
Not affected
18.04 LTS bionic
Not affected
17.10 artful
Not affected
17.04 zesty
Not affected
16.10 yakkety
Not affected
16.04 LTS xenial
Not affected
15.10 wily
Not affected
15.04 vivid
Not affected
14.10 utopic
Not affected
14.04 LTS trusty Not in release
13.10 saucy
Not affected
13.04 raring
Not affected
12.10 quantal
Not affected
12.04 LTS precise
Not affected
11.10 oneiric
Not affected
11.04 natty
Not affected
10.10 maverick
Not affected
10.04 LTS lucid
Not affected
9.10 karmic
Fixed 3.02-1.4ubuntu2.9.10.1
9.04 jaunty
Fixed 3.02-1.4ubuntu2.9.04.1
8.10 intrepid Ignored end of life, was needs-triage
8.04 LTS hardy Ignored end of life
7.10 gutsy Ignored end of life, was needs-triage
6.06 LTS dapper Ignored end of life

Notes

jdstrand

CUPS on Ubuntu uses system pdftops (compiled with --disable-pdftops)

sbeattie

ipe uses system pdflatex

References

Related Ubuntu Security Notices (USN)

    • USN-759-1
    • poppler vulnerabilities
    • 16 April 2009
    • USN-973-1
    • KOffice vulnerabilities
    • 17 August 2010

Other references