Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2009-3609

Published: 21 October 2009

Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that triggers a NULL pointer dereference or buffer over-read.

Priority

Medium

Status

Package Release Status
gpdf
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Does not exist

cosmic Does not exist

dapper Ignored
(end of life)
disco Does not exist

eoan Does not exist

focal Does not exist

groovy Does not exist

hardy Does not exist

hirsute Does not exist

impish Does not exist

intrepid Does not exist

jammy Does not exist

jaunty Does not exist

karmic Does not exist

kinetic Does not exist

lucid Does not exist

lunar Does not exist

mantic Does not exist

maverick Does not exist

natty Does not exist

noble Does not exist

oneiric Does not exist

precise Does not exist

quantal Does not exist

raring Does not exist

saucy Does not exist

trusty Does not exist

upstream Needs triage

utopic Does not exist

vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

ipe
Launchpad, Ubuntu, Debian
artful Ignored
(end of life)
bionic Needs triage

cosmic Ignored
(end of life)
dapper Ignored
(end of life)
disco Ignored
(end of life)
eoan Ignored
(end of life)
focal Needs triage

groovy Ignored
(end of life)
hardy Ignored
(end of life)
hirsute Ignored
(end of life)
impish Ignored
(end of life)
intrepid Ignored
(end of life, was needs-triage)
jammy Needs triage

jaunty Ignored
(end of life)
karmic Ignored
(end of life)
kinetic Ignored
(end of life, was needs-triage)
lucid Ignored
(end of life)
lunar Ignored
(end of life, was needs-triage)
mantic Ignored
(end of life, was needs-triage)
maverick Ignored
(end of life)
natty Ignored
(end of life)
noble Needs triage

oneiric Ignored
(end of life)
precise Ignored
(end of life)
quantal Ignored
(end of life)
raring Ignored
(end of life)
saucy Ignored
(end of life)
trusty Does not exist
(trusty was needs-triage)
upstream Needs triage

utopic Ignored
(end of life)
vivid Ignored
(end of life)
wily Ignored
(end of life)
xenial Needs triage

yakkety Ignored
(end of life)
zesty Ignored
(end of life)
kdegraphics
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Does not exist

cosmic Does not exist

dapper Not vulnerable
(linked to poppler)
disco Does not exist

eoan Does not exist

focal Does not exist

groovy Does not exist

hardy Not vulnerable
(linked to poppler)
hirsute Does not exist

impish Does not exist

intrepid Not vulnerable
(linked to poppler)
jammy Does not exist

jaunty Not vulnerable
(linked to poppler)
karmic Not vulnerable
(linked to poppler)
kinetic Does not exist

lucid Not vulnerable
(linked to poppler)
lunar Does not exist

mantic Does not exist

maverick Not vulnerable
(linked to poppler)
natty Not vulnerable
(linked to poppler)
noble Does not exist

oneiric Does not exist

precise Does not exist

quantal Does not exist

raring Does not exist

saucy Does not exist

trusty Does not exist

upstream Needs triage

utopic Does not exist

vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

koffice
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Does not exist

cosmic Does not exist

dapper Ignored
(end of life)
disco Does not exist

eoan Does not exist

focal Does not exist

groovy Does not exist

hardy Ignored
(end of life)
hirsute Does not exist

impish Does not exist

intrepid Ignored
(end of life, was needs-triage)
jammy Does not exist

jaunty
Released (1:1.6.3-7ubuntu6.1)
karmic Not vulnerable
(linked to poppler)
kinetic Does not exist

lucid Not vulnerable
(code not present)
lunar Does not exist

mantic Does not exist

maverick Not vulnerable
(code not present)
natty Not vulnerable
(code not present)
noble Does not exist

oneiric Not vulnerable
(code not present)
precise Does not exist

quantal Does not exist

raring Does not exist

saucy Does not exist

trusty Does not exist

upstream Needs triage

utopic Does not exist

vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

libextractor
Launchpad, Ubuntu, Debian
artful Ignored
(end of life)
bionic Not vulnerable
(does not use xpdf anymore)
cosmic Ignored
(end of life)
dapper Ignored
(end of life)
disco Ignored
(end of life)
eoan Ignored
(end of life)
focal Not vulnerable
(does not use xpdf anymore)
groovy Ignored
(end of life)
hardy Ignored
(end of life)
hirsute Ignored
(end of life)
impish Ignored
(end of life)
intrepid Ignored
(end of life, was needs-triage)
jammy Not vulnerable
(does not use xpdf anymore)
jaunty Ignored
(end of life)
karmic Ignored
(end of life)
kinetic Not vulnerable
(does not use xpdf anymore)
lucid Ignored
(end of life)
lunar Not vulnerable
(does not use xpdf anymore)
mantic Not vulnerable
(does not use xpdf anymore)
maverick Ignored
(end of life)
natty Ignored
(end of life)
noble Not vulnerable
(does not use xpdf anymore)
oneiric Ignored
(end of life)
precise Ignored
(end of life)
quantal Ignored
(end of life)
raring Ignored
(end of life)
saucy Ignored
(end of life)
trusty Not vulnerable
(does not use xpdf anymore)
upstream Needs triage

utopic Ignored
(end of life)
vivid Ignored
(end of life)
wily Ignored
(end of life)
xenial Not vulnerable
(does not use xpdf anymore)
yakkety Ignored
(end of life)
zesty Ignored
(end of life)
pdfkit.framework
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Does not exist

cosmic Does not exist

dapper Ignored
(end of life)
disco Does not exist

eoan Does not exist

focal Does not exist

groovy Does not exist

hardy Does not exist

hirsute Does not exist

impish Does not exist

intrepid Does not exist

jammy Does not exist

jaunty Does not exist

karmic Does not exist

kinetic Does not exist

lucid Does not exist

lunar Does not exist

mantic Does not exist

maverick Does not exist

natty Does not exist

noble Does not exist

oneiric Does not exist

precise Does not exist

quantal Does not exist

raring Does not exist

saucy Does not exist

trusty Does not exist

upstream Needs triage

utopic Does not exist

vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

pdftohtml
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Does not exist

cosmic Does not exist

dapper Ignored
(end of life)
disco Does not exist

eoan Does not exist

focal Does not exist

groovy Does not exist

hardy Does not exist

hirsute Does not exist

impish Does not exist

intrepid Does not exist

jammy Does not exist

jaunty Does not exist

karmic Does not exist

kinetic Does not exist

lucid Does not exist

lunar Does not exist

mantic Does not exist

maverick Does not exist

natty Does not exist

noble Does not exist

oneiric Does not exist

precise Does not exist

quantal Does not exist

raring Does not exist

saucy Does not exist

trusty Does not exist

upstream Needs triage

utopic Does not exist

vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

poppler
Launchpad, Ubuntu, Debian
artful
Released (0.12.2-2.1ubuntu1)
bionic
Released (0.12.2-2.1ubuntu1)
cosmic
Released (0.12.2-2.1ubuntu1)
dapper
Released (0.5.1-0ubuntu7.6)
disco
Released (0.12.2-2.1ubuntu1)
eoan
Released (0.12.2-2.1ubuntu1)
focal
Released (0.12.2-2.1ubuntu1)
groovy
Released (0.12.2-2.1ubuntu1)
hardy
Released (0.6.4-1ubuntu3.3)
hirsute
Released (0.12.2-2.1ubuntu1)
impish
Released (0.12.2-2.1ubuntu1)
intrepid
Released (0.8.7-1ubuntu0.4)
jammy
Released (0.12.2-2.1ubuntu1)
jaunty
Released (0.10.5-1ubuntu2.4)
karmic
Released (0.12.0-0ubuntu2.1)
kinetic
Released (0.12.2-2.1ubuntu1)
lucid
Released (0.12.2-2.1ubuntu1)
lunar
Released (0.12.2-2.1ubuntu1)
mantic
Released (0.12.2-2.1ubuntu1)
maverick
Released (0.12.2-2.1ubuntu1)
natty
Released (0.12.2-2.1ubuntu1)
noble
Released (0.12.2-2.1ubuntu1)
oneiric
Released (0.12.2-2.1ubuntu1)
precise
Released (0.12.2-2.1ubuntu1)
quantal
Released (0.12.2-2.1ubuntu1)
raring
Released (0.12.2-2.1ubuntu1)
saucy
Released (0.12.2-2.1ubuntu1)
trusty
Released (0.12.2-2.1ubuntu1)
upstream Needs triage

utopic
Released (0.12.2-2.1ubuntu1)
vivid
Released (0.12.2-2.1ubuntu1)
wily
Released (0.12.2-2.1ubuntu1)
xenial
Released (0.12.2-2.1ubuntu1)
yakkety
Released (0.12.2-2.1ubuntu1)
zesty
Released (0.12.2-2.1ubuntu1)
Patches:
upstream: http://cgit.freedesktop.org/poppler/poppler/commit/?id=1082e1671afd8ab91583dabc876304008acb021c
tetex-bin
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Does not exist

cosmic Does not exist

dapper Not vulnerable
(linked to poppler)
disco Does not exist

eoan Does not exist

focal Does not exist

groovy Does not exist

hardy Does not exist

hirsute Does not exist

impish Does not exist

intrepid Does not exist

jammy Does not exist

jaunty Does not exist

karmic Does not exist

kinetic Does not exist

lucid Does not exist

lunar Does not exist

mantic Does not exist

maverick Does not exist

natty Does not exist

noble Does not exist

oneiric Does not exist

precise Does not exist

quantal Does not exist

raring Does not exist

saucy Does not exist

trusty Does not exist

upstream Needs triage

utopic Does not exist

vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

texlive-bin
Launchpad, Ubuntu, Debian
artful Not vulnerable
(linked to poppler)
bionic Not vulnerable
(linked to poppler)
cosmic Not vulnerable
(linked to poppler)
dapper Does not exist

disco Not vulnerable
(linked to poppler)
eoan Not vulnerable
(linked to poppler)
focal Not vulnerable
(linked to poppler)
groovy Not vulnerable
(linked to poppler)
hardy Not vulnerable
(linked to poppler)
hirsute Not vulnerable
(linked to poppler)
impish Not vulnerable
(linked to poppler)
intrepid Not vulnerable
(linked to poppler)
jammy Not vulnerable
(linked to poppler)
jaunty Not vulnerable
(linked to poppler)
karmic Not vulnerable
(linked to poppler)
kinetic Not vulnerable
(linked to poppler)
lucid Not vulnerable
(linked to poppler)
lunar Not vulnerable
(linked to poppler)
mantic Not vulnerable
(linked to poppler)
maverick Not vulnerable
(linked to poppler)
natty Not vulnerable
(linked to poppler)
noble Not vulnerable
(linked to poppler)
oneiric Not vulnerable
(linked to poppler)
precise Not vulnerable
(linked to poppler)
quantal Not vulnerable
(linked to poppler)
raring Not vulnerable
(linked to poppler)
saucy Not vulnerable
(linked to poppler)
trusty Does not exist
(trusty was not-affected [linked to poppler])
upstream Needs triage

utopic Not vulnerable
(linked to poppler)
vivid Not vulnerable
(linked to poppler)
wily Not vulnerable
(linked to poppler)
xenial Not vulnerable
(linked to poppler)
yakkety Not vulnerable
(linked to poppler)
zesty Not vulnerable
(linked to poppler)
xpdf
Launchpad, Ubuntu, Debian
artful Not vulnerable
(3.02-2)
bionic Not vulnerable
(3.02-2)
cosmic Not vulnerable
(3.02-2)
dapper Ignored
(end of life)
disco Not vulnerable
(3.02-2)
eoan Not vulnerable
(3.02-2)
focal Does not exist

groovy Does not exist

hardy Ignored
(end of life)
hirsute Not vulnerable

impish Not vulnerable

intrepid Ignored
(end of life, was needs-triage)
jammy Not vulnerable

jaunty
Released (3.02-1.4ubuntu2.9.04.1)
karmic
Released (3.02-1.4ubuntu2.9.10.1)
kinetic Not vulnerable

lucid Not vulnerable
(3.02-2)
lunar Not vulnerable

mantic Not vulnerable

maverick Not vulnerable
(3.02-2)
natty Not vulnerable
(3.02-2)
noble Not vulnerable

oneiric Not vulnerable
(3.02-2)
precise Not vulnerable
(3.02-2)
quantal Not vulnerable
(3.02-2)
raring Not vulnerable
(3.02-2)
saucy Not vulnerable
(3.02-2)
trusty Does not exist
(trusty was not-affected [3.02-2])
upstream
Released (3.02-2)
utopic Not vulnerable
(3.02-2)
vivid Not vulnerable
(3.02-2)
wily Not vulnerable
(3.02-2)
xenial Not vulnerable
(3.02-2)
yakkety Not vulnerable
(3.02-2)
zesty Not vulnerable
(3.02-2)