Vulnerabilites related to xpdf - xpdf
CVE-2006-0746 (GCVE-0-2006-0746)
Vulnerability from cvelistv5
Published
2006-03-09 00:00
Modified
2024-08-07 16:48
Severity ?
CWE
  • n/a
Summary
Certain patches for kpdf do not include all relevant patches from xpdf that were associated with CVE-2005-3627, which allows context-dependent attackers to exploit vulnerabilities that were present in CVE-2005-3627.
References
http://www.redhat.com/support/errata/RHSA-2006-0262.html vendor-advisory, x_refsource_REDHAT
http://www.debian.org/security/2006/dsa-1008 vendor-advisory, x_refsource_DEBIAN
http://www.mandriva.com/security/advisories?name=MDKSA-2006:054 vendor-advisory, x_refsource_MANDRIVA
http://www.securityfocus.com/archive/1/427299/100/0/threaded mailing-list, x_refsource_BUGTRAQ
http://secunia.com/advisories/19190 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/19264 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/19189 third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/bid/17039 vdb-entry, x_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/25146 vdb-entry, x_refsource_XF
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11441 vdb-entry, signature, x_refsource_OVAL
http://www.kde.org/info/security/advisory-20060202-1.txt x_refsource_CONFIRM
http://securityreason.com/securityalert/566 third-party-advisory, x_refsource_SREASON
http://securitytracker.com/id?1015751 vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:48:55.648Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2006:0262",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0262.html"
          },
          {
            "name": "DSA-1008",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1008"
          },
          {
            "name": "MDKSA-2006:054",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:054"
          },
          {
            "name": "20060310 [KDE Security Advisory] kpdf of KDE 3.3.x heap based buffer overflow",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427299/100/0/threaded"
          },
          {
            "name": "19190",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19190"
          },
          {
            "name": "19264",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19264"
          },
          {
            "name": "19189",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19189"
          },
          {
            "name": "17039",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/17039"
          },
          {
            "name": "kde-kpdf-patch-bo(25146)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25146"
          },
          {
            "name": "oval:org.mitre.oval:def:11441",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11441"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kde.org/info/security/advisory-20060202-1.txt"
          },
          {
            "name": "566",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/566"
          },
          {
            "name": "1015751",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015751"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-03-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Certain patches for kpdf do not include all relevant patches from xpdf that were associated with CVE-2005-3627, which allows context-dependent attackers to exploit vulnerabilities that were present in CVE-2005-3627."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2006:0262",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0262.html"
        },
        {
          "name": "DSA-1008",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1008"
        },
        {
          "name": "MDKSA-2006:054",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:054"
        },
        {
          "name": "20060310 [KDE Security Advisory] kpdf of KDE 3.3.x heap based buffer overflow",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/427299/100/0/threaded"
        },
        {
          "name": "19190",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19190"
        },
        {
          "name": "19264",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19264"
        },
        {
          "name": "19189",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19189"
        },
        {
          "name": "17039",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/17039"
        },
        {
          "name": "kde-kpdf-patch-bo(25146)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25146"
        },
        {
          "name": "oval:org.mitre.oval:def:11441",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11441"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kde.org/info/security/advisory-20060202-1.txt"
        },
        {
          "name": "566",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/566"
        },
        {
          "name": "1015751",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015751"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2006-0746",
    "datePublished": "2006-03-09T00:00:00",
    "dateReserved": "2006-02-17T00:00:00",
    "dateUpdated": "2024-08-07T16:48:55.648Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-7867 (GCVE-0-2024-7867)
Vulnerability from cvelistv5
Published
2024-08-15 20:06
Modified
2024-08-16 17:12
CWE
Summary
In Xpdf 4.05 (and earlier), very large coordinates in a page box can cause an integer overflow and divide-by-zero.
Impacted products
Vendor Product Version
Xpdf Xpdf Version: 0
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:xpdfreader:xpdf:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "xpdf",
            "vendor": "xpdfreader",
            "versions": [
              {
                "lessThanOrEqual": "4.05",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-7867",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-16T17:08:56.250411Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-16T17:12:21.754Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "all"
          ],
          "product": "Xpdf",
          "vendor": "Xpdf",
          "versions": [
            {
              "lessThanOrEqual": "4.05",
              "status": "affected",
              "version": "0",
              "versionType": "Version"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "xiaobaozidi"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "In Xpdf 4.05 (and earlier), very large coordinates in a page box can cause an integer overflow and divide-by-zero.\u003cbr\u003e"
            }
          ],
          "value": "In Xpdf 4.05 (and earlier), very large coordinates in a page box can cause an integer overflow and divide-by-zero."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 2.1,
            "baseSeverity": "LOW",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-369",
              "description": "CWE-369 Divide By Zero",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190 Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-15T20:06:47.966Z",
        "orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924",
        "shortName": "GandC"
      },
      "references": [
        {
          "url": "https://www.xpdfreader.com/security-bug/CVE-2024-7867.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Integer overflow and divide-by-zero in Xpdf 4.05 due to bogus page box coordinates",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924",
    "assignerShortName": "GandC",
    "cveId": "CVE-2024-7867",
    "datePublished": "2024-08-15T20:06:47.966Z",
    "dateReserved": "2024-08-15T20:00:13.850Z",
    "dateUpdated": "2024-08-16T17:12:21.754Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-4568 (GCVE-0-2024-4568)
Vulnerability from cvelistv5
Published
2024-05-06 19:56
Modified
2024-08-01 20:47
CWE
Summary
In Xpdf 4.05 (and earlier), a PDF object loop in the PDF resources leads to infinite recursion and a stack overflow.
Impacted products
Vendor Product Version
Xpdf Xpdf Version: 0
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:glyphandcog:xpdf:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "xpdf",
            "vendor": "glyphandcog",
            "versions": [
              {
                "lessThanOrEqual": "4.05",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-4568",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-07T18:03:05.708589Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:55:13.783Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:47:40.665Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.xpdfreader.com/security-bug/object-loops.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "all"
          ],
          "product": "Xpdf",
          "vendor": "Xpdf",
          "versions": [
            {
              "lessThanOrEqual": "4.05",
              "status": "affected",
              "version": "0",
              "versionType": "version"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Ximing Fan, from School of Cyber Science and Engineering, Sichuan University, China"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "In Xpdf 4.05 (and earlier), a PDF object loop in the PDF resources leads to infinite recursion and a stack overflow."
            }
          ],
          "value": "In Xpdf 4.05 (and earlier), a PDF object loop in the PDF resources leads to infinite recursion and a stack overflow."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 2.9,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-674",
              "description": "CWE-674 Uncontrolled Recursion",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-06T19:56:15.633Z",
        "orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924",
        "shortName": "GandC"
      },
      "references": [
        {
          "url": "https://www.xpdfreader.com/security-bug/object-loops.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Stack overflow in Xpdf 4.05 due to object loop in PDF resources",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924",
    "assignerShortName": "GandC",
    "cveId": "CVE-2024-4568",
    "datePublished": "2024-05-06T19:56:15.633Z",
    "dateReserved": "2024-05-06T19:48:33.775Z",
    "dateUpdated": "2024-08-01T20:47:40.665Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2007-0104 (GCVE-0-2007-0104)
Vulnerability from cvelistv5
Published
2007-01-09 00:00
Modified
2024-08-07 12:03
Severity ?
CWE
  • n/a
Summary
The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.
References
http://secunia.com/advisories/23815 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2007:022 vendor-advisory, x_refsource_MANDRIVA
http://www.mandriva.com/security/advisories?name=MDKSA-2007:020 vendor-advisory, x_refsource_MANDRIVA
http://www.us-cert.gov/cas/techalerts/TA07-072A.html third-party-advisory, x_refsource_CERT
http://www.mandriva.com/security/advisories?name=MDKSA-2007:021 vendor-advisory, x_refsource_MANDRIVA
http://www.kde.org/info/security/advisory-20070115-1.txt x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=MDKSA-2007:019 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/23799 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/23839 third-party-advisory, x_refsource_SECUNIA
http://docs.info.apple.com/article.html?artnum=305214 x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/31364 vdb-entry, x_refsource_XF
http://www.ubuntu.com/usn/usn-410-2 vendor-advisory, x_refsource_UBUNTU
http://www.mandriva.com/security/advisories?name=MDKSA-2007:018 vendor-advisory, x_refsource_MANDRIVA
http://securitytracker.com/id?1017514 vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/23791 third-party-advisory, x_refsource_SECUNIA
http://www.novell.com/linux/security/advisories/2007_3_sr.html vendor-advisory, x_refsource_SUSE
http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html x_refsource_CONFIRM
http://www.securityfocus.com/bid/21910 vdb-entry, x_refsource_BID
http://www.mandriva.com/security/advisories?name=MDKSA-2007:024 vendor-advisory, x_refsource_MANDRIVA
http://www.securitytracker.com/id?1017749 vdb-entry, x_refsource_SECTRACK
http://projects.info-pull.com/moab/MOAB-06-01-2007.html x_refsource_MISC
http://secunia.com/advisories/23844 third-party-advisory, x_refsource_SECUNIA
http://www.ubuntu.com/usn/usn-410-1 vendor-advisory, x_refsource_UBUNTU
http://www.vupen.com/english/advisories/2007/0203 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/23876 third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/457055/100/0/threaded mailing-list, x_refsource_BUGTRAQ
http://www.vupen.com/english/advisories/2007/0244 vdb-entry, x_refsource_VUPEN
http://www.vupen.com/english/advisories/2007/0212 vdb-entry, x_refsource_VUPEN
http://www.vupen.com/english/advisories/2007/0930 vdb-entry, x_refsource_VUPEN
https://issues.rpath.com/browse/RPL-964 x_refsource_CONFIRM
http://secunia.com/advisories/23813 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/24204 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/23808 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/24479 third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T12:03:37.070Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "23815",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23815"
          },
          {
            "name": "MDKSA-2007:022",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:022"
          },
          {
            "name": "MDKSA-2007:020",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:020"
          },
          {
            "name": "TA07-072A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
          },
          {
            "name": "MDKSA-2007:021",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:021"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kde.org/info/security/advisory-20070115-1.txt"
          },
          {
            "name": "MDKSA-2007:019",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:019"
          },
          {
            "name": "23799",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23799"
          },
          {
            "name": "23839",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23839"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://docs.info.apple.com/article.html?artnum=305214"
          },
          {
            "name": "multiple-vendor-pdf-code-execution(31364)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31364"
          },
          {
            "name": "USN-410-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-410-2"
          },
          {
            "name": "MDKSA-2007:018",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:018"
          },
          {
            "name": "1017514",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1017514"
          },
          {
            "name": "23791",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23791"
          },
          {
            "name": "SUSE-SR:2007:003",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_3_sr.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html"
          },
          {
            "name": "21910",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/21910"
          },
          {
            "name": "MDKSA-2007:024",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:024"
          },
          {
            "name": "1017749",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1017749"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://projects.info-pull.com/moab/MOAB-06-01-2007.html"
          },
          {
            "name": "23844",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23844"
          },
          {
            "name": "USN-410-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-410-1"
          },
          {
            "name": "ADV-2007-0203",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/0203"
          },
          {
            "name": "23876",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23876"
          },
          {
            "name": "20070116 [KDE Security Advisory] kpdf/kword/xpdf denial of service vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/457055/100/0/threaded"
          },
          {
            "name": "ADV-2007-0244",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/0244"
          },
          {
            "name": "ADV-2007-0212",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/0212"
          },
          {
            "name": "ADV-2007-0930",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/0930"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-964"
          },
          {
            "name": "23813",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23813"
          },
          {
            "name": "24204",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24204"
          },
          {
            "name": "23808",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23808"
          },
          {
            "name": "24479",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24479"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-01-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "23815",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23815"
        },
        {
          "name": "MDKSA-2007:022",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:022"
        },
        {
          "name": "MDKSA-2007:020",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:020"
        },
        {
          "name": "TA07-072A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
        },
        {
          "name": "MDKSA-2007:021",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:021"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kde.org/info/security/advisory-20070115-1.txt"
        },
        {
          "name": "MDKSA-2007:019",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:019"
        },
        {
          "name": "23799",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23799"
        },
        {
          "name": "23839",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23839"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://docs.info.apple.com/article.html?artnum=305214"
        },
        {
          "name": "multiple-vendor-pdf-code-execution(31364)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31364"
        },
        {
          "name": "USN-410-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-410-2"
        },
        {
          "name": "MDKSA-2007:018",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:018"
        },
        {
          "name": "1017514",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1017514"
        },
        {
          "name": "23791",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23791"
        },
        {
          "name": "SUSE-SR:2007:003",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_3_sr.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html"
        },
        {
          "name": "21910",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/21910"
        },
        {
          "name": "MDKSA-2007:024",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:024"
        },
        {
          "name": "1017749",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1017749"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://projects.info-pull.com/moab/MOAB-06-01-2007.html"
        },
        {
          "name": "23844",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23844"
        },
        {
          "name": "USN-410-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-410-1"
        },
        {
          "name": "ADV-2007-0203",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/0203"
        },
        {
          "name": "23876",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23876"
        },
        {
          "name": "20070116 [KDE Security Advisory] kpdf/kword/xpdf denial of service vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/457055/100/0/threaded"
        },
        {
          "name": "ADV-2007-0244",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/0244"
        },
        {
          "name": "ADV-2007-0212",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/0212"
        },
        {
          "name": "ADV-2007-0930",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/0930"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-964"
        },
        {
          "name": "23813",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23813"
        },
        {
          "name": "24204",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24204"
        },
        {
          "name": "23808",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23808"
        },
        {
          "name": "24479",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24479"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-0104",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "23815",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23815"
            },
            {
              "name": "MDKSA-2007:022",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:022"
            },
            {
              "name": "MDKSA-2007:020",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:020"
            },
            {
              "name": "TA07-072A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
            },
            {
              "name": "MDKSA-2007:021",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:021"
            },
            {
              "name": "http://www.kde.org/info/security/advisory-20070115-1.txt",
              "refsource": "CONFIRM",
              "url": "http://www.kde.org/info/security/advisory-20070115-1.txt"
            },
            {
              "name": "MDKSA-2007:019",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:019"
            },
            {
              "name": "23799",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23799"
            },
            {
              "name": "23839",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23839"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=305214",
              "refsource": "CONFIRM",
              "url": "http://docs.info.apple.com/article.html?artnum=305214"
            },
            {
              "name": "multiple-vendor-pdf-code-execution(31364)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31364"
            },
            {
              "name": "USN-410-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-410-2"
            },
            {
              "name": "MDKSA-2007:018",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:018"
            },
            {
              "name": "1017514",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1017514"
            },
            {
              "name": "23791",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23791"
            },
            {
              "name": "SUSE-SR:2007:003",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2007_3_sr.html"
            },
            {
              "name": "http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html",
              "refsource": "CONFIRM",
              "url": "http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html"
            },
            {
              "name": "21910",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/21910"
            },
            {
              "name": "MDKSA-2007:024",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:024"
            },
            {
              "name": "1017749",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1017749"
            },
            {
              "name": "http://projects.info-pull.com/moab/MOAB-06-01-2007.html",
              "refsource": "MISC",
              "url": "http://projects.info-pull.com/moab/MOAB-06-01-2007.html"
            },
            {
              "name": "23844",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23844"
            },
            {
              "name": "USN-410-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-410-1"
            },
            {
              "name": "ADV-2007-0203",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/0203"
            },
            {
              "name": "23876",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23876"
            },
            {
              "name": "20070116 [KDE Security Advisory] kpdf/kword/xpdf denial of service vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/457055/100/0/threaded"
            },
            {
              "name": "ADV-2007-0244",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/0244"
            },
            {
              "name": "ADV-2007-0212",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/0212"
            },
            {
              "name": "ADV-2007-0930",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/0930"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-964",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-964"
            },
            {
              "name": "23813",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23813"
            },
            {
              "name": "24204",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24204"
            },
            {
              "name": "23808",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23808"
            },
            {
              "name": "24479",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24479"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-0104",
    "datePublished": "2007-01-09T00:00:00",
    "dateReserved": "2007-01-08T00:00:00",
    "dateUpdated": "2024-08-07T12:03:37.070Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-2663 (GCVE-0-2023-2663)
Vulnerability from cvelistv5
Published
2023-05-11 20:16
Modified
2025-01-24 16:04
CWE
Summary
 In Xpdf 4.04 (and earlier), a PDF object loop in the page label tree leads to infinite recursion and a stack overflow.
Impacted products
Vendor Product Version
Xpdf Xpdf Version: 4.04
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T06:26:10.030Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://forum.xpdfreader.com/viewtopic.php?t=42421"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.1,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "NONE",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-2663",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-24T16:02:53.792174Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-674",
                "description": "CWE-674 Uncontrolled Recursion",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-24T16:04:05.434Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "all"
          ],
          "product": "Xpdf",
          "vendor": "Xpdf",
          "versions": [
            {
              "status": "affected",
              "version": "4.04"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "BabyBus"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003e\u0026nbsp;In Xpdf 4.04 (and earlier), a PDF object loop in the page label tree leads to infinite recursion and a stack overflow.\u003cbr\u003e\u003c/div\u003e"
            }
          ],
          "value": "\u00a0In Xpdf 4.04 (and earlier), a PDF object loop in the page label tree leads to infinite recursion and a stack overflow.\n\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 2.9,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-674",
              "description": "CWE-674 Uncontrolled Recursion",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-11T20:19:20.402Z",
        "orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924",
        "shortName": "GandC"
      },
      "references": [
        {
          "url": "https://forum.xpdfreader.com/viewtopic.php?t=42421"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Stack overflow in Xpdf 4.04 due to object loop in PDF page label tree",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924",
    "assignerShortName": "GandC",
    "cveId": "CVE-2023-2663",
    "datePublished": "2023-05-11T20:16:59.111Z",
    "dateReserved": "2023-05-11T20:10:12.645Z",
    "dateUpdated": "2025-01-24T16:04:05.434Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2003-0434 (GCVE-0-2003-0434)
Vulnerability from cvelistv5
Published
2003-06-18 04:00
Modified
2024-08-08 01:50
Severity ?
CWE
  • n/a
Summary
Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.
References
http://secunia.com/advisories/9038 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2003:071 vendor-advisory, x_refsource_MANDRAKE
http://www.kb.cert.org/vuls/id/200132 third-party-advisory, x_refsource_CERT-VN
http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html mailing-list, x_refsource_FULLDISC
http://www.redhat.com/support/errata/RHSA-2003-196.html vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/9037 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2003-197.html vendor-advisory, x_refsource_REDHAT
http://marc.info/?l=bugtraq&m=105777963019186&w=2 mailing-list, x_refsource_BUGTRAQ
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A664 vdb-entry, signature, x_refsource_OVAL
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T01:50:48.159Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "9038",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/9038"
          },
          {
            "name": "MDKSA-2003:071",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:071"
          },
          {
            "name": "VU#200132",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/200132"
          },
          {
            "name": "20030613 -10Day CERT Advisory on PDF Files",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html"
          },
          {
            "name": "RHSA-2003:196",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2003-196.html"
          },
          {
            "name": "9037",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/9037"
          },
          {
            "name": "RHSA-2003:197",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2003-197.html"
          },
          {
            "name": "20030709 xpdf vulnerability - CAN-2003-0434",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=105777963019186\u0026w=2"
          },
          {
            "name": "oval:org.mitre.oval:def:664",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A664"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2003-06-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "9038",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/9038"
        },
        {
          "name": "MDKSA-2003:071",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:071"
        },
        {
          "name": "VU#200132",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/200132"
        },
        {
          "name": "20030613 -10Day CERT Advisory on PDF Files",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html"
        },
        {
          "name": "RHSA-2003:196",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2003-196.html"
        },
        {
          "name": "9037",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/9037"
        },
        {
          "name": "RHSA-2003:197",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2003-197.html"
        },
        {
          "name": "20030709 xpdf vulnerability - CAN-2003-0434",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=105777963019186\u0026w=2"
        },
        {
          "name": "oval:org.mitre.oval:def:664",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A664"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-0434",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "9038",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/9038"
            },
            {
              "name": "MDKSA-2003:071",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:071"
            },
            {
              "name": "VU#200132",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/200132"
            },
            {
              "name": "20030613 -10Day CERT Advisory on PDF Files",
              "refsource": "FULLDISC",
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html"
            },
            {
              "name": "RHSA-2003:196",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2003-196.html"
            },
            {
              "name": "9037",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/9037"
            },
            {
              "name": "RHSA-2003:197",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2003-197.html"
            },
            {
              "name": "20030709 xpdf vulnerability - CAN-2003-0434",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=105777963019186\u0026w=2"
            },
            {
              "name": "oval:org.mitre.oval:def:664",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A664"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-0434",
    "datePublished": "2003-06-18T04:00:00",
    "dateReserved": "2003-06-16T00:00:00",
    "dateUpdated": "2024-08-08T01:50:48.159Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-3193 (GCVE-0-2005-3193)
Vulnerability from cvelistv5
Published
2005-12-07 00:00
Modified
2024-08-07 23:01
Severity ?
CWE
  • n/a
Summary
Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and (5) libextractor allows user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with large size values that cause insufficient memory to be allocated.
References
http://secunia.com/advisories/17959 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17929 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/19797 third-party-advisory, x_refsource_SECUNIA
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt vendor-advisory, x_refsource_SCO
http://www.debian.org/security/2005/dsa-932 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18349 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18147 third-party-advisory, x_refsource_SECUNIA
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt vendor-advisory, x_refsource_SCO
http://secunia.com/advisories/18055 third-party-advisory, x_refsource_SECUNIA
http://www.kde.org/info/security/advisory-20051207-1.txt x_refsource_CONFIRM
http://www.kde.org/info/security/advisory-20051207-2.txt x_refsource_CONFIRM
http://secunia.com/advisories/18679 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18189 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/26413 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17940 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18303 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-931 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18554 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:003 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/19230 third-party-advisory, x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 vendor-advisory, x_refsource_SUNALERT
http://www.mandriva.com/security/advisories?name=MDKSA-2006:012 vendor-advisory, x_refsource_MANDRIVA
http://www.debian.org/security/2006/dsa-962 vendor-advisory, x_refsource_DEBIAN
http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00073.html vendor-advisory, x_refsource_FEDORA
http://securitytracker.com/id?1015309 vdb-entry, x_refsource_SECTRACK
http://www.debian.org/security/2005/dsa-937 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18398 third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/427053/100/0/threaded vendor-advisory, x_refsource_FEDORA
http://www.securityfocus.com/bid/15721 vdb-entry, x_refsource_BID
http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html vendor-advisory, x_refsource_SUSE
http://www.debian.org/security/2006/dsa-936 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/17916 third-party-advisory, x_refsource_SECUNIA
http://securityreason.com/securityalert/236 third-party-advisory, x_refsource_SREASON
http://www.gentoo.org/security/en/glsa/glsa-200603-02.xml vendor-advisory, x_refsource_GENTOO
http://www.redhat.com/support/errata/RHSA-2005-840.html vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2005/2789 vdb-entry, x_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2005-867.html vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/18674 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:005 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/18313 third-party-advisory, x_refsource_SECUNIA
https://issues.rpath.com/browse/RPL-1609 x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2005-868.html vendor-advisory, x_refsource_REDHAT
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U vendor-advisory, x_refsource_SGI
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U vendor-advisory, x_refsource_SGI
http://secunia.com/advisories/18448 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18380 third-party-advisory, x_refsource_SECUNIA
http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml vendor-advisory, x_refsource_GENTOO
http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/18416 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00022.html vendor-advisory, x_refsource_FEDORA
http://www.vupen.com/english/advisories/2007/2280 vdb-entry, x_refsource_VUPEN
http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml vendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/19125 third-party-advisory, x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/23441 vdb-entry, x_refsource_XF
http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/18336 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18061 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18407 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18009 third-party-advisory, x_refsource_SECUNIA
http://www.ubuntulinux.org/usn/usn-227-1 vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/17897 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18517 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18582 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18534 third-party-advisory, x_refsource_SECUNIA
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 vendor-advisory, x_refsource_SLACKWARE
http://www.trustix.org/errata/2005/0072/ vendor-advisory, x_refsource_TRUSTIX
http://secunia.com/advisories/18520 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html vendor-advisory, x_refsource_FEDORA
http://www.securityfocus.com/archive/1/418883/100/0/threaded mailing-list, x_refsource_BUGTRAQ
http://secunia.com/advisories/18908 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/25729 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:006 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/17956 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17926 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/19798 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:008 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/18191 third-party-advisory, x_refsource_SECUNIA
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U vendor-advisory, x_refsource_SGI
http://www.redhat.com/support/errata/RHSA-2006-0160.html vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/17912 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 vendor-advisory, x_refsource_MANDRAKE
http://www.debian.org/security/2005/dsa-940 vendor-advisory, x_refsource_DEBIAN
http://www.mandriva.com/security/advisories?name=MDKSA-2006:004 vendor-advisory, x_refsource_MANDRIVA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11440 vdb-entry, signature, x_refsource_OVAL
http://www.vupen.com/english/advisories/2005/2790 vdb-entry, x_refsource_VUPEN
http://www.idefense.com/application/poi/display?id=345&type=vulnerabilities&flashstatus=true third-party-advisory, x_refsource_IDEFENSE
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00043.html x_refsource_CONFIRM
http://secunia.com/advisories/18389 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18192 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2005/2856 vdb-entry, x_refsource_VUPEN
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 vendor-advisory, x_refsource_SLACKWARE
http://secunia.com/advisories/19377 third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/427990/100/0/threaded vendor-advisory, x_refsource_FEDORA
http://www.debian.org/security/2006/dsa-961 vendor-advisory, x_refsource_DEBIAN
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt vendor-advisory, x_refsource_SCO
http://secunia.com/advisories/18675 third-party-advisory, x_refsource_SECUNIA
http://securitytracker.com/id?1015324 vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/18913 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-938 vendor-advisory, x_refsource_DEBIAN
http://www.novell.com/linux/security/advisories/2005_29_sr.html vendor-advisory, x_refsource_SUSE
http://www.vupen.com/english/advisories/2005/2787 vdb-entry, x_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2005-878.html vendor-advisory, x_refsource_REDHAT
http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/17920 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2006/dsa-950 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/17955 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17976 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18387 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00014.html vendor-advisory, x_refsource_FEDORA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/18385 third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:01:59.055Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "17959",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17959"
          },
          {
            "name": "17929",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17929"
          },
          {
            "name": "19797",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19797"
          },
          {
            "name": "SCOSA-2006.20",
            "tags": [
              "vendor-advisory",
              "x_refsource_SCO",
              "x_transferred"
            ],
            "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt"
          },
          {
            "name": "DSA-932",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-932"
          },
          {
            "name": "18349",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18349"
          },
          {
            "name": "18147",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18147"
          },
          {
            "name": "SCOSA-2006.15",
            "tags": [
              "vendor-advisory",
              "x_refsource_SCO",
              "x_transferred"
            ],
            "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
          },
          {
            "name": "18055",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18055"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kde.org/info/security/advisory-20051207-1.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
          },
          {
            "name": "18679",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18679"
          },
          {
            "name": "18189",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18189"
          },
          {
            "name": "26413",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26413"
          },
          {
            "name": "17940",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17940"
          },
          {
            "name": "18303",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18303"
          },
          {
            "name": "DSA-931",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-931"
          },
          {
            "name": "18554",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18554"
          },
          {
            "name": "MDKSA-2006:003",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
          },
          {
            "name": "19230",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19230"
          },
          {
            "name": "102972",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
          },
          {
            "name": "MDKSA-2006:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
          },
          {
            "name": "DSA-962",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-962"
          },
          {
            "name": "FEDORA-2005-1171",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00073.html"
          },
          {
            "name": "1015309",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015309"
          },
          {
            "name": "DSA-937",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-937"
          },
          {
            "name": "18398",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18398"
          },
          {
            "name": "FLSA-2006:176751",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
          },
          {
            "name": "15721",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/15721"
          },
          {
            "name": "SUSE-SA:2006:001",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
          },
          {
            "name": "DSA-936",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-936"
          },
          {
            "name": "17916",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17916"
          },
          {
            "name": "236",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/236"
          },
          {
            "name": "GLSA-200603-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-02.xml"
          },
          {
            "name": "RHSA-2005:840",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-840.html"
          },
          {
            "name": "ADV-2005-2789",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/2789"
          },
          {
            "name": "RHSA-2005:867",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-867.html"
          },
          {
            "name": "18674",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18674"
          },
          {
            "name": "MDKSA-2006:005",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
          },
          {
            "name": "18313",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18313"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1609"
          },
          {
            "name": "RHSA-2005:868",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2005-868.html"
          },
          {
            "name": "20051201-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
          },
          {
            "name": "20060101-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
          },
          {
            "name": "18448",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18448"
          },
          {
            "name": "18380",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18380"
          },
          {
            "name": "GLSA-200512-08",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml"
          },
          {
            "name": "FEDORA-2005-1126",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html"
          },
          {
            "name": "18416",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18416"
          },
          {
            "name": "FEDORA-2005-1132",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00022.html"
          },
          {
            "name": "ADV-2007-2280",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2280"
          },
          {
            "name": "GLSA-200601-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
          },
          {
            "name": "19125",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19125"
          },
          {
            "name": "xpdf-jpx-stream-bo(23441)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23441"
          },
          {
            "name": "FEDORA-2005-1142",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html"
          },
          {
            "name": "18336",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18336"
          },
          {
            "name": "18061",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18061"
          },
          {
            "name": "18407",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18407"
          },
          {
            "name": "18009",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18009"
          },
          {
            "name": "USN-227-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntulinux.org/usn/usn-227-1"
          },
          {
            "name": "17897",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17897"
          },
          {
            "name": "18517",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18517"
          },
          {
            "name": "18582",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18582"
          },
          {
            "name": "18534",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18534"
          },
          {
            "name": "SSA:2006-045-09",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
          },
          {
            "name": "TSLSA-2005-0072",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2005/0072/"
          },
          {
            "name": "18520",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18520"
          },
          {
            "name": "FEDORA-2005-1127",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html"
          },
          {
            "name": "20051207 [KDE Security Advisory] multiple buffer overflows in kpdf/koffice",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/418883/100/0/threaded"
          },
          {
            "name": "18908",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18908"
          },
          {
            "name": "25729",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25729"
          },
          {
            "name": "MDKSA-2006:006",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
          },
          {
            "name": "17956",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17956"
          },
          {
            "name": "17926",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17926"
          },
          {
            "name": "19798",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19798"
          },
          {
            "name": "MDKSA-2006:008",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
          },
          {
            "name": "18191",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18191"
          },
          {
            "name": "20060201-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
          },
          {
            "name": "RHSA-2006:0160",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
          },
          {
            "name": "17912",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17912"
          },
          {
            "name": "MDKSA-2006:010",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
          },
          {
            "name": "DSA-940",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-940"
          },
          {
            "name": "MDKSA-2006:004",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
          },
          {
            "name": "oval:org.mitre.oval:def:11440",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11440"
          },
          {
            "name": "ADV-2005-2790",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/2790"
          },
          {
            "name": "20051205 Multiple Vendor xpdf JPX Stream Reader Heap Overflow Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://www.idefense.com/application/poi/display?id=345\u0026type=vulnerabilities\u0026flashstatus=true"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00043.html"
          },
          {
            "name": "18389",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18389"
          },
          {
            "name": "18192",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18192"
          },
          {
            "name": "ADV-2005-2856",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/2856"
          },
          {
            "name": "SSA:2006-045-04",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
          },
          {
            "name": "19377",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19377"
          },
          {
            "name": "FLSA:175404",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
          },
          {
            "name": "DSA-961",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-961"
          },
          {
            "name": "SCOSA-2006.21",
            "tags": [
              "vendor-advisory",
              "x_refsource_SCO",
              "x_transferred"
            ],
            "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt"
          },
          {
            "name": "18675",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18675"
          },
          {
            "name": "1015324",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015324"
          },
          {
            "name": "18913",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18913"
          },
          {
            "name": "DSA-938",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-938"
          },
          {
            "name": "SUSE-SR:2005:029",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2005_29_sr.html"
          },
          {
            "name": "ADV-2005-2787",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/2787"
          },
          {
            "name": "RHSA-2005:878",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-878.html"
          },
          {
            "name": "FEDORA-2005-1141",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html"
          },
          {
            "name": "17920",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17920"
          },
          {
            "name": "DSA-950",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-950"
          },
          {
            "name": "17955",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17955"
          },
          {
            "name": "17976",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17976"
          },
          {
            "name": "18387",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18387"
          },
          {
            "name": "FEDORA-2005-1125",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00014.html"
          },
          {
            "name": "MDKSA-2006:011",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
          },
          {
            "name": "18385",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18385"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-12-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and (5) libextractor allows user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with large size values that cause insufficient memory to be allocated."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "17959",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17959"
        },
        {
          "name": "17929",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17929"
        },
        {
          "name": "19797",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19797"
        },
        {
          "name": "SCOSA-2006.20",
          "tags": [
            "vendor-advisory",
            "x_refsource_SCO"
          ],
          "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt"
        },
        {
          "name": "DSA-932",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-932"
        },
        {
          "name": "18349",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18349"
        },
        {
          "name": "18147",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18147"
        },
        {
          "name": "SCOSA-2006.15",
          "tags": [
            "vendor-advisory",
            "x_refsource_SCO"
          ],
          "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
        },
        {
          "name": "18055",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18055"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kde.org/info/security/advisory-20051207-1.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
        },
        {
          "name": "18679",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18679"
        },
        {
          "name": "18189",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18189"
        },
        {
          "name": "26413",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26413"
        },
        {
          "name": "17940",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17940"
        },
        {
          "name": "18303",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18303"
        },
        {
          "name": "DSA-931",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-931"
        },
        {
          "name": "18554",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18554"
        },
        {
          "name": "MDKSA-2006:003",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
        },
        {
          "name": "19230",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19230"
        },
        {
          "name": "102972",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
        },
        {
          "name": "MDKSA-2006:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
        },
        {
          "name": "DSA-962",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-962"
        },
        {
          "name": "FEDORA-2005-1171",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00073.html"
        },
        {
          "name": "1015309",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015309"
        },
        {
          "name": "DSA-937",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-937"
        },
        {
          "name": "18398",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18398"
        },
        {
          "name": "FLSA-2006:176751",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
        },
        {
          "name": "15721",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/15721"
        },
        {
          "name": "SUSE-SA:2006:001",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
        },
        {
          "name": "DSA-936",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-936"
        },
        {
          "name": "17916",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17916"
        },
        {
          "name": "236",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/236"
        },
        {
          "name": "GLSA-200603-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-02.xml"
        },
        {
          "name": "RHSA-2005:840",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-840.html"
        },
        {
          "name": "ADV-2005-2789",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/2789"
        },
        {
          "name": "RHSA-2005:867",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-867.html"
        },
        {
          "name": "18674",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18674"
        },
        {
          "name": "MDKSA-2006:005",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
        },
        {
          "name": "18313",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18313"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1609"
        },
        {
          "name": "RHSA-2005:868",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2005-868.html"
        },
        {
          "name": "20051201-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
        },
        {
          "name": "20060101-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
        },
        {
          "name": "18448",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18448"
        },
        {
          "name": "18380",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18380"
        },
        {
          "name": "GLSA-200512-08",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml"
        },
        {
          "name": "FEDORA-2005-1126",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html"
        },
        {
          "name": "18416",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18416"
        },
        {
          "name": "FEDORA-2005-1132",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00022.html"
        },
        {
          "name": "ADV-2007-2280",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2280"
        },
        {
          "name": "GLSA-200601-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
        },
        {
          "name": "19125",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19125"
        },
        {
          "name": "xpdf-jpx-stream-bo(23441)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23441"
        },
        {
          "name": "FEDORA-2005-1142",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html"
        },
        {
          "name": "18336",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18336"
        },
        {
          "name": "18061",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18061"
        },
        {
          "name": "18407",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18407"
        },
        {
          "name": "18009",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18009"
        },
        {
          "name": "USN-227-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntulinux.org/usn/usn-227-1"
        },
        {
          "name": "17897",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17897"
        },
        {
          "name": "18517",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18517"
        },
        {
          "name": "18582",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18582"
        },
        {
          "name": "18534",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18534"
        },
        {
          "name": "SSA:2006-045-09",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
        },
        {
          "name": "TSLSA-2005-0072",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2005/0072/"
        },
        {
          "name": "18520",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18520"
        },
        {
          "name": "FEDORA-2005-1127",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html"
        },
        {
          "name": "20051207 [KDE Security Advisory] multiple buffer overflows in kpdf/koffice",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/418883/100/0/threaded"
        },
        {
          "name": "18908",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18908"
        },
        {
          "name": "25729",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25729"
        },
        {
          "name": "MDKSA-2006:006",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
        },
        {
          "name": "17956",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17956"
        },
        {
          "name": "17926",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17926"
        },
        {
          "name": "19798",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19798"
        },
        {
          "name": "MDKSA-2006:008",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
        },
        {
          "name": "18191",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18191"
        },
        {
          "name": "20060201-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
        },
        {
          "name": "RHSA-2006:0160",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
        },
        {
          "name": "17912",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17912"
        },
        {
          "name": "MDKSA-2006:010",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
        },
        {
          "name": "DSA-940",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-940"
        },
        {
          "name": "MDKSA-2006:004",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
        },
        {
          "name": "oval:org.mitre.oval:def:11440",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11440"
        },
        {
          "name": "ADV-2005-2790",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/2790"
        },
        {
          "name": "20051205 Multiple Vendor xpdf JPX Stream Reader Heap Overflow Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://www.idefense.com/application/poi/display?id=345\u0026type=vulnerabilities\u0026flashstatus=true"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00043.html"
        },
        {
          "name": "18389",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18389"
        },
        {
          "name": "18192",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18192"
        },
        {
          "name": "ADV-2005-2856",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/2856"
        },
        {
          "name": "SSA:2006-045-04",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
        },
        {
          "name": "19377",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19377"
        },
        {
          "name": "FLSA:175404",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
        },
        {
          "name": "DSA-961",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-961"
        },
        {
          "name": "SCOSA-2006.21",
          "tags": [
            "vendor-advisory",
            "x_refsource_SCO"
          ],
          "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt"
        },
        {
          "name": "18675",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18675"
        },
        {
          "name": "1015324",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015324"
        },
        {
          "name": "18913",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18913"
        },
        {
          "name": "DSA-938",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-938"
        },
        {
          "name": "SUSE-SR:2005:029",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2005_29_sr.html"
        },
        {
          "name": "ADV-2005-2787",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/2787"
        },
        {
          "name": "RHSA-2005:878",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-878.html"
        },
        {
          "name": "FEDORA-2005-1141",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html"
        },
        {
          "name": "17920",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17920"
        },
        {
          "name": "DSA-950",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-950"
        },
        {
          "name": "17955",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17955"
        },
        {
          "name": "17976",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17976"
        },
        {
          "name": "18387",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18387"
        },
        {
          "name": "FEDORA-2005-1125",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00014.html"
        },
        {
          "name": "MDKSA-2006:011",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
        },
        {
          "name": "18385",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18385"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-3193",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and (5) libextractor allows user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with large size values that cause insufficient memory to be allocated."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "17959",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17959"
            },
            {
              "name": "17929",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17929"
            },
            {
              "name": "19797",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19797"
            },
            {
              "name": "SCOSA-2006.20",
              "refsource": "SCO",
              "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt"
            },
            {
              "name": "DSA-932",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-932"
            },
            {
              "name": "18349",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18349"
            },
            {
              "name": "18147",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18147"
            },
            {
              "name": "SCOSA-2006.15",
              "refsource": "SCO",
              "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
            },
            {
              "name": "18055",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18055"
            },
            {
              "name": "http://www.kde.org/info/security/advisory-20051207-1.txt",
              "refsource": "CONFIRM",
              "url": "http://www.kde.org/info/security/advisory-20051207-1.txt"
            },
            {
              "name": "http://www.kde.org/info/security/advisory-20051207-2.txt",
              "refsource": "CONFIRM",
              "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
            },
            {
              "name": "18679",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18679"
            },
            {
              "name": "18189",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18189"
            },
            {
              "name": "26413",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26413"
            },
            {
              "name": "17940",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17940"
            },
            {
              "name": "18303",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18303"
            },
            {
              "name": "DSA-931",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-931"
            },
            {
              "name": "18554",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18554"
            },
            {
              "name": "MDKSA-2006:003",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
            },
            {
              "name": "19230",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19230"
            },
            {
              "name": "102972",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
            },
            {
              "name": "MDKSA-2006:012",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
            },
            {
              "name": "DSA-962",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-962"
            },
            {
              "name": "FEDORA-2005-1171",
              "refsource": "FEDORA",
              "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00073.html"
            },
            {
              "name": "1015309",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015309"
            },
            {
              "name": "DSA-937",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-937"
            },
            {
              "name": "18398",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18398"
            },
            {
              "name": "FLSA-2006:176751",
              "refsource": "FEDORA",
              "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
            },
            {
              "name": "15721",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/15721"
            },
            {
              "name": "SUSE-SA:2006:001",
              "refsource": "SUSE",
              "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
            },
            {
              "name": "DSA-936",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-936"
            },
            {
              "name": "17916",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17916"
            },
            {
              "name": "236",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/236"
            },
            {
              "name": "GLSA-200603-02",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-02.xml"
            },
            {
              "name": "RHSA-2005:840",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-840.html"
            },
            {
              "name": "ADV-2005-2789",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2005/2789"
            },
            {
              "name": "RHSA-2005:867",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-867.html"
            },
            {
              "name": "18674",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18674"
            },
            {
              "name": "MDKSA-2006:005",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
            },
            {
              "name": "18313",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18313"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1609",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-1609"
            },
            {
              "name": "RHSA-2005:868",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2005-868.html"
            },
            {
              "name": "20051201-01-U",
              "refsource": "SGI",
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
            },
            {
              "name": "20060101-01-U",
              "refsource": "SGI",
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
            },
            {
              "name": "18448",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18448"
            },
            {
              "name": "18380",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18380"
            },
            {
              "name": "GLSA-200512-08",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml"
            },
            {
              "name": "FEDORA-2005-1126",
              "refsource": "FEDORA",
              "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html"
            },
            {
              "name": "18416",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18416"
            },
            {
              "name": "FEDORA-2005-1132",
              "refsource": "FEDORA",
              "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00022.html"
            },
            {
              "name": "ADV-2007-2280",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2280"
            },
            {
              "name": "GLSA-200601-02",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
            },
            {
              "name": "19125",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19125"
            },
            {
              "name": "xpdf-jpx-stream-bo(23441)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23441"
            },
            {
              "name": "FEDORA-2005-1142",
              "refsource": "FEDORA",
              "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html"
            },
            {
              "name": "18336",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18336"
            },
            {
              "name": "18061",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18061"
            },
            {
              "name": "18407",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18407"
            },
            {
              "name": "18009",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18009"
            },
            {
              "name": "USN-227-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntulinux.org/usn/usn-227-1"
            },
            {
              "name": "17897",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17897"
            },
            {
              "name": "18517",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18517"
            },
            {
              "name": "18582",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18582"
            },
            {
              "name": "18534",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18534"
            },
            {
              "name": "SSA:2006-045-09",
              "refsource": "SLACKWARE",
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
            },
            {
              "name": "TSLSA-2005-0072",
              "refsource": "TRUSTIX",
              "url": "http://www.trustix.org/errata/2005/0072/"
            },
            {
              "name": "18520",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18520"
            },
            {
              "name": "FEDORA-2005-1127",
              "refsource": "FEDORA",
              "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html"
            },
            {
              "name": "20051207 [KDE Security Advisory] multiple buffer overflows in kpdf/koffice",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/418883/100/0/threaded"
            },
            {
              "name": "18908",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18908"
            },
            {
              "name": "25729",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25729"
            },
            {
              "name": "MDKSA-2006:006",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
            },
            {
              "name": "17956",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17956"
            },
            {
              "name": "17926",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17926"
            },
            {
              "name": "19798",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19798"
            },
            {
              "name": "MDKSA-2006:008",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
            },
            {
              "name": "18191",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18191"
            },
            {
              "name": "20060201-01-U",
              "refsource": "SGI",
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
            },
            {
              "name": "RHSA-2006:0160",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
            },
            {
              "name": "17912",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17912"
            },
            {
              "name": "MDKSA-2006:010",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
            },
            {
              "name": "DSA-940",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-940"
            },
            {
              "name": "MDKSA-2006:004",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
            },
            {
              "name": "oval:org.mitre.oval:def:11440",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11440"
            },
            {
              "name": "ADV-2005-2790",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2005/2790"
            },
            {
              "name": "20051205 Multiple Vendor xpdf JPX Stream Reader Heap Overflow Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://www.idefense.com/application/poi/display?id=345\u0026type=vulnerabilities\u0026flashstatus=true"
            },
            {
              "name": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00043.html",
              "refsource": "CONFIRM",
              "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00043.html"
            },
            {
              "name": "18389",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18389"
            },
            {
              "name": "18192",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18192"
            },
            {
              "name": "ADV-2005-2856",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2005/2856"
            },
            {
              "name": "SSA:2006-045-04",
              "refsource": "SLACKWARE",
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
            },
            {
              "name": "19377",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19377"
            },
            {
              "name": "FLSA:175404",
              "refsource": "FEDORA",
              "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
            },
            {
              "name": "DSA-961",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-961"
            },
            {
              "name": "SCOSA-2006.21",
              "refsource": "SCO",
              "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt"
            },
            {
              "name": "18675",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18675"
            },
            {
              "name": "1015324",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015324"
            },
            {
              "name": "18913",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18913"
            },
            {
              "name": "DSA-938",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-938"
            },
            {
              "name": "SUSE-SR:2005:029",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2005_29_sr.html"
            },
            {
              "name": "ADV-2005-2787",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2005/2787"
            },
            {
              "name": "RHSA-2005:878",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-878.html"
            },
            {
              "name": "FEDORA-2005-1141",
              "refsource": "FEDORA",
              "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html"
            },
            {
              "name": "17920",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17920"
            },
            {
              "name": "DSA-950",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-950"
            },
            {
              "name": "17955",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17955"
            },
            {
              "name": "17976",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17976"
            },
            {
              "name": "18387",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18387"
            },
            {
              "name": "FEDORA-2005-1125",
              "refsource": "FEDORA",
              "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00014.html"
            },
            {
              "name": "MDKSA-2006:011",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
            },
            {
              "name": "18385",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18385"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-3193",
    "datePublished": "2005-12-07T00:00:00",
    "dateReserved": "2005-10-14T00:00:00",
    "dateUpdated": "2024-08-07T23:01:59.055Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-3192 (GCVE-0-2005-3192)
Vulnerability from cvelistv5
Published
2005-12-08 01:00
Modified
2024-08-07 23:01
Severity ?
CWE
  • n/a
Summary
Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitrary code via a PDF file with an out-of-range numComps (number of components) field.
References
http://secunia.com/advisories/17929 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/19797 third-party-advisory, x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/23442 vdb-entry, x_refsource_XF
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt vendor-advisory, x_refsource_SCO
http://www.debian.org/security/2005/dsa-932 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18349 third-party-advisory, x_refsource_SECUNIA
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt vendor-advisory, x_refsource_SCO
http://secunia.com/advisories/18055 third-party-advisory, x_refsource_SECUNIA
http://scary.beasts.org/security/CESA-2005-003.txt x_refsource_MISC
http://www.kde.org/info/security/advisory-20051207-1.txt x_refsource_CONFIRM
http://secunia.com/advisories/18503 third-party-advisory, x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10914 vdb-entry, signature, x_refsource_OVAL
http://secunia.com/advisories/18549 third-party-advisory, x_refsource_SECUNIA
http://www.kde.org/info/security/advisory-20051207-2.txt x_refsource_CONFIRM
http://secunia.com/advisories/18679 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18189 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/26413 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17940 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18303 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-931 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18554 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:003 vendor-advisory, x_refsource_MANDRIVA
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289 x_refsource_MISC
http://secunia.com/advisories/19230 third-party-advisory, x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 vendor-advisory, x_refsource_SUNALERT
http://www.debian.org/security/2006/dsa-962 vendor-advisory, x_refsource_DEBIAN
http://securitytracker.com/id?1015309 vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/18398 third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/427053/100/0/threaded vendor-advisory, x_refsource_FEDORA
http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html vendor-advisory, x_refsource_SUSE
http://www.debian.org/security/2006/dsa-936 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/17916 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2005-840.html vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2005/2789 vdb-entry, x_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2005-867.html vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/18674 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:005 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/18313 third-party-advisory, x_refsource_SECUNIA
https://issues.rpath.com/browse/RPL-1609 x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2005-868.html vendor-advisory, x_refsource_REDHAT
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U vendor-advisory, x_refsource_SGI
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U vendor-advisory, x_refsource_SGI
http://secunia.com/advisories/18448 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18436 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18428 third-party-advisory, x_refsource_SECUNIA
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.01pl1.patch x_refsource_CONFIRM
http://secunia.com/advisories/18380 third-party-advisory, x_refsource_SECUNIA
http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml vendor-advisory, x_refsource_GENTOO
http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/18416 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/2280 vdb-entry, x_refsource_VUPEN
http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml vendor-advisory, x_refsource_GENTOO
http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/18336 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18061 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18407 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18009 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17908 third-party-advisory, x_refsource_SECUNIA
http://www.ubuntulinux.org/usn/usn-227-1 vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/18517 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18582 third-party-advisory, x_refsource_SECUNIA
http://www.novell.com/linux/security/advisories/2006_02_sr.html vendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/18534 third-party-advisory, x_refsource_SECUNIA
http://www.idefense.com/application/poi/display?id=344&type=vulnerabilities third-party-advisory, x_refsource_IDEFENSE
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 vendor-advisory, x_refsource_SLACKWARE
http://www.trustix.org/errata/2005/0072/ vendor-advisory, x_refsource_TRUSTIX
http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html vendor-advisory, x_refsource_FEDORA
http://www.securityfocus.com/archive/1/418883/100/0/threaded mailing-list, x_refsource_BUGTRAQ
http://secunia.com/advisories/18908 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/25729 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2005/2786 vdb-entry, x_refsource_VUPEN
http://www.mandriva.com/security/advisories?name=MDKSA-2006:006 vendor-advisory, x_refsource_MANDRIVA
http://www.vupen.com/english/advisories/2005/2788 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/17926 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/19798 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2005/2755 vdb-entry, x_refsource_VUPEN
http://www.securityfocus.com/bid/15725 vdb-entry, x_refsource_BID
http://www.mandriva.com/security/advisories?name=MDKSA-2006:008 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/18191 third-party-advisory, x_refsource_SECUNIA
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U vendor-advisory, x_refsource_SGI
http://www.redhat.com/support/errata/RHSA-2006-0160.html vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/17912 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 vendor-advisory, x_refsource_MANDRAKE
http://secunia.com/advisories/17921 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:004 vendor-advisory, x_refsource_MANDRIVA
http://www.vupen.com/english/advisories/2005/2790 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/18389 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18192 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2005/2856 vdb-entry, x_refsource_VUPEN
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 vendor-advisory, x_refsource_SLACKWARE
http://secunia.com/advisories/19377 third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/427990/100/0/threaded vendor-advisory, x_refsource_FEDORA
http://www.debian.org/security/2006/dsa-961 vendor-advisory, x_refsource_DEBIAN
http://securityreason.com/securityalert/235 third-party-advisory, x_refsource_SREASON
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt vendor-advisory, x_refsource_SCO
http://secunia.com/advisories/18675 third-party-advisory, x_refsource_SECUNIA
http://securitytracker.com/id?1015324 vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/18913 third-party-advisory, x_refsource_SECUNIA
http://www.novell.com/linux/security/advisories/2005_29_sr.html vendor-advisory, x_refsource_SUSE
http://www.debian.org/security/2006/dsa-937 vendor-advisory, x_refsource_DEBIAN
http://www.vupen.com/english/advisories/2005/2787 vdb-entry, x_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2005-878.html vendor-advisory, x_refsource_REDHAT
http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/17920 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2006/dsa-950 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/17955 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17897/ third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17976 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18387 third-party-advisory, x_refsource_SECUNIA
http://securityreason.com/securityalert/240 third-party-advisory, x_refsource_SREASON
http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/18385 third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:01:59.286Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "17929",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17929"
          },
          {
            "name": "19797",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19797"
          },
          {
            "name": "xpdf-streampredictor-bo(23442)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23442"
          },
          {
            "name": "SCOSA-2006.20",
            "tags": [
              "vendor-advisory",
              "x_refsource_SCO",
              "x_transferred"
            ],
            "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt"
          },
          {
            "name": "DSA-932",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-932"
          },
          {
            "name": "18349",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18349"
          },
          {
            "name": "SCOSA-2006.15",
            "tags": [
              "vendor-advisory",
              "x_refsource_SCO",
              "x_transferred"
            ],
            "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
          },
          {
            "name": "18055",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18055"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kde.org/info/security/advisory-20051207-1.txt"
          },
          {
            "name": "18503",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18503"
          },
          {
            "name": "oval:org.mitre.oval:def:10914",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10914"
          },
          {
            "name": "18549",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18549"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
          },
          {
            "name": "18679",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18679"
          },
          {
            "name": "18189",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18189"
          },
          {
            "name": "26413",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26413"
          },
          {
            "name": "17940",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17940"
          },
          {
            "name": "18303",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18303"
          },
          {
            "name": "DSA-931",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-931"
          },
          {
            "name": "18554",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18554"
          },
          {
            "name": "MDKSA-2006:003",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289"
          },
          {
            "name": "19230",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19230"
          },
          {
            "name": "102972",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
          },
          {
            "name": "DSA-962",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-962"
          },
          {
            "name": "1015309",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015309"
          },
          {
            "name": "18398",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18398"
          },
          {
            "name": "FLSA-2006:176751",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
          },
          {
            "name": "SUSE-SA:2006:001",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
          },
          {
            "name": "DSA-936",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-936"
          },
          {
            "name": "17916",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17916"
          },
          {
            "name": "RHSA-2005:840",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-840.html"
          },
          {
            "name": "ADV-2005-2789",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/2789"
          },
          {
            "name": "RHSA-2005:867",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-867.html"
          },
          {
            "name": "18674",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18674"
          },
          {
            "name": "MDKSA-2006:005",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
          },
          {
            "name": "18313",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18313"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1609"
          },
          {
            "name": "RHSA-2005:868",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2005-868.html"
          },
          {
            "name": "20051201-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
          },
          {
            "name": "20060101-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
          },
          {
            "name": "18448",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18448"
          },
          {
            "name": "18436",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18436"
          },
          {
            "name": "18428",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18428"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.01pl1.patch"
          },
          {
            "name": "18380",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18380"
          },
          {
            "name": "GLSA-200512-08",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml"
          },
          {
            "name": "FEDORA-2005-1126",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html"
          },
          {
            "name": "18416",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18416"
          },
          {
            "name": "ADV-2007-2280",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2280"
          },
          {
            "name": "GLSA-200601-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
          },
          {
            "name": "FEDORA-2005-1142",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html"
          },
          {
            "name": "18336",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18336"
          },
          {
            "name": "18061",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18061"
          },
          {
            "name": "18407",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18407"
          },
          {
            "name": "18009",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18009"
          },
          {
            "name": "17908",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17908"
          },
          {
            "name": "USN-227-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntulinux.org/usn/usn-227-1"
          },
          {
            "name": "18517",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18517"
          },
          {
            "name": "18582",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18582"
          },
          {
            "name": "SUSE-SR:2006:002",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2006_02_sr.html"
          },
          {
            "name": "18534",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18534"
          },
          {
            "name": "20051205 Multiple Vendor xpdf StreamPredictor Heap Overflow Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://www.idefense.com/application/poi/display?id=344\u0026type=vulnerabilities"
          },
          {
            "name": "SSA:2006-045-09",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
          },
          {
            "name": "TSLSA-2005-0072",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2005/0072/"
          },
          {
            "name": "FEDORA-2005-1127",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html"
          },
          {
            "name": "20051207 [KDE Security Advisory] multiple buffer overflows in kpdf/koffice",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/418883/100/0/threaded"
          },
          {
            "name": "18908",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18908"
          },
          {
            "name": "25729",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25729"
          },
          {
            "name": "ADV-2005-2786",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/2786"
          },
          {
            "name": "MDKSA-2006:006",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
          },
          {
            "name": "ADV-2005-2788",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/2788"
          },
          {
            "name": "17926",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17926"
          },
          {
            "name": "19798",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19798"
          },
          {
            "name": "ADV-2005-2755",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/2755"
          },
          {
            "name": "15725",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/15725"
          },
          {
            "name": "MDKSA-2006:008",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
          },
          {
            "name": "18191",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18191"
          },
          {
            "name": "20060201-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
          },
          {
            "name": "RHSA-2006:0160",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
          },
          {
            "name": "17912",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17912"
          },
          {
            "name": "MDKSA-2006:010",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
          },
          {
            "name": "17921",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17921"
          },
          {
            "name": "MDKSA-2006:004",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
          },
          {
            "name": "ADV-2005-2790",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/2790"
          },
          {
            "name": "18389",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18389"
          },
          {
            "name": "18192",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18192"
          },
          {
            "name": "ADV-2005-2856",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/2856"
          },
          {
            "name": "SSA:2006-045-04",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
          },
          {
            "name": "19377",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19377"
          },
          {
            "name": "FLSA:175404",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
          },
          {
            "name": "DSA-961",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-961"
          },
          {
            "name": "235",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/235"
          },
          {
            "name": "SCOSA-2006.21",
            "tags": [
              "vendor-advisory",
              "x_refsource_SCO",
              "x_transferred"
            ],
            "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt"
          },
          {
            "name": "18675",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18675"
          },
          {
            "name": "1015324",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015324"
          },
          {
            "name": "18913",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18913"
          },
          {
            "name": "SUSE-SR:2005:029",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2005_29_sr.html"
          },
          {
            "name": "DSA-937",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-937"
          },
          {
            "name": "ADV-2005-2787",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/2787"
          },
          {
            "name": "RHSA-2005:878",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-878.html"
          },
          {
            "name": "FEDORA-2005-1141",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html"
          },
          {
            "name": "17920",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17920"
          },
          {
            "name": "DSA-950",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-950"
          },
          {
            "name": "17955",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17955"
          },
          {
            "name": "17897",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17897/"
          },
          {
            "name": "17976",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17976"
          },
          {
            "name": "18387",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18387"
          },
          {
            "name": "240",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/240"
          },
          {
            "name": "MDKSA-2006:011",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
          },
          {
            "name": "18385",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18385"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-12-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitrary code via a PDF file with an out-of-range numComps (number of components) field."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "17929",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17929"
        },
        {
          "name": "19797",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19797"
        },
        {
          "name": "xpdf-streampredictor-bo(23442)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23442"
        },
        {
          "name": "SCOSA-2006.20",
          "tags": [
            "vendor-advisory",
            "x_refsource_SCO"
          ],
          "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt"
        },
        {
          "name": "DSA-932",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-932"
        },
        {
          "name": "18349",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18349"
        },
        {
          "name": "SCOSA-2006.15",
          "tags": [
            "vendor-advisory",
            "x_refsource_SCO"
          ],
          "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
        },
        {
          "name": "18055",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18055"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kde.org/info/security/advisory-20051207-1.txt"
        },
        {
          "name": "18503",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18503"
        },
        {
          "name": "oval:org.mitre.oval:def:10914",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10914"
        },
        {
          "name": "18549",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18549"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
        },
        {
          "name": "18679",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18679"
        },
        {
          "name": "18189",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18189"
        },
        {
          "name": "26413",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26413"
        },
        {
          "name": "17940",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17940"
        },
        {
          "name": "18303",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18303"
        },
        {
          "name": "DSA-931",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-931"
        },
        {
          "name": "18554",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18554"
        },
        {
          "name": "MDKSA-2006:003",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289"
        },
        {
          "name": "19230",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19230"
        },
        {
          "name": "102972",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
        },
        {
          "name": "DSA-962",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-962"
        },
        {
          "name": "1015309",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015309"
        },
        {
          "name": "18398",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18398"
        },
        {
          "name": "FLSA-2006:176751",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
        },
        {
          "name": "SUSE-SA:2006:001",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
        },
        {
          "name": "DSA-936",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-936"
        },
        {
          "name": "17916",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17916"
        },
        {
          "name": "RHSA-2005:840",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-840.html"
        },
        {
          "name": "ADV-2005-2789",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/2789"
        },
        {
          "name": "RHSA-2005:867",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-867.html"
        },
        {
          "name": "18674",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18674"
        },
        {
          "name": "MDKSA-2006:005",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
        },
        {
          "name": "18313",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18313"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1609"
        },
        {
          "name": "RHSA-2005:868",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2005-868.html"
        },
        {
          "name": "20051201-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
        },
        {
          "name": "20060101-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
        },
        {
          "name": "18448",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18448"
        },
        {
          "name": "18436",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18436"
        },
        {
          "name": "18428",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18428"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.01pl1.patch"
        },
        {
          "name": "18380",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18380"
        },
        {
          "name": "GLSA-200512-08",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml"
        },
        {
          "name": "FEDORA-2005-1126",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html"
        },
        {
          "name": "18416",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18416"
        },
        {
          "name": "ADV-2007-2280",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2280"
        },
        {
          "name": "GLSA-200601-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
        },
        {
          "name": "FEDORA-2005-1142",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html"
        },
        {
          "name": "18336",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18336"
        },
        {
          "name": "18061",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18061"
        },
        {
          "name": "18407",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18407"
        },
        {
          "name": "18009",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18009"
        },
        {
          "name": "17908",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17908"
        },
        {
          "name": "USN-227-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntulinux.org/usn/usn-227-1"
        },
        {
          "name": "18517",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18517"
        },
        {
          "name": "18582",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18582"
        },
        {
          "name": "SUSE-SR:2006:002",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2006_02_sr.html"
        },
        {
          "name": "18534",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18534"
        },
        {
          "name": "20051205 Multiple Vendor xpdf StreamPredictor Heap Overflow Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://www.idefense.com/application/poi/display?id=344\u0026type=vulnerabilities"
        },
        {
          "name": "SSA:2006-045-09",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
        },
        {
          "name": "TSLSA-2005-0072",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2005/0072/"
        },
        {
          "name": "FEDORA-2005-1127",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html"
        },
        {
          "name": "20051207 [KDE Security Advisory] multiple buffer overflows in kpdf/koffice",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/418883/100/0/threaded"
        },
        {
          "name": "18908",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18908"
        },
        {
          "name": "25729",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25729"
        },
        {
          "name": "ADV-2005-2786",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/2786"
        },
        {
          "name": "MDKSA-2006:006",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
        },
        {
          "name": "ADV-2005-2788",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/2788"
        },
        {
          "name": "17926",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17926"
        },
        {
          "name": "19798",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19798"
        },
        {
          "name": "ADV-2005-2755",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/2755"
        },
        {
          "name": "15725",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/15725"
        },
        {
          "name": "MDKSA-2006:008",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
        },
        {
          "name": "18191",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18191"
        },
        {
          "name": "20060201-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
        },
        {
          "name": "RHSA-2006:0160",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
        },
        {
          "name": "17912",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17912"
        },
        {
          "name": "MDKSA-2006:010",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
        },
        {
          "name": "17921",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17921"
        },
        {
          "name": "MDKSA-2006:004",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
        },
        {
          "name": "ADV-2005-2790",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/2790"
        },
        {
          "name": "18389",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18389"
        },
        {
          "name": "18192",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18192"
        },
        {
          "name": "ADV-2005-2856",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/2856"
        },
        {
          "name": "SSA:2006-045-04",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
        },
        {
          "name": "19377",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19377"
        },
        {
          "name": "FLSA:175404",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
        },
        {
          "name": "DSA-961",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-961"
        },
        {
          "name": "235",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/235"
        },
        {
          "name": "SCOSA-2006.21",
          "tags": [
            "vendor-advisory",
            "x_refsource_SCO"
          ],
          "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt"
        },
        {
          "name": "18675",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18675"
        },
        {
          "name": "1015324",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015324"
        },
        {
          "name": "18913",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18913"
        },
        {
          "name": "SUSE-SR:2005:029",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2005_29_sr.html"
        },
        {
          "name": "DSA-937",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-937"
        },
        {
          "name": "ADV-2005-2787",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/2787"
        },
        {
          "name": "RHSA-2005:878",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-878.html"
        },
        {
          "name": "FEDORA-2005-1141",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html"
        },
        {
          "name": "17920",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17920"
        },
        {
          "name": "DSA-950",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-950"
        },
        {
          "name": "17955",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17955"
        },
        {
          "name": "17897",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17897/"
        },
        {
          "name": "17976",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17976"
        },
        {
          "name": "18387",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18387"
        },
        {
          "name": "240",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/240"
        },
        {
          "name": "MDKSA-2006:011",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
        },
        {
          "name": "18385",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18385"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-3192",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitrary code via a PDF file with an out-of-range numComps (number of components) field."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "17929",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17929"
            },
            {
              "name": "19797",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19797"
            },
            {
              "name": "xpdf-streampredictor-bo(23442)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23442"
            },
            {
              "name": "SCOSA-2006.20",
              "refsource": "SCO",
              "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt"
            },
            {
              "name": "DSA-932",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-932"
            },
            {
              "name": "18349",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18349"
            },
            {
              "name": "SCOSA-2006.15",
              "refsource": "SCO",
              "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
            },
            {
              "name": "18055",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18055"
            },
            {
              "name": "http://scary.beasts.org/security/CESA-2005-003.txt",
              "refsource": "MISC",
              "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
            },
            {
              "name": "http://www.kde.org/info/security/advisory-20051207-1.txt",
              "refsource": "CONFIRM",
              "url": "http://www.kde.org/info/security/advisory-20051207-1.txt"
            },
            {
              "name": "18503",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18503"
            },
            {
              "name": "oval:org.mitre.oval:def:10914",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10914"
            },
            {
              "name": "18549",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18549"
            },
            {
              "name": "http://www.kde.org/info/security/advisory-20051207-2.txt",
              "refsource": "CONFIRM",
              "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
            },
            {
              "name": "18679",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18679"
            },
            {
              "name": "18189",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18189"
            },
            {
              "name": "26413",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26413"
            },
            {
              "name": "17940",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17940"
            },
            {
              "name": "18303",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18303"
            },
            {
              "name": "DSA-931",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-931"
            },
            {
              "name": "18554",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18554"
            },
            {
              "name": "MDKSA-2006:003",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
            },
            {
              "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289",
              "refsource": "MISC",
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289"
            },
            {
              "name": "19230",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19230"
            },
            {
              "name": "102972",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
            },
            {
              "name": "DSA-962",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-962"
            },
            {
              "name": "1015309",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015309"
            },
            {
              "name": "18398",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18398"
            },
            {
              "name": "FLSA-2006:176751",
              "refsource": "FEDORA",
              "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
            },
            {
              "name": "SUSE-SA:2006:001",
              "refsource": "SUSE",
              "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
            },
            {
              "name": "DSA-936",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-936"
            },
            {
              "name": "17916",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17916"
            },
            {
              "name": "RHSA-2005:840",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-840.html"
            },
            {
              "name": "ADV-2005-2789",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2005/2789"
            },
            {
              "name": "RHSA-2005:867",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-867.html"
            },
            {
              "name": "18674",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18674"
            },
            {
              "name": "MDKSA-2006:005",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
            },
            {
              "name": "18313",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18313"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1609",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-1609"
            },
            {
              "name": "RHSA-2005:868",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2005-868.html"
            },
            {
              "name": "20051201-01-U",
              "refsource": "SGI",
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
            },
            {
              "name": "20060101-01-U",
              "refsource": "SGI",
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
            },
            {
              "name": "18448",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18448"
            },
            {
              "name": "18436",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18436"
            },
            {
              "name": "18428",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18428"
            },
            {
              "name": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.01pl1.patch",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.01pl1.patch"
            },
            {
              "name": "18380",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18380"
            },
            {
              "name": "GLSA-200512-08",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml"
            },
            {
              "name": "FEDORA-2005-1126",
              "refsource": "FEDORA",
              "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html"
            },
            {
              "name": "18416",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18416"
            },
            {
              "name": "ADV-2007-2280",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2280"
            },
            {
              "name": "GLSA-200601-02",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
            },
            {
              "name": "FEDORA-2005-1142",
              "refsource": "FEDORA",
              "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html"
            },
            {
              "name": "18336",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18336"
            },
            {
              "name": "18061",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18061"
            },
            {
              "name": "18407",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18407"
            },
            {
              "name": "18009",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18009"
            },
            {
              "name": "17908",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17908"
            },
            {
              "name": "USN-227-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntulinux.org/usn/usn-227-1"
            },
            {
              "name": "18517",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18517"
            },
            {
              "name": "18582",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18582"
            },
            {
              "name": "SUSE-SR:2006:002",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2006_02_sr.html"
            },
            {
              "name": "18534",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18534"
            },
            {
              "name": "20051205 Multiple Vendor xpdf StreamPredictor Heap Overflow Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://www.idefense.com/application/poi/display?id=344\u0026type=vulnerabilities"
            },
            {
              "name": "SSA:2006-045-09",
              "refsource": "SLACKWARE",
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
            },
            {
              "name": "TSLSA-2005-0072",
              "refsource": "TRUSTIX",
              "url": "http://www.trustix.org/errata/2005/0072/"
            },
            {
              "name": "FEDORA-2005-1127",
              "refsource": "FEDORA",
              "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html"
            },
            {
              "name": "20051207 [KDE Security Advisory] multiple buffer overflows in kpdf/koffice",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/418883/100/0/threaded"
            },
            {
              "name": "18908",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18908"
            },
            {
              "name": "25729",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25729"
            },
            {
              "name": "ADV-2005-2786",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2005/2786"
            },
            {
              "name": "MDKSA-2006:006",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
            },
            {
              "name": "ADV-2005-2788",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2005/2788"
            },
            {
              "name": "17926",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17926"
            },
            {
              "name": "19798",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19798"
            },
            {
              "name": "ADV-2005-2755",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2005/2755"
            },
            {
              "name": "15725",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/15725"
            },
            {
              "name": "MDKSA-2006:008",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
            },
            {
              "name": "18191",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18191"
            },
            {
              "name": "20060201-01-U",
              "refsource": "SGI",
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
            },
            {
              "name": "RHSA-2006:0160",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
            },
            {
              "name": "17912",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17912"
            },
            {
              "name": "MDKSA-2006:010",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
            },
            {
              "name": "17921",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17921"
            },
            {
              "name": "MDKSA-2006:004",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
            },
            {
              "name": "ADV-2005-2790",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2005/2790"
            },
            {
              "name": "18389",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18389"
            },
            {
              "name": "18192",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18192"
            },
            {
              "name": "ADV-2005-2856",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2005/2856"
            },
            {
              "name": "SSA:2006-045-04",
              "refsource": "SLACKWARE",
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
            },
            {
              "name": "19377",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19377"
            },
            {
              "name": "FLSA:175404",
              "refsource": "FEDORA",
              "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
            },
            {
              "name": "DSA-961",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-961"
            },
            {
              "name": "235",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/235"
            },
            {
              "name": "SCOSA-2006.21",
              "refsource": "SCO",
              "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt"
            },
            {
              "name": "18675",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18675"
            },
            {
              "name": "1015324",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015324"
            },
            {
              "name": "18913",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18913"
            },
            {
              "name": "SUSE-SR:2005:029",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2005_29_sr.html"
            },
            {
              "name": "DSA-937",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-937"
            },
            {
              "name": "ADV-2005-2787",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2005/2787"
            },
            {
              "name": "RHSA-2005:878",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-878.html"
            },
            {
              "name": "FEDORA-2005-1141",
              "refsource": "FEDORA",
              "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html"
            },
            {
              "name": "17920",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17920"
            },
            {
              "name": "DSA-950",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-950"
            },
            {
              "name": "17955",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17955"
            },
            {
              "name": "17897",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17897/"
            },
            {
              "name": "17976",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17976"
            },
            {
              "name": "18387",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18387"
            },
            {
              "name": "240",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/240"
            },
            {
              "name": "MDKSA-2006:011",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
            },
            {
              "name": "18385",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18385"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-3192",
    "datePublished": "2005-12-08T01:00:00",
    "dateReserved": "2005-10-14T00:00:00",
    "dateUpdated": "2024-08-07T23:01:59.286Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-3900 (GCVE-0-2024-3900)
Vulnerability from cvelistv5
Published
2024-04-17 18:41
Modified
2024-08-01 20:26
CWE
Summary
Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by long Unicode sequence in ActualText.
Impacted products
Vendor Product Version
Xpdf Xpdf Version: 0
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:xpdfreader:xpdf:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "xpdf",
            "vendor": "xpdfreader",
            "versions": [
              {
                "lessThanOrEqual": "4.05",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-3900",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-19T15:59:35.292126Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:32:36.334Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:26:57.133Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.xpdfreader.com/security-bug/CVE-2024-3900.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "all"
          ],
          "product": "Xpdf",
          "vendor": "Xpdf",
          "versions": [
            {
              "lessThanOrEqual": "4.05",
              "status": "affected",
              "version": "0",
              "versionType": "version"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Sangbin Kim, from Korea University Sejong campus"
        }
      ],
      "datePublic": "2024-04-17T19:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by long Unicode sequence in ActualText.\u003cbr\u003e"
            }
          ],
          "value": "Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by long Unicode sequence in ActualText.\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 2.9,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-17T18:41:03.549Z",
        "orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924",
        "shortName": "GandC"
      },
      "references": [
        {
          "url": "https://www.xpdfreader.com/security-bug/CVE-2024-3900.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Out-of-bounds stack array write in Xpdf 4.05 due to missing zero check",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924",
    "assignerShortName": "GandC",
    "cveId": "CVE-2024-3900",
    "datePublished": "2024-04-17T18:41:03.549Z",
    "dateReserved": "2024-04-16T20:04:32.277Z",
    "dateUpdated": "2024-08-01T20:26:57.133Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-3627 (GCVE-0-2005-3627)
Vulnerability from cvelistv5
Published
2006-01-06 22:00
Modified
2024-08-07 23:17
Severity ?
CWE
  • n/a
Summary
Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via a DCTDecode stream with (1) a large "number of components" value that is not checked by DCTStream::readBaselineSOF or DCTStream::readProgressiveSOF, (2) a large "Huffman table index" value that is not checked by DCTStream::readHuffmanTables, and (3) certain uses of the scanInfo.numComps value by DCTStream::readScanInfo.
References
http://www.securityfocus.com/bid/16143 vdb-entry, x_refsource_BID
http://www.debian.org/security/2005/dsa-932 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18349 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18147 third-party-advisory, x_refsource_SECUNIA
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt vendor-advisory, x_refsource_SCO
http://scary.beasts.org/security/CESA-2005-003.txt x_refsource_MISC
http://www.kde.org/info/security/advisory-20051207-2.txt x_refsource_CONFIRM
http://secunia.com/advisories/18679 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18312 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18644 third-party-advisory, x_refsource_SECUNIA
https://usn.ubuntu.com/236-1/ vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/18425 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18373 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18303 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-931 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18554 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:003 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/19230 third-party-advisory, x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 vendor-advisory, x_refsource_SUNALERT
http://www.mandriva.com/security/advisories?name=MDKSA-2006:012 vendor-advisory, x_refsource_MANDRIVA
http://www.debian.org/security/2006/dsa-962 vendor-advisory, x_refsource_DEBIAN
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2006-0163.html vendor-advisory, x_refsource_REDHAT
http://www.debian.org/security/2005/dsa-937 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18398 third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/427053/100/0/threaded vendor-advisory, x_refsource_FEDORA
http://www.trustix.org/errata/2006/0002/ vendor-advisory, x_refsource_TRUSTIX
http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html vendor-advisory, x_refsource_SUSE
http://www.debian.org/security/2006/dsa-936 vendor-advisory, x_refsource_DEBIAN
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/18329 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18463 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18642 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18674 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:005 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/18313 third-party-advisory, x_refsource_SECUNIA
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U vendor-advisory, x_refsource_SGI
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U vendor-advisory, x_refsource_SGI
http://secunia.com/advisories/18448 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18436 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18428 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18380 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18423 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18416 third-party-advisory, x_refsource_SECUNIA
http://rhn.redhat.com/errata/RHSA-2006-0177.html vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2007/2280 vdb-entry, x_refsource_VUPEN
http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml vendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/18335 third-party-advisory, x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/24025 vdb-entry, x_refsource_XF
http://secunia.com/advisories/18407 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18332 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18517 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18582 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18534 third-party-advisory, x_refsource_SECUNIA
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 vendor-advisory, x_refsource_SLACKWARE
http://secunia.com/advisories/18908 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html x_refsource_CONFIRM
http://secunia.com/advisories/25729 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18414 third-party-advisory, x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/24024 vdb-entry, x_refsource_XF
http://www.mandriva.com/security/advisories?name=MDKSA-2006:006 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/18338 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:008 vendor-advisory, x_refsource_MANDRIVA
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U vendor-advisory, x_refsource_SGI
http://www.redhat.com/support/errata/RHSA-2006-0160.html vendor-advisory, x_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 vendor-advisory, x_refsource_MANDRAKE
http://www.debian.org/security/2005/dsa-940 vendor-advisory, x_refsource_DEBIAN
http://www.mandriva.com/security/advisories?name=MDKSA-2006:004 vendor-advisory, x_refsource_MANDRIVA
http://www.vupen.com/english/advisories/2006/0047 vdb-entry, x_refsource_VUPEN
http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml vendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/18389 third-party-advisory, x_refsource_SECUNIA
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 vendor-advisory, x_refsource_SLACKWARE
http://secunia.com/advisories/19377 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html vendor-advisory, x_refsource_FEDORA
http://www.securityfocus.com/archive/1/427990/100/0/threaded vendor-advisory, x_refsource_FEDORA
http://www.debian.org/security/2006/dsa-961 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18675 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18913 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-938 vendor-advisory, x_refsource_DEBIAN
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10200 vdb-entry, signature, x_refsource_OVAL
http://secunia.com/advisories/18334 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18375 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2006/dsa-950 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18387 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/18385 third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:17:23.441Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "16143",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16143"
          },
          {
            "name": "DSA-932",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-932"
          },
          {
            "name": "18349",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18349"
          },
          {
            "name": "18147",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18147"
          },
          {
            "name": "SCOSA-2006.15",
            "tags": [
              "vendor-advisory",
              "x_refsource_SCO",
              "x_transferred"
            ],
            "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
          },
          {
            "name": "18679",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18679"
          },
          {
            "name": "18312",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18312"
          },
          {
            "name": "18644",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18644"
          },
          {
            "name": "USN-236-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/236-1/"
          },
          {
            "name": "18425",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18425"
          },
          {
            "name": "18373",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18373"
          },
          {
            "name": "18303",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18303"
          },
          {
            "name": "DSA-931",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-931"
          },
          {
            "name": "18554",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18554"
          },
          {
            "name": "MDKSA-2006:003",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
          },
          {
            "name": "19230",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19230"
          },
          {
            "name": "102972",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
          },
          {
            "name": "MDKSA-2006:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
          },
          {
            "name": "DSA-962",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-962"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
          },
          {
            "name": "RHSA-2006:0163",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
          },
          {
            "name": "DSA-937",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-937"
          },
          {
            "name": "18398",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18398"
          },
          {
            "name": "FLSA-2006:176751",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
          },
          {
            "name": "2006-0002",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2006/0002/"
          },
          {
            "name": "SUSE-SA:2006:001",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
          },
          {
            "name": "DSA-936",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-936"
          },
          {
            "name": "FEDORA-2005-026",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
          },
          {
            "name": "18329",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18329"
          },
          {
            "name": "18463",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18463"
          },
          {
            "name": "18642",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18642"
          },
          {
            "name": "18674",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18674"
          },
          {
            "name": "MDKSA-2006:005",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
          },
          {
            "name": "18313",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18313"
          },
          {
            "name": "20051201-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
          },
          {
            "name": "20060101-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
          },
          {
            "name": "18448",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18448"
          },
          {
            "name": "18436",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18436"
          },
          {
            "name": "18428",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18428"
          },
          {
            "name": "18380",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18380"
          },
          {
            "name": "18423",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18423"
          },
          {
            "name": "18416",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18416"
          },
          {
            "name": "RHSA-2006:0177",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
          },
          {
            "name": "ADV-2007-2280",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2280"
          },
          {
            "name": "GLSA-200601-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
          },
          {
            "name": "18335",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18335"
          },
          {
            "name": "xpdf-readscaninfo-bo(24025)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24025"
          },
          {
            "name": "18407",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18407"
          },
          {
            "name": "18332",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18332"
          },
          {
            "name": "18517",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18517"
          },
          {
            "name": "18582",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18582"
          },
          {
            "name": "18534",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18534"
          },
          {
            "name": "SSA:2006-045-09",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
          },
          {
            "name": "18908",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18908"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
          },
          {
            "name": "25729",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25729"
          },
          {
            "name": "18414",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18414"
          },
          {
            "name": "xpdf-readhuffmantables-bo(24024)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24024"
          },
          {
            "name": "MDKSA-2006:006",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
          },
          {
            "name": "18338",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18338"
          },
          {
            "name": "MDKSA-2006:008",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
          },
          {
            "name": "20060201-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
          },
          {
            "name": "RHSA-2006:0160",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
          },
          {
            "name": "MDKSA-2006:010",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
          },
          {
            "name": "DSA-940",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-940"
          },
          {
            "name": "MDKSA-2006:004",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
          },
          {
            "name": "ADV-2006-0047",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0047"
          },
          {
            "name": "GLSA-200601-17",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
          },
          {
            "name": "18389",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18389"
          },
          {
            "name": "SSA:2006-045-04",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
          },
          {
            "name": "19377",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19377"
          },
          {
            "name": "FEDORA-2005-025",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
          },
          {
            "name": "FLSA:175404",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
          },
          {
            "name": "DSA-961",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-961"
          },
          {
            "name": "18675",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18675"
          },
          {
            "name": "18913",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18913"
          },
          {
            "name": "DSA-938",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-938"
          },
          {
            "name": "oval:org.mitre.oval:def:10200",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10200"
          },
          {
            "name": "18334",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18334"
          },
          {
            "name": "18375",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18375"
          },
          {
            "name": "DSA-950",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-950"
          },
          {
            "name": "18387",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18387"
          },
          {
            "name": "MDKSA-2006:011",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
          },
          {
            "name": "18385",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18385"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-01-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via a DCTDecode stream with (1) a large \"number of components\" value that is not checked by DCTStream::readBaselineSOF or DCTStream::readProgressiveSOF, (2) a large \"Huffman table index\" value that is not checked by DCTStream::readHuffmanTables, and (3) certain uses of the scanInfo.numComps value by DCTStream::readScanInfo."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "16143",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16143"
        },
        {
          "name": "DSA-932",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-932"
        },
        {
          "name": "18349",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18349"
        },
        {
          "name": "18147",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18147"
        },
        {
          "name": "SCOSA-2006.15",
          "tags": [
            "vendor-advisory",
            "x_refsource_SCO"
          ],
          "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
        },
        {
          "name": "18679",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18679"
        },
        {
          "name": "18312",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18312"
        },
        {
          "name": "18644",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18644"
        },
        {
          "name": "USN-236-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/236-1/"
        },
        {
          "name": "18425",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18425"
        },
        {
          "name": "18373",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18373"
        },
        {
          "name": "18303",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18303"
        },
        {
          "name": "DSA-931",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-931"
        },
        {
          "name": "18554",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18554"
        },
        {
          "name": "MDKSA-2006:003",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
        },
        {
          "name": "19230",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19230"
        },
        {
          "name": "102972",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
        },
        {
          "name": "MDKSA-2006:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
        },
        {
          "name": "DSA-962",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-962"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
        },
        {
          "name": "RHSA-2006:0163",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
        },
        {
          "name": "DSA-937",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-937"
        },
        {
          "name": "18398",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18398"
        },
        {
          "name": "FLSA-2006:176751",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
        },
        {
          "name": "2006-0002",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2006/0002/"
        },
        {
          "name": "SUSE-SA:2006:001",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
        },
        {
          "name": "DSA-936",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-936"
        },
        {
          "name": "FEDORA-2005-026",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
        },
        {
          "name": "18329",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18329"
        },
        {
          "name": "18463",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18463"
        },
        {
          "name": "18642",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18642"
        },
        {
          "name": "18674",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18674"
        },
        {
          "name": "MDKSA-2006:005",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
        },
        {
          "name": "18313",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18313"
        },
        {
          "name": "20051201-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
        },
        {
          "name": "20060101-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
        },
        {
          "name": "18448",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18448"
        },
        {
          "name": "18436",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18436"
        },
        {
          "name": "18428",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18428"
        },
        {
          "name": "18380",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18380"
        },
        {
          "name": "18423",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18423"
        },
        {
          "name": "18416",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18416"
        },
        {
          "name": "RHSA-2006:0177",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
        },
        {
          "name": "ADV-2007-2280",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2280"
        },
        {
          "name": "GLSA-200601-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
        },
        {
          "name": "18335",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18335"
        },
        {
          "name": "xpdf-readscaninfo-bo(24025)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24025"
        },
        {
          "name": "18407",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18407"
        },
        {
          "name": "18332",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18332"
        },
        {
          "name": "18517",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18517"
        },
        {
          "name": "18582",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18582"
        },
        {
          "name": "18534",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18534"
        },
        {
          "name": "SSA:2006-045-09",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
        },
        {
          "name": "18908",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18908"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
        },
        {
          "name": "25729",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25729"
        },
        {
          "name": "18414",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18414"
        },
        {
          "name": "xpdf-readhuffmantables-bo(24024)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24024"
        },
        {
          "name": "MDKSA-2006:006",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
        },
        {
          "name": "18338",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18338"
        },
        {
          "name": "MDKSA-2006:008",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
        },
        {
          "name": "20060201-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
        },
        {
          "name": "RHSA-2006:0160",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
        },
        {
          "name": "MDKSA-2006:010",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
        },
        {
          "name": "DSA-940",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-940"
        },
        {
          "name": "MDKSA-2006:004",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
        },
        {
          "name": "ADV-2006-0047",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0047"
        },
        {
          "name": "GLSA-200601-17",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
        },
        {
          "name": "18389",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18389"
        },
        {
          "name": "SSA:2006-045-04",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
        },
        {
          "name": "19377",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19377"
        },
        {
          "name": "FEDORA-2005-025",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
        },
        {
          "name": "FLSA:175404",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
        },
        {
          "name": "DSA-961",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-961"
        },
        {
          "name": "18675",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18675"
        },
        {
          "name": "18913",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18913"
        },
        {
          "name": "DSA-938",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-938"
        },
        {
          "name": "oval:org.mitre.oval:def:10200",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10200"
        },
        {
          "name": "18334",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18334"
        },
        {
          "name": "18375",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18375"
        },
        {
          "name": "DSA-950",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-950"
        },
        {
          "name": "18387",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18387"
        },
        {
          "name": "MDKSA-2006:011",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
        },
        {
          "name": "18385",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18385"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2005-3627",
    "datePublished": "2006-01-06T22:00:00",
    "dateReserved": "2005-11-16T00:00:00",
    "dateUpdated": "2024-08-07T23:17:23.441Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-3625 (GCVE-0-2005-3625)
Vulnerability from cvelistv5
Published
2006-01-06 22:00
Modified
2024-08-07 23:17
Severity ?
CWE
  • n/a
Summary
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."
References
http://www.securityfocus.com/bid/16143 vdb-entry, x_refsource_BID
http://www.debian.org/security/2005/dsa-932 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18349 third-party-advisory, x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575 vdb-entry, signature, x_refsource_OVAL
http://secunia.com/advisories/18147 third-party-advisory, x_refsource_SECUNIA
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt vendor-advisory, x_refsource_SCO
http://scary.beasts.org/security/CESA-2005-003.txt x_refsource_MISC
http://www.kde.org/info/security/advisory-20051207-2.txt x_refsource_CONFIRM
http://secunia.com/advisories/18679 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18312 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18644 third-party-advisory, x_refsource_SECUNIA
https://usn.ubuntu.com/236-1/ vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/18425 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18373 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18303 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-931 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18554 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:003 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/19230 third-party-advisory, x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 vendor-advisory, x_refsource_SUNALERT
http://www.mandriva.com/security/advisories?name=MDKSA-2006:012 vendor-advisory, x_refsource_MANDRIVA
http://www.debian.org/security/2006/dsa-962 vendor-advisory, x_refsource_DEBIAN
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2006-0163.html vendor-advisory, x_refsource_REDHAT
http://www.debian.org/security/2005/dsa-937 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18398 third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/427053/100/0/threaded vendor-advisory, x_refsource_FEDORA
http://www.trustix.org/errata/2006/0002/ vendor-advisory, x_refsource_TRUSTIX
http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html vendor-advisory, x_refsource_SUSE
http://www.debian.org/security/2006/dsa-936 vendor-advisory, x_refsource_DEBIAN
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/18329 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18463 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18642 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18674 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:005 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/18313 third-party-advisory, x_refsource_SECUNIA
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U vendor-advisory, x_refsource_SGI
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U vendor-advisory, x_refsource_SGI
http://secunia.com/advisories/18448 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18436 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18428 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18380 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18423 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18416 third-party-advisory, x_refsource_SECUNIA
http://rhn.redhat.com/errata/RHSA-2006-0177.html vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2007/2280 vdb-entry, x_refsource_VUPEN
http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml vendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/18335 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18407 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18332 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18517 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18582 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18534 third-party-advisory, x_refsource_SECUNIA
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 vendor-advisory, x_refsource_SLACKWARE
https://exchange.xforce.ibmcloud.com/vulnerabilities/24023 vdb-entry, x_refsource_XF
http://secunia.com/advisories/18908 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html x_refsource_CONFIRM
http://secunia.com/advisories/25729 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18414 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:006 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/18338 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:008 vendor-advisory, x_refsource_MANDRIVA
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U vendor-advisory, x_refsource_SGI
http://www.redhat.com/support/errata/RHSA-2006-0160.html vendor-advisory, x_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 vendor-advisory, x_refsource_MANDRAKE
http://www.debian.org/security/2005/dsa-940 vendor-advisory, x_refsource_DEBIAN
http://www.mandriva.com/security/advisories?name=MDKSA-2006:004 vendor-advisory, x_refsource_MANDRIVA
http://www.vupen.com/english/advisories/2006/0047 vdb-entry, x_refsource_VUPEN
http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml vendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/18389 third-party-advisory, x_refsource_SECUNIA
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 vendor-advisory, x_refsource_SLACKWARE
http://secunia.com/advisories/19377 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html vendor-advisory, x_refsource_FEDORA
http://www.securityfocus.com/archive/1/427990/100/0/threaded vendor-advisory, x_refsource_FEDORA
http://www.debian.org/security/2006/dsa-961 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18675 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18913 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-938 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18334 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18375 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2006/dsa-950 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18387 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/18385 third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:17:23.366Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "16143",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16143"
          },
          {
            "name": "DSA-932",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-932"
          },
          {
            "name": "18349",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18349"
          },
          {
            "name": "oval:org.mitre.oval:def:9575",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575"
          },
          {
            "name": "18147",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18147"
          },
          {
            "name": "SCOSA-2006.15",
            "tags": [
              "vendor-advisory",
              "x_refsource_SCO",
              "x_transferred"
            ],
            "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
          },
          {
            "name": "18679",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18679"
          },
          {
            "name": "18312",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18312"
          },
          {
            "name": "18644",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18644"
          },
          {
            "name": "USN-236-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/236-1/"
          },
          {
            "name": "18425",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18425"
          },
          {
            "name": "18373",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18373"
          },
          {
            "name": "18303",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18303"
          },
          {
            "name": "DSA-931",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-931"
          },
          {
            "name": "18554",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18554"
          },
          {
            "name": "MDKSA-2006:003",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
          },
          {
            "name": "19230",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19230"
          },
          {
            "name": "102972",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
          },
          {
            "name": "MDKSA-2006:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
          },
          {
            "name": "DSA-962",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-962"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
          },
          {
            "name": "RHSA-2006:0163",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
          },
          {
            "name": "DSA-937",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-937"
          },
          {
            "name": "18398",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18398"
          },
          {
            "name": "FLSA-2006:176751",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
          },
          {
            "name": "2006-0002",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2006/0002/"
          },
          {
            "name": "SUSE-SA:2006:001",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
          },
          {
            "name": "DSA-936",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-936"
          },
          {
            "name": "FEDORA-2005-026",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
          },
          {
            "name": "18329",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18329"
          },
          {
            "name": "18463",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18463"
          },
          {
            "name": "18642",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18642"
          },
          {
            "name": "18674",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18674"
          },
          {
            "name": "MDKSA-2006:005",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
          },
          {
            "name": "18313",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18313"
          },
          {
            "name": "20051201-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
          },
          {
            "name": "20060101-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
          },
          {
            "name": "18448",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18448"
          },
          {
            "name": "18436",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18436"
          },
          {
            "name": "18428",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18428"
          },
          {
            "name": "18380",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18380"
          },
          {
            "name": "18423",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18423"
          },
          {
            "name": "18416",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18416"
          },
          {
            "name": "RHSA-2006:0177",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
          },
          {
            "name": "ADV-2007-2280",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2280"
          },
          {
            "name": "GLSA-200601-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
          },
          {
            "name": "18335",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18335"
          },
          {
            "name": "18407",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18407"
          },
          {
            "name": "18332",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18332"
          },
          {
            "name": "18517",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18517"
          },
          {
            "name": "18582",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18582"
          },
          {
            "name": "18534",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18534"
          },
          {
            "name": "SSA:2006-045-09",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
          },
          {
            "name": "xpdf-ccittfaxdecode-dctdecode-dos(24023)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023"
          },
          {
            "name": "18908",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18908"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
          },
          {
            "name": "25729",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25729"
          },
          {
            "name": "18414",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18414"
          },
          {
            "name": "MDKSA-2006:006",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
          },
          {
            "name": "18338",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18338"
          },
          {
            "name": "MDKSA-2006:008",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
          },
          {
            "name": "20060201-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
          },
          {
            "name": "RHSA-2006:0160",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
          },
          {
            "name": "MDKSA-2006:010",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
          },
          {
            "name": "DSA-940",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-940"
          },
          {
            "name": "MDKSA-2006:004",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
          },
          {
            "name": "ADV-2006-0047",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0047"
          },
          {
            "name": "GLSA-200601-17",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
          },
          {
            "name": "18389",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18389"
          },
          {
            "name": "SSA:2006-045-04",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
          },
          {
            "name": "19377",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19377"
          },
          {
            "name": "FEDORA-2005-025",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
          },
          {
            "name": "FLSA:175404",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
          },
          {
            "name": "DSA-961",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-961"
          },
          {
            "name": "18675",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18675"
          },
          {
            "name": "18913",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18913"
          },
          {
            "name": "DSA-938",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-938"
          },
          {
            "name": "18334",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18334"
          },
          {
            "name": "18375",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18375"
          },
          {
            "name": "DSA-950",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-950"
          },
          {
            "name": "18387",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18387"
          },
          {
            "name": "MDKSA-2006:011",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
          },
          {
            "name": "18385",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18385"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-01-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka \"Infinite CPU spins.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "16143",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16143"
        },
        {
          "name": "DSA-932",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-932"
        },
        {
          "name": "18349",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18349"
        },
        {
          "name": "oval:org.mitre.oval:def:9575",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575"
        },
        {
          "name": "18147",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18147"
        },
        {
          "name": "SCOSA-2006.15",
          "tags": [
            "vendor-advisory",
            "x_refsource_SCO"
          ],
          "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
        },
        {
          "name": "18679",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18679"
        },
        {
          "name": "18312",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18312"
        },
        {
          "name": "18644",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18644"
        },
        {
          "name": "USN-236-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/236-1/"
        },
        {
          "name": "18425",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18425"
        },
        {
          "name": "18373",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18373"
        },
        {
          "name": "18303",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18303"
        },
        {
          "name": "DSA-931",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-931"
        },
        {
          "name": "18554",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18554"
        },
        {
          "name": "MDKSA-2006:003",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
        },
        {
          "name": "19230",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19230"
        },
        {
          "name": "102972",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
        },
        {
          "name": "MDKSA-2006:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
        },
        {
          "name": "DSA-962",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-962"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
        },
        {
          "name": "RHSA-2006:0163",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
        },
        {
          "name": "DSA-937",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-937"
        },
        {
          "name": "18398",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18398"
        },
        {
          "name": "FLSA-2006:176751",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
        },
        {
          "name": "2006-0002",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2006/0002/"
        },
        {
          "name": "SUSE-SA:2006:001",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
        },
        {
          "name": "DSA-936",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-936"
        },
        {
          "name": "FEDORA-2005-026",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
        },
        {
          "name": "18329",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18329"
        },
        {
          "name": "18463",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18463"
        },
        {
          "name": "18642",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18642"
        },
        {
          "name": "18674",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18674"
        },
        {
          "name": "MDKSA-2006:005",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
        },
        {
          "name": "18313",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18313"
        },
        {
          "name": "20051201-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
        },
        {
          "name": "20060101-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
        },
        {
          "name": "18448",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18448"
        },
        {
          "name": "18436",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18436"
        },
        {
          "name": "18428",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18428"
        },
        {
          "name": "18380",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18380"
        },
        {
          "name": "18423",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18423"
        },
        {
          "name": "18416",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18416"
        },
        {
          "name": "RHSA-2006:0177",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
        },
        {
          "name": "ADV-2007-2280",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2280"
        },
        {
          "name": "GLSA-200601-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
        },
        {
          "name": "18335",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18335"
        },
        {
          "name": "18407",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18407"
        },
        {
          "name": "18332",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18332"
        },
        {
          "name": "18517",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18517"
        },
        {
          "name": "18582",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18582"
        },
        {
          "name": "18534",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18534"
        },
        {
          "name": "SSA:2006-045-09",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
        },
        {
          "name": "xpdf-ccittfaxdecode-dctdecode-dos(24023)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023"
        },
        {
          "name": "18908",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18908"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
        },
        {
          "name": "25729",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25729"
        },
        {
          "name": "18414",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18414"
        },
        {
          "name": "MDKSA-2006:006",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
        },
        {
          "name": "18338",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18338"
        },
        {
          "name": "MDKSA-2006:008",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
        },
        {
          "name": "20060201-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
        },
        {
          "name": "RHSA-2006:0160",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
        },
        {
          "name": "MDKSA-2006:010",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
        },
        {
          "name": "DSA-940",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-940"
        },
        {
          "name": "MDKSA-2006:004",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
        },
        {
          "name": "ADV-2006-0047",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0047"
        },
        {
          "name": "GLSA-200601-17",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
        },
        {
          "name": "18389",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18389"
        },
        {
          "name": "SSA:2006-045-04",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
        },
        {
          "name": "19377",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19377"
        },
        {
          "name": "FEDORA-2005-025",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
        },
        {
          "name": "FLSA:175404",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
        },
        {
          "name": "DSA-961",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-961"
        },
        {
          "name": "18675",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18675"
        },
        {
          "name": "18913",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18913"
        },
        {
          "name": "DSA-938",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-938"
        },
        {
          "name": "18334",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18334"
        },
        {
          "name": "18375",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18375"
        },
        {
          "name": "DSA-950",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-950"
        },
        {
          "name": "18387",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18387"
        },
        {
          "name": "MDKSA-2006:011",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
        },
        {
          "name": "18385",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18385"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2005-3625",
    "datePublished": "2006-01-06T22:00:00",
    "dateReserved": "2005-11-16T00:00:00",
    "dateUpdated": "2024-08-07T23:17:23.366Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-4035 (GCVE-0-2009-4035)
Vulnerability from cvelistv5
Published
2009-12-21 21:00
Modified
2024-08-07 06:45
Severity ?
CWE
  • n/a
Summary
The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers to execute arbitrary code via a PDF file with a crafted Type 1 font that can produce a negative value, leading to a signed-to-unsigned integer conversion error and a buffer overflow.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T06:45:50.951Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1023356",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1023356"
          },
          {
            "name": "RHSA-2009:1680",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-1680.html"
          },
          {
            "name": "37350",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/37350"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://cgit.freedesktop.org/poppler/poppler/tree/fofi/FoFiType1.cc?id=4b4fc5c017bf147c9069bbce32fc14467bd2a81a"
          },
          {
            "name": "37787",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37787"
          },
          {
            "name": "37793",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37793"
          },
          {
            "name": "xpdf-fofitype1parse-bo(54831)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54831"
          },
          {
            "name": "37781",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37781"
          },
          {
            "name": "RHSA-2009:1682",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-1682.html"
          },
          {
            "name": "oval:org.mitre.oval:def:10996",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10996"
          },
          {
            "name": "SUSE-SR:2010:003",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00003.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://cgit.freedesktop.org/poppler/poppler/diff/fofi/FoFiType1.cc?id=4b4fc5c0"
          },
          {
            "name": "RHSA-2009:1681",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-1681.html"
          },
          {
            "name": "37641",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37641"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=541614"
          },
          {
            "name": "ADV-2009-3555",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/3555"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-12-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers to execute arbitrary code via a PDF file with a crafted Type 1 font that can produce a negative value, leading to a signed-to-unsigned integer conversion error and a buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "1023356",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1023356"
        },
        {
          "name": "RHSA-2009:1680",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-1680.html"
        },
        {
          "name": "37350",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/37350"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://cgit.freedesktop.org/poppler/poppler/tree/fofi/FoFiType1.cc?id=4b4fc5c017bf147c9069bbce32fc14467bd2a81a"
        },
        {
          "name": "37787",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37787"
        },
        {
          "name": "37793",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37793"
        },
        {
          "name": "xpdf-fofitype1parse-bo(54831)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54831"
        },
        {
          "name": "37781",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37781"
        },
        {
          "name": "RHSA-2009:1682",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-1682.html"
        },
        {
          "name": "oval:org.mitre.oval:def:10996",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10996"
        },
        {
          "name": "SUSE-SR:2010:003",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00003.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://cgit.freedesktop.org/poppler/poppler/diff/fofi/FoFiType1.cc?id=4b4fc5c0"
        },
        {
          "name": "RHSA-2009:1681",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-1681.html"
        },
        {
          "name": "37641",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37641"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=541614"
        },
        {
          "name": "ADV-2009-3555",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/3555"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2009-4035",
    "datePublished": "2009-12-21T21:00:00",
    "dateReserved": "2009-11-20T00:00:00",
    "dateUpdated": "2024-08-07T06:45:50.951Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-3628 (GCVE-0-2005-3628)
Vulnerability from cvelistv5
Published
2006-01-23 22:00
Modified
2024-08-07 23:17
Severity ?
CWE
  • n/a
Summary
Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via unknown attack vectors.
References
http://www.debian.org/security/2005/dsa-932 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18147 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18679 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-931 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/19230 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:012 vendor-advisory, x_refsource_MANDRIVA
http://www.debian.org/security/2006/dsa-962 vendor-advisory, x_refsource_DEBIAN
http://www.debian.org/security/2005/dsa-937 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18398 third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/427053/100/0/threaded vendor-advisory, x_refsource_FEDORA
http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html vendor-advisory, x_refsource_SUSE
http://www.debian.org/security/2006/dsa-936 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18674 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18436 third-party-advisory, x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10287 vdb-entry, signature, x_refsource_OVAL
http://secunia.com/advisories/18428 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18380 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18416 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18407 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18582 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18534 third-party-advisory, x_refsource_SECUNIA
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 vendor-advisory, x_refsource_SLACKWARE
http://secunia.com/advisories/18908 third-party-advisory, x_refsource_SECUNIA
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U vendor-advisory, x_refsource_SGI
http://www.redhat.com/support/errata/RHSA-2006-0160.html vendor-advisory, x_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 vendor-advisory, x_refsource_MANDRAKE
http://www.debian.org/security/2005/dsa-940 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18389 third-party-advisory, x_refsource_SECUNIA
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 vendor-advisory, x_refsource_SLACKWARE
http://www.securityfocus.com/archive/1/427990/100/0/threaded vendor-advisory, x_refsource_FEDORA
http://www.debian.org/security/2006/dsa-961 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18675 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18913 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-938 vendor-advisory, x_refsource_DEBIAN
http://www.debian.org/security/2006/dsa-950 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18387 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/18385 third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:17:23.423Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-932",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-932"
          },
          {
            "name": "18147",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18147"
          },
          {
            "name": "18679",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18679"
          },
          {
            "name": "DSA-931",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-931"
          },
          {
            "name": "19230",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19230"
          },
          {
            "name": "MDKSA-2006:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
          },
          {
            "name": "DSA-962",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-962"
          },
          {
            "name": "DSA-937",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-937"
          },
          {
            "name": "18398",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18398"
          },
          {
            "name": "FLSA-2006:176751",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
          },
          {
            "name": "SUSE-SA:2006:001",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
          },
          {
            "name": "DSA-936",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-936"
          },
          {
            "name": "18674",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18674"
          },
          {
            "name": "18436",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18436"
          },
          {
            "name": "oval:org.mitre.oval:def:10287",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10287"
          },
          {
            "name": "18428",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18428"
          },
          {
            "name": "18380",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18380"
          },
          {
            "name": "18416",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18416"
          },
          {
            "name": "18407",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18407"
          },
          {
            "name": "18582",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18582"
          },
          {
            "name": "18534",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18534"
          },
          {
            "name": "SSA:2006-045-09",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
          },
          {
            "name": "18908",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18908"
          },
          {
            "name": "20060201-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
          },
          {
            "name": "RHSA-2006:0160",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
          },
          {
            "name": "MDKSA-2006:010",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
          },
          {
            "name": "DSA-940",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-940"
          },
          {
            "name": "18389",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18389"
          },
          {
            "name": "SSA:2006-045-04",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
          },
          {
            "name": "FLSA:175404",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
          },
          {
            "name": "DSA-961",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-961"
          },
          {
            "name": "18675",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18675"
          },
          {
            "name": "18913",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18913"
          },
          {
            "name": "DSA-938",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-938"
          },
          {
            "name": "DSA-950",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-950"
          },
          {
            "name": "18387",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18387"
          },
          {
            "name": "MDKSA-2006:011",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
          },
          {
            "name": "18385",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18385"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-01-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via unknown attack vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "DSA-932",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-932"
        },
        {
          "name": "18147",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18147"
        },
        {
          "name": "18679",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18679"
        },
        {
          "name": "DSA-931",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-931"
        },
        {
          "name": "19230",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19230"
        },
        {
          "name": "MDKSA-2006:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
        },
        {
          "name": "DSA-962",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-962"
        },
        {
          "name": "DSA-937",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-937"
        },
        {
          "name": "18398",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18398"
        },
        {
          "name": "FLSA-2006:176751",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
        },
        {
          "name": "SUSE-SA:2006:001",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
        },
        {
          "name": "DSA-936",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-936"
        },
        {
          "name": "18674",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18674"
        },
        {
          "name": "18436",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18436"
        },
        {
          "name": "oval:org.mitre.oval:def:10287",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10287"
        },
        {
          "name": "18428",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18428"
        },
        {
          "name": "18380",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18380"
        },
        {
          "name": "18416",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18416"
        },
        {
          "name": "18407",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18407"
        },
        {
          "name": "18582",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18582"
        },
        {
          "name": "18534",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18534"
        },
        {
          "name": "SSA:2006-045-09",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
        },
        {
          "name": "18908",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18908"
        },
        {
          "name": "20060201-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
        },
        {
          "name": "RHSA-2006:0160",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
        },
        {
          "name": "MDKSA-2006:010",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
        },
        {
          "name": "DSA-940",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-940"
        },
        {
          "name": "18389",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18389"
        },
        {
          "name": "SSA:2006-045-04",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
        },
        {
          "name": "FLSA:175404",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
        },
        {
          "name": "DSA-961",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-961"
        },
        {
          "name": "18675",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18675"
        },
        {
          "name": "18913",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18913"
        },
        {
          "name": "DSA-938",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-938"
        },
        {
          "name": "DSA-950",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-950"
        },
        {
          "name": "18387",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18387"
        },
        {
          "name": "MDKSA-2006:011",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
        },
        {
          "name": "18385",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18385"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2005-3628",
    "datePublished": "2006-01-23T22:00:00",
    "dateReserved": "2005-11-16T00:00:00",
    "dateUpdated": "2024-08-07T23:17:23.423Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2006-0301 (GCVE-0-2006-0301)
Vulnerability from cvelistv5
Published
2006-01-30 22:00
Modified
2024-08-07 16:34
Severity ?
CWE
  • n/a
Summary
Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap.
References
http://secunia.com/advisories/18707 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2006/0422 vdb-entry, x_refsource_VUPEN
http://securitytracker.com/id?1015576 vdb-entry, x_refsource_SECTRACK
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt vendor-advisory, x_refsource_SCO
http://secunia.com/advisories/18837 third-party-advisory, x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/24391 vdb-entry, x_refsource_XF
http://secunia.com/advisories/18834 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:031 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/18983 third-party-advisory, x_refsource_SECUNIA
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179046 x_refsource_MISC
http://www.mandriva.com/security/advisories?name=MDKSA-2006:030 vendor-advisory, x_refsource_MANDRIVA
http://www.securityfocus.com/archive/1/423899/100/0/threaded mailing-list, x_refsource_BUGTRAQ
http://secunia.com/advisories/18864 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2006/0389 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/18677 third-party-advisory, x_refsource_SECUNIA
http://www.gentoo.org/security/en/glsa/glsa-200602-12.xml vendor-advisory, x_refsource_GENTOO
http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00039.html vendor-advisory, x_refsource_FEDORA
http://www.redhat.com/support/errata/RHSA-2006-0201.html vendor-advisory, x_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDKSA-2006:032 vendor-advisory, x_refsource_MANDRIVA
http://www.gentoo.org/security/en/glsa/glsa-200602-05.xml vendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/18882 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18274 third-party-advisory, x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10850 vdb-entry, signature, x_refsource_OVAL
http://www.debian.org/security/2006/dsa-974 vendor-advisory, x_refsource_DEBIAN
http://www.debian.org/security/2006/dsa-971 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18825 third-party-advisory, x_refsource_SECUNIA
http://rhn.redhat.com/errata/RHSA-2006-0206.html vendor-advisory, x_refsource_REDHAT
http://www.kde.org/info/security/advisory-20060202-1.txt x_refsource_MISC
http://securityreason.com/securityalert/470 third-party-advisory, x_refsource_SREASON
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 vendor-advisory, x_refsource_SLACKWARE
http://secunia.com/advisories/18875 third-party-advisory, x_refsource_SECUNIA
http://www.gentoo.org/security/en/glsa/glsa-200602-04.xml vendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/18860 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18908 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18839 third-party-advisory, x_refsource_SECUNIA
http://www.ubuntu.com/usn/usn-249-1 vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/18862 third-party-advisory, x_refsource_SECUNIA
https://bugzilla.novell.com/show_bug.cgi?id=141242 x_refsource_CONFIRM
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 vendor-advisory, x_refsource_SLACKWARE
http://secunia.com/advisories/19377 third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/427990/100/0/threaded vendor-advisory, x_refsource_FEDORA
http://www.debian.org/security/2006/dsa-972 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18913 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18838 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18826 third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:34:13.226Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "18707",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18707"
          },
          {
            "name": "ADV-2006-0422",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0422"
          },
          {
            "name": "1015576",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015576"
          },
          {
            "name": "SCOSA-2006.15",
            "tags": [
              "vendor-advisory",
              "x_refsource_SCO",
              "x_transferred"
            ],
            "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
          },
          {
            "name": "18837",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18837"
          },
          {
            "name": "xpdf-splash-bo(24391)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24391"
          },
          {
            "name": "18834",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18834"
          },
          {
            "name": "MDKSA-2006:031",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:031"
          },
          {
            "name": "18983",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18983"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179046"
          },
          {
            "name": "MDKSA-2006:030",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:030"
          },
          {
            "name": "20060202 [KDE Security Advisory] kpdf/xpdf heap based buffer overflow",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/423899/100/0/threaded"
          },
          {
            "name": "18864",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18864"
          },
          {
            "name": "ADV-2006-0389",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0389"
          },
          {
            "name": "18677",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18677"
          },
          {
            "name": "GLSA-200602-12",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-12.xml"
          },
          {
            "name": "FEDORA-2006-103",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00039.html"
          },
          {
            "name": "RHSA-2006:0201",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0201.html"
          },
          {
            "name": "MDKSA-2006:032",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:032"
          },
          {
            "name": "GLSA-200602-05",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-05.xml"
          },
          {
            "name": "18882",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18882"
          },
          {
            "name": "18274",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18274"
          },
          {
            "name": "oval:org.mitre.oval:def:10850",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10850"
          },
          {
            "name": "DSA-974",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-974"
          },
          {
            "name": "DSA-971",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-971"
          },
          {
            "name": "18825",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18825"
          },
          {
            "name": "RHSA-2006:0206",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2006-0206.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.kde.org/info/security/advisory-20060202-1.txt"
          },
          {
            "name": "470",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/470"
          },
          {
            "name": "SSA:2006-045-09",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
          },
          {
            "name": "18875",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18875"
          },
          {
            "name": "GLSA-200602-04",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-04.xml"
          },
          {
            "name": "18860",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18860"
          },
          {
            "name": "18908",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18908"
          },
          {
            "name": "18839",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18839"
          },
          {
            "name": "USN-249-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-249-1"
          },
          {
            "name": "18862",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18862"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.novell.com/show_bug.cgi?id=141242"
          },
          {
            "name": "SSA:2006-045-04",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
          },
          {
            "name": "19377",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19377"
          },
          {
            "name": "FLSA:175404",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
          },
          {
            "name": "DSA-972",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-972"
          },
          {
            "name": "18913",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18913"
          },
          {
            "name": "18838",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18838"
          },
          {
            "name": "18826",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18826"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-01-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "18707",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18707"
        },
        {
          "name": "ADV-2006-0422",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0422"
        },
        {
          "name": "1015576",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015576"
        },
        {
          "name": "SCOSA-2006.15",
          "tags": [
            "vendor-advisory",
            "x_refsource_SCO"
          ],
          "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
        },
        {
          "name": "18837",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18837"
        },
        {
          "name": "xpdf-splash-bo(24391)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24391"
        },
        {
          "name": "18834",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18834"
        },
        {
          "name": "MDKSA-2006:031",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:031"
        },
        {
          "name": "18983",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18983"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179046"
        },
        {
          "name": "MDKSA-2006:030",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:030"
        },
        {
          "name": "20060202 [KDE Security Advisory] kpdf/xpdf heap based buffer overflow",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/423899/100/0/threaded"
        },
        {
          "name": "18864",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18864"
        },
        {
          "name": "ADV-2006-0389",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0389"
        },
        {
          "name": "18677",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18677"
        },
        {
          "name": "GLSA-200602-12",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-12.xml"
        },
        {
          "name": "FEDORA-2006-103",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00039.html"
        },
        {
          "name": "RHSA-2006:0201",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0201.html"
        },
        {
          "name": "MDKSA-2006:032",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:032"
        },
        {
          "name": "GLSA-200602-05",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-05.xml"
        },
        {
          "name": "18882",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18882"
        },
        {
          "name": "18274",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18274"
        },
        {
          "name": "oval:org.mitre.oval:def:10850",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10850"
        },
        {
          "name": "DSA-974",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-974"
        },
        {
          "name": "DSA-971",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-971"
        },
        {
          "name": "18825",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18825"
        },
        {
          "name": "RHSA-2006:0206",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2006-0206.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.kde.org/info/security/advisory-20060202-1.txt"
        },
        {
          "name": "470",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/470"
        },
        {
          "name": "SSA:2006-045-09",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
        },
        {
          "name": "18875",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18875"
        },
        {
          "name": "GLSA-200602-04",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-04.xml"
        },
        {
          "name": "18860",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18860"
        },
        {
          "name": "18908",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18908"
        },
        {
          "name": "18839",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18839"
        },
        {
          "name": "USN-249-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-249-1"
        },
        {
          "name": "18862",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18862"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.novell.com/show_bug.cgi?id=141242"
        },
        {
          "name": "SSA:2006-045-04",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
        },
        {
          "name": "19377",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19377"
        },
        {
          "name": "FLSA:175404",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
        },
        {
          "name": "DSA-972",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-972"
        },
        {
          "name": "18913",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18913"
        },
        {
          "name": "18838",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18838"
        },
        {
          "name": "18826",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18826"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2006-0301",
    "datePublished": "2006-01-30T22:00:00",
    "dateReserved": "2006-01-18T00:00:00",
    "dateUpdated": "2024-08-07T16:34:13.226Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-0206 (GCVE-0-2005-0206)
Vulnerability from cvelistv5
Published
2005-02-15 05:00
Modified
2024-08-07 21:05
Severity ?
CWE
  • n/a
Summary
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:05:25.397Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:11107",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107"
          },
          {
            "name": "MDKSA-2005:041",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041"
          },
          {
            "name": "11501",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/11501"
          },
          {
            "name": "RHSA-2005:034",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
          },
          {
            "name": "MDKSA-2005:056",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056"
          },
          {
            "name": "MDKSA-2005:043",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043"
          },
          {
            "name": "RHSA-2005:213",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-213.html"
          },
          {
            "name": "MDKSA-2005:044",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044"
          },
          {
            "name": "RHSA-2005:053",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
          },
          {
            "name": "xpdf-pdf-bo(17818)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
          },
          {
            "name": "MDKSA-2005:052",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
          },
          {
            "name": "RHSA-2005:132",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-132.html"
          },
          {
            "name": "MDKSA-2005:042",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042"
          },
          {
            "name": "RHSA-2005:057",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-02-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:11107",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107"
        },
        {
          "name": "MDKSA-2005:041",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041"
        },
        {
          "name": "11501",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/11501"
        },
        {
          "name": "RHSA-2005:034",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
        },
        {
          "name": "MDKSA-2005:056",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056"
        },
        {
          "name": "MDKSA-2005:043",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043"
        },
        {
          "name": "RHSA-2005:213",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-213.html"
        },
        {
          "name": "MDKSA-2005:044",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044"
        },
        {
          "name": "RHSA-2005:053",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
        },
        {
          "name": "xpdf-pdf-bo(17818)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
        },
        {
          "name": "MDKSA-2005:052",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
        },
        {
          "name": "RHSA-2005:132",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-132.html"
        },
        {
          "name": "MDKSA-2005:042",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042"
        },
        {
          "name": "RHSA-2005:057",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-0206",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:11107",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107"
            },
            {
              "name": "MDKSA-2005:041",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041"
            },
            {
              "name": "11501",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/11501"
            },
            {
              "name": "RHSA-2005:034",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
            },
            {
              "name": "MDKSA-2005:056",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056"
            },
            {
              "name": "MDKSA-2005:043",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043"
            },
            {
              "name": "RHSA-2005:213",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-213.html"
            },
            {
              "name": "MDKSA-2005:044",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044"
            },
            {
              "name": "RHSA-2005:053",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
            },
            {
              "name": "xpdf-pdf-bo(17818)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
            },
            {
              "name": "MDKSA-2005:052",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
            },
            {
              "name": "RHSA-2005:132",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-132.html"
            },
            {
              "name": "MDKSA-2005:042",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042"
            },
            {
              "name": "RHSA-2005:057",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-0206",
    "datePublished": "2005-02-15T05:00:00",
    "dateReserved": "2005-02-01T00:00:00",
    "dateUpdated": "2024-08-07T21:05:25.397Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-2574 (GCVE-0-2025-2574)
Vulnerability from cvelistv5
Published
2025-03-20 21:07
Modified
2025-03-21 15:13
CWE
Summary
Out-of-bounds array write in Xpdf 4.05 and earlier, due to incorrect integer overflow checking in the PostScript function interpreter code.
Impacted products
Vendor Product Version
Xpdf Xpdf Version: Version
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-2574",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-21T15:13:48.238926Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-21T15:13:55.504Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "all"
          ],
          "product": "Xpdf",
          "vendor": "Xpdf",
          "versions": [
            {
              "lessThanOrEqual": "4.05",
              "status": "affected",
              "version": "Version",
              "versionType": "version"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Erik Viken"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Out-of-bounds array write in Xpdf 4.05 and earlier, due to incorrect integer overflow checking in the PostScript function interpreter code."
            }
          ],
          "value": "Out-of-bounds array write in Xpdf 4.05 and earlier, due to incorrect integer overflow checking in the PostScript function interpreter code."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 2.1,
            "baseSeverity": "LOW",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "LOW",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-03-20T21:09:36.707Z",
        "orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924",
        "shortName": "GandC"
      },
      "references": [
        {
          "url": "https://www.xpdfreader.com/security-bug/CVE-2025-2574.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Out-of-bounds array write in Xpdf 4.05 due to incorrect integer overflow checking",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924",
    "assignerShortName": "GandC",
    "cveId": "CVE-2025-2574",
    "datePublished": "2025-03-20T21:07:46.499Z",
    "dateReserved": "2025-03-20T20:58:33.490Z",
    "dateUpdated": "2025-03-21T15:13:55.504Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2007-4352 (GCVE-0-2007-4352)
Vulnerability from cvelistv5
Published
2007-11-08 02:00
Modified
2024-08-07 14:53
Severity ?
CWE
  • n/a
Summary
Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file.
References
http://www.novell.com/linux/security/advisories/2007_60_pdf.html vendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/27632 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27743 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2007:222 vendor-advisory, x_refsource_MANDRIVA
http://www.vupen.com/english/advisories/2007/3774 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/27260 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27856 third-party-advisory, x_refsource_SECUNIA
http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html x_refsource_CONFIRM
http://secunia.com/advisories/27636 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/29604 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2007:223 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/27721 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27724 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/3776 vdb-entry, x_refsource_VUPEN
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/27577 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/29104 third-party-advisory, x_refsource_SECUNIA
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html vendor-advisory, x_refsource_FEDORA
https://exchange.xforce.ibmcloud.com/vulnerabilities/38306 vdb-entry, x_refsource_XF
http://secunia.com/advisories/27618 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27642 third-party-advisory, x_refsource_SECUNIA
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/27656 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/secunia_research/2007-88/advisory/ x_refsource_MISC
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html vendor-advisory, x_refsource_FEDORA
http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2007-1026.html vendor-advisory, x_refsource_REDHAT
http://www.debian.org/security/2008/dsa-1509 vendor-advisory, x_refsource_DEBIAN
http://www.redhat.com/support/errata/RHSA-2007-1022.html vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/27573 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2007-1029.html vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/27641 third-party-advisory, x_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200805-13.xml vendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/28812 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2008/dsa-1537 vendor-advisory, x_refsource_DEBIAN
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html vendor-advisory, x_refsource_FEDORA
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882 vendor-advisory, x_refsource_SLACKWARE
http://www.securityfocus.com/bid/26367 vdb-entry, x_refsource_BID
http://secunia.com/advisories/27615 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2007-1021.html vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2007/3786 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/27645 third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/483372 mailing-list, x_refsource_BUGTRAQ
http://secunia.com/advisories/30168 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27574 third-party-advisory, x_refsource_SECUNIA
https://issues.rpath.com/browse/RPL-1926 x_refsource_CONFIRM
http://secunia.com/advisories/26503 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2007:219 vendor-advisory, x_refsource_MANDRIVA
http://www.debian.org/security/2008/dsa-1480 vendor-advisory, x_refsource_DEBIAN
http://security.gentoo.org/glsa/glsa-200711-22.xml vendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/27634 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2007:227 vendor-advisory, x_refsource_MANDRIVA
http://www.kde.org/info/security/advisory-20071107-1.txt x_refsource_CONFIRM
http://secunia.com/advisories/28043 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27619 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2007:220 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/27705 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27578 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27640 third-party-advisory, x_refsource_SECUNIA
http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html x_refsource_CONFIRM
http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html x_refsource_CONFIRM
http://security.gentoo.org/glsa/glsa-200711-34.xml vendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/27599 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27575 third-party-advisory, x_refsource_SECUNIA
http://www.securitytracker.com/id?1018905 vdb-entry, x_refsource_SECTRACK
http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html x_refsource_CONFIRM
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9979 vdb-entry, signature, x_refsource_OVAL
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html vendor-advisory, x_refsource_FEDORA
http://www.mandriva.com/security/advisories?name=MDKSA-2007:228 vendor-advisory, x_refsource_MANDRIVA
http://www.vupen.com/english/advisories/2007/3775 vdb-entry, x_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2007-1027.html vendor-advisory, x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2007-1030.html vendor-advisory, x_refsource_REDHAT
http://www.ubuntu.com/usn/usn-542-1 vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/27658 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2007-1024.html vendor-advisory, x_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDKSA-2007:230 vendor-advisory, x_refsource_MANDRIVA
http://www.ubuntu.com/usn/usn-542-2 vendor-advisory, x_refsource_UBUNTU
http://www.redhat.com/support/errata/RHSA-2007-1025.html vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2007/3779 vdb-entry, x_refsource_VUPEN
http://www.mandriva.com/security/advisories?name=MDKSA-2007:221 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/27553 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27637 third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:53:55.890Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SA:2007:060",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_60_pdf.html"
          },
          {
            "name": "27632",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27632"
          },
          {
            "name": "27743",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27743"
          },
          {
            "name": "MDKSA-2007:222",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:222"
          },
          {
            "name": "ADV-2007-3774",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3774"
          },
          {
            "name": "27260",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27260"
          },
          {
            "name": "27856",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27856"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html"
          },
          {
            "name": "27636",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27636"
          },
          {
            "name": "29604",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29604"
          },
          {
            "name": "MDKSA-2007:223",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:223"
          },
          {
            "name": "27721",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27721"
          },
          {
            "name": "27724",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27724"
          },
          {
            "name": "ADV-2007-3776",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3776"
          },
          {
            "name": "FEDORA-2007-3059",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html"
          },
          {
            "name": "27577",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27577"
          },
          {
            "name": "29104",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29104"
          },
          {
            "name": "FEDORA-2007-3031",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html"
          },
          {
            "name": "xpdf-dctstreamread-memory-corruption(38306)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38306"
          },
          {
            "name": "27618",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27618"
          },
          {
            "name": "27642",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27642"
          },
          {
            "name": "FEDORA-2007-4031",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html"
          },
          {
            "name": "27656",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27656"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2007-88/advisory/"
          },
          {
            "name": "FEDORA-2007-3100",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html"
          },
          {
            "name": "RHSA-2007:1026",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1026.html"
          },
          {
            "name": "DSA-1509",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1509"
          },
          {
            "name": "RHSA-2007:1022",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html"
          },
          {
            "name": "27573",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27573"
          },
          {
            "name": "RHSA-2007:1029",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1029.html"
          },
          {
            "name": "27641",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27641"
          },
          {
            "name": "GLSA-200805-13",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml"
          },
          {
            "name": "28812",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28812"
          },
          {
            "name": "DSA-1537",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1537"
          },
          {
            "name": "FEDORA-2007-750",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html"
          },
          {
            "name": "SSA:2007-316-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.761882"
          },
          {
            "name": "26367",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26367"
          },
          {
            "name": "27615",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27615"
          },
          {
            "name": "RHSA-2007:1021",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1021.html"
          },
          {
            "name": "ADV-2007-3786",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3786"
          },
          {
            "name": "27645",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27645"
          },
          {
            "name": "20071107 Secunia Research: Xpdf \"Stream.cc\" Multiple Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/483372"
          },
          {
            "name": "30168",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30168"
          },
          {
            "name": "27574",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27574"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1926"
          },
          {
            "name": "26503",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26503"
          },
          {
            "name": "MDKSA-2007:219",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:219"
          },
          {
            "name": "DSA-1480",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1480"
          },
          {
            "name": "GLSA-200711-22",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200711-22.xml"
          },
          {
            "name": "27634",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27634"
          },
          {
            "name": "MDKSA-2007:227",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:227"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kde.org/info/security/advisory-20071107-1.txt"
          },
          {
            "name": "28043",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28043"
          },
          {
            "name": "27619",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27619"
          },
          {
            "name": "MDKSA-2007:220",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:220"
          },
          {
            "name": "27705",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27705"
          },
          {
            "name": "27578",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27578"
          },
          {
            "name": "27640",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27640"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html"
          },
          {
            "name": "GLSA-200711-34",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml"
          },
          {
            "name": "27599",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27599"
          },
          {
            "name": "27575",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27575"
          },
          {
            "name": "1018905",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018905"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html"
          },
          {
            "name": "oval:org.mitre.oval:def:9979",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9979"
          },
          {
            "name": "FEDORA-2007-3390",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html"
          },
          {
            "name": "MDKSA-2007:228",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:228"
          },
          {
            "name": "ADV-2007-3775",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3775"
          },
          {
            "name": "RHSA-2007:1027",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html"
          },
          {
            "name": "RHSA-2007:1030",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html"
          },
          {
            "name": "USN-542-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-542-1"
          },
          {
            "name": "27658",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27658"
          },
          {
            "name": "RHSA-2007:1024",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1024.html"
          },
          {
            "name": "MDKSA-2007:230",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230"
          },
          {
            "name": "USN-542-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-542-2"
          },
          {
            "name": "RHSA-2007:1025",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1025.html"
          },
          {
            "name": "ADV-2007-3779",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3779"
          },
          {
            "name": "MDKSA-2007:221",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:221"
          },
          {
            "name": "27553",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27553"
          },
          {
            "name": "27637",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27637"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-11-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01",
        "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
        "shortName": "flexera"
      },
      "references": [
        {
          "name": "SUSE-SA:2007:060",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_60_pdf.html"
        },
        {
          "name": "27632",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27632"
        },
        {
          "name": "27743",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27743"
        },
        {
          "name": "MDKSA-2007:222",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:222"
        },
        {
          "name": "ADV-2007-3774",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3774"
        },
        {
          "name": "27260",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27260"
        },
        {
          "name": "27856",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27856"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html"
        },
        {
          "name": "27636",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27636"
        },
        {
          "name": "29604",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29604"
        },
        {
          "name": "MDKSA-2007:223",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:223"
        },
        {
          "name": "27721",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27721"
        },
        {
          "name": "27724",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27724"
        },
        {
          "name": "ADV-2007-3776",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3776"
        },
        {
          "name": "FEDORA-2007-3059",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html"
        },
        {
          "name": "27577",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27577"
        },
        {
          "name": "29104",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29104"
        },
        {
          "name": "FEDORA-2007-3031",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html"
        },
        {
          "name": "xpdf-dctstreamread-memory-corruption(38306)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38306"
        },
        {
          "name": "27618",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27618"
        },
        {
          "name": "27642",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27642"
        },
        {
          "name": "FEDORA-2007-4031",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html"
        },
        {
          "name": "27656",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27656"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2007-88/advisory/"
        },
        {
          "name": "FEDORA-2007-3100",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html"
        },
        {
          "name": "RHSA-2007:1026",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1026.html"
        },
        {
          "name": "DSA-1509",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1509"
        },
        {
          "name": "RHSA-2007:1022",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html"
        },
        {
          "name": "27573",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27573"
        },
        {
          "name": "RHSA-2007:1029",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1029.html"
        },
        {
          "name": "27641",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27641"
        },
        {
          "name": "GLSA-200805-13",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml"
        },
        {
          "name": "28812",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28812"
        },
        {
          "name": "DSA-1537",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1537"
        },
        {
          "name": "FEDORA-2007-750",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html"
        },
        {
          "name": "SSA:2007-316-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.761882"
        },
        {
          "name": "26367",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26367"
        },
        {
          "name": "27615",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27615"
        },
        {
          "name": "RHSA-2007:1021",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1021.html"
        },
        {
          "name": "ADV-2007-3786",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3786"
        },
        {
          "name": "27645",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27645"
        },
        {
          "name": "20071107 Secunia Research: Xpdf \"Stream.cc\" Multiple Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/483372"
        },
        {
          "name": "30168",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30168"
        },
        {
          "name": "27574",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27574"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1926"
        },
        {
          "name": "26503",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26503"
        },
        {
          "name": "MDKSA-2007:219",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:219"
        },
        {
          "name": "DSA-1480",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1480"
        },
        {
          "name": "GLSA-200711-22",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200711-22.xml"
        },
        {
          "name": "27634",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27634"
        },
        {
          "name": "MDKSA-2007:227",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:227"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kde.org/info/security/advisory-20071107-1.txt"
        },
        {
          "name": "28043",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28043"
        },
        {
          "name": "27619",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27619"
        },
        {
          "name": "MDKSA-2007:220",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:220"
        },
        {
          "name": "27705",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27705"
        },
        {
          "name": "27578",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27578"
        },
        {
          "name": "27640",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27640"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html"
        },
        {
          "name": "GLSA-200711-34",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml"
        },
        {
          "name": "27599",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27599"
        },
        {
          "name": "27575",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27575"
        },
        {
          "name": "1018905",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018905"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html"
        },
        {
          "name": "oval:org.mitre.oval:def:9979",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9979"
        },
        {
          "name": "FEDORA-2007-3390",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html"
        },
        {
          "name": "MDKSA-2007:228",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:228"
        },
        {
          "name": "ADV-2007-3775",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3775"
        },
        {
          "name": "RHSA-2007:1027",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html"
        },
        {
          "name": "RHSA-2007:1030",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html"
        },
        {
          "name": "USN-542-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-542-1"
        },
        {
          "name": "27658",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27658"
        },
        {
          "name": "RHSA-2007:1024",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1024.html"
        },
        {
          "name": "MDKSA-2007:230",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230"
        },
        {
          "name": "USN-542-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-542-2"
        },
        {
          "name": "RHSA-2007:1025",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1025.html"
        },
        {
          "name": "ADV-2007-3779",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3779"
        },
        {
          "name": "MDKSA-2007:221",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:221"
        },
        {
          "name": "27553",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27553"
        },
        {
          "name": "27637",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27637"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
          "ID": "CVE-2007-4352",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SUSE-SA:2007:060",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2007_60_pdf.html"
            },
            {
              "name": "27632",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27632"
            },
            {
              "name": "27743",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27743"
            },
            {
              "name": "MDKSA-2007:222",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:222"
            },
            {
              "name": "ADV-2007-3774",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3774"
            },
            {
              "name": "27260",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27260"
            },
            {
              "name": "27856",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27856"
            },
            {
              "name": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html",
              "refsource": "CONFIRM",
              "url": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html"
            },
            {
              "name": "27636",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27636"
            },
            {
              "name": "29604",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29604"
            },
            {
              "name": "MDKSA-2007:223",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:223"
            },
            {
              "name": "27721",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27721"
            },
            {
              "name": "27724",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27724"
            },
            {
              "name": "ADV-2007-3776",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3776"
            },
            {
              "name": "FEDORA-2007-3059",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html"
            },
            {
              "name": "27577",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27577"
            },
            {
              "name": "29104",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29104"
            },
            {
              "name": "FEDORA-2007-3031",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html"
            },
            {
              "name": "xpdf-dctstreamread-memory-corruption(38306)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38306"
            },
            {
              "name": "27618",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27618"
            },
            {
              "name": "27642",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27642"
            },
            {
              "name": "FEDORA-2007-4031",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html"
            },
            {
              "name": "27656",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27656"
            },
            {
              "name": "http://secunia.com/secunia_research/2007-88/advisory/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2007-88/advisory/"
            },
            {
              "name": "FEDORA-2007-3100",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html"
            },
            {
              "name": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html",
              "refsource": "CONFIRM",
              "url": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html"
            },
            {
              "name": "RHSA-2007:1026",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1026.html"
            },
            {
              "name": "DSA-1509",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2008/dsa-1509"
            },
            {
              "name": "RHSA-2007:1022",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html"
            },
            {
              "name": "27573",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27573"
            },
            {
              "name": "RHSA-2007:1029",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1029.html"
            },
            {
              "name": "27641",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27641"
            },
            {
              "name": "GLSA-200805-13",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml"
            },
            {
              "name": "28812",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28812"
            },
            {
              "name": "DSA-1537",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2008/dsa-1537"
            },
            {
              "name": "FEDORA-2007-750",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html"
            },
            {
              "name": "SSA:2007-316-01",
              "refsource": "SLACKWARE",
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.761882"
            },
            {
              "name": "26367",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26367"
            },
            {
              "name": "27615",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27615"
            },
            {
              "name": "RHSA-2007:1021",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1021.html"
            },
            {
              "name": "ADV-2007-3786",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3786"
            },
            {
              "name": "27645",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27645"
            },
            {
              "name": "20071107 Secunia Research: Xpdf \"Stream.cc\" Multiple Vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/483372"
            },
            {
              "name": "30168",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30168"
            },
            {
              "name": "27574",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27574"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1926",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-1926"
            },
            {
              "name": "26503",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26503"
            },
            {
              "name": "MDKSA-2007:219",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:219"
            },
            {
              "name": "DSA-1480",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2008/dsa-1480"
            },
            {
              "name": "GLSA-200711-22",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200711-22.xml"
            },
            {
              "name": "27634",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27634"
            },
            {
              "name": "MDKSA-2007:227",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:227"
            },
            {
              "name": "http://www.kde.org/info/security/advisory-20071107-1.txt",
              "refsource": "CONFIRM",
              "url": "http://www.kde.org/info/security/advisory-20071107-1.txt"
            },
            {
              "name": "28043",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28043"
            },
            {
              "name": "27619",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27619"
            },
            {
              "name": "MDKSA-2007:220",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:220"
            },
            {
              "name": "27705",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27705"
            },
            {
              "name": "27578",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27578"
            },
            {
              "name": "27640",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27640"
            },
            {
              "name": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html",
              "refsource": "CONFIRM",
              "url": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html"
            },
            {
              "name": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html",
              "refsource": "CONFIRM",
              "url": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html"
            },
            {
              "name": "GLSA-200711-34",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml"
            },
            {
              "name": "27599",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27599"
            },
            {
              "name": "27575",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27575"
            },
            {
              "name": "1018905",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018905"
            },
            {
              "name": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html",
              "refsource": "CONFIRM",
              "url": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html"
            },
            {
              "name": "oval:org.mitre.oval:def:9979",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9979"
            },
            {
              "name": "FEDORA-2007-3390",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html"
            },
            {
              "name": "MDKSA-2007:228",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:228"
            },
            {
              "name": "ADV-2007-3775",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3775"
            },
            {
              "name": "RHSA-2007:1027",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html"
            },
            {
              "name": "RHSA-2007:1030",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html"
            },
            {
              "name": "USN-542-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-542-1"
            },
            {
              "name": "27658",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27658"
            },
            {
              "name": "RHSA-2007:1024",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1024.html"
            },
            {
              "name": "MDKSA-2007:230",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230"
            },
            {
              "name": "USN-542-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-542-2"
            },
            {
              "name": "RHSA-2007:1025",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1025.html"
            },
            {
              "name": "ADV-2007-3779",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3779"
            },
            {
              "name": "MDKSA-2007:221",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:221"
            },
            {
              "name": "27553",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27553"
            },
            {
              "name": "27637",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27637"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
    "assignerShortName": "flexera",
    "cveId": "CVE-2007-4352",
    "datePublished": "2007-11-08T02:00:00",
    "dateReserved": "2007-08-14T00:00:00",
    "dateUpdated": "2024-08-07T14:53:55.890Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-3044 (GCVE-0-2023-3044)
Vulnerability from cvelistv5
Published
2023-06-02 22:32
Modified
2025-01-08 17:53
CWE
Summary
An excessively large PDF page size (found in fuzz testing, unlikely in normal PDF files) can result in a divide-by-zero in Xpdf's text extraction code. This is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate.
Impacted products
Vendor Product Version
Xpdf Xpdf Version: 4.04
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T06:41:04.131Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.xpdfreader.com/security-bug/CVE-2023-3044.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/baker221/poc-xpdf"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-3044",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-08T17:53:02.399834Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-08T17:53:11.882Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "all"
          ],
          "product": "Xpdf",
          "vendor": "Xpdf",
          "versions": [
            {
              "status": "affected",
              "version": "4.04"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Junlin Liu of Peking Univ."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003eAn excessively large PDF page size (found in fuzz testing, unlikely in normal PDF files) can result in a divide-by-zero in Xpdf\u0027s text extraction code.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eThis is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate.\u003cbr\u003e\u003c/div\u003e"
            }
          ],
          "value": "An excessively large PDF page size (found in fuzz testing, unlikely in normal PDF files) can result in a divide-by-zero in Xpdf\u0027s text extraction code.\n\n\n\n\nThis is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate.\n\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-369",
              "description": "CWE-369 Divide By Zero",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-02T22:32:31.677Z",
        "orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924",
        "shortName": "GandC"
      },
      "references": [
        {
          "url": "https://www.xpdfreader.com/security-bug/CVE-2023-3044.html"
        },
        {
          "url": "https://github.com/baker221/poc-xpdf"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Divide-by-zero in Xpdf 4.04 due to very large page size",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924",
    "assignerShortName": "GandC",
    "cveId": "CVE-2023-3044",
    "datePublished": "2023-06-02T22:32:31.677Z",
    "dateReserved": "2023-06-01T22:02:19.916Z",
    "dateUpdated": "2025-01-08T17:53:11.882Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2004-1125 (GCVE-0-2004-1125)
Vulnerability from cvelistv5
Published
2004-12-22 05:00
Modified
2024-08-08 00:39
Severity ?
CWE
  • n/a
Summary
Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded.
References
http://www.redhat.com/support/errata/RHSA-2005-013.html vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/17277 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2005-066.html vendor-advisory, x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2005-034.html vendor-advisory, x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2005-018.html vendor-advisory, x_refsource_REDHAT
https://bugzilla.fedora.us/show_bug.cgi?id=2352 vendor-advisory, x_refsource_FEDORA
https://bugzilla.fedora.us/show_bug.cgi?id=2353 vendor-advisory, x_refsource_FEDORA
http://securitytracker.com/id?1012646 vdb-entry, x_refsource_SECTRACK
http://www.securityfocus.com/bid/12070 vdb-entry, x_refsource_BID
http://www.kde.org/info/security/advisory-20041223-1.txt x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/18641 vdb-entry, x_refsource_XF
http://www.gentoo.org/security/en/glsa/glsa-200501-17.xml vendor-advisory, x_refsource_GENTOO
http://www.redhat.com/support/errata/RHSA-2005-026.html vendor-advisory, x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2005-053.html vendor-advisory, x_refsource_REDHAT
https://usn.ubuntu.com/50-1/ vendor-advisory, x_refsource_UBUNTU
http://www.gentoo.org/security/en/glsa/glsa-200501-13.xml vendor-advisory, x_refsource_GENTOO
http://marc.info/?t=110378596500001&r=1&w=2 mailing-list, x_refsource_BUGTRAQ
http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml vendor-advisory, x_refsource_GENTOO
http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030241.html mailing-list, x_refsource_FULLDISC
http://www.novell.com/linux/security/advisories/2005_01_sr.html vendor-advisory, x_refsource_SUSE
http://www.redhat.com/support/errata/RHSA-2005-354.html vendor-advisory, x_refsource_REDHAT
http://www.idefense.com/application/poi/display?id=172&type=vulnerabilities third-party-advisory, x_refsource_IDEFENSE
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10830 vdb-entry, signature, x_refsource_OVAL
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt vendor-advisory, x_refsource_SCO
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch x_refsource_CONFIRM
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000921 vendor-advisory, x_refsource_CONECTIVA
http://www.redhat.com/support/errata/RHSA-2005-057.html vendor-advisory, x_refsource_REDHAT
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:39:00.871Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2005:013",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-013.html"
          },
          {
            "name": "17277",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17277"
          },
          {
            "name": "RHSA-2005:066",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-066.html"
          },
          {
            "name": "RHSA-2005:034",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
          },
          {
            "name": "RHSA-2005:018",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-018.html"
          },
          {
            "name": "FLSA:2352",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2352"
          },
          {
            "name": "FLSA:2353",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353"
          },
          {
            "name": "1012646",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1012646"
          },
          {
            "name": "12070",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/12070"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kde.org/info/security/advisory-20041223-1.txt"
          },
          {
            "name": "xpdf-gfx-doimage-bo(18641)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18641"
          },
          {
            "name": "GLSA-200501-17",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-17.xml"
          },
          {
            "name": "RHSA-2005:026",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-026.html"
          },
          {
            "name": "RHSA-2005:053",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
          },
          {
            "name": "USN-50-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/50-1/"
          },
          {
            "name": "GLSA-200501-13",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-13.xml"
          },
          {
            "name": "20041228 KDE Security Advisory: kpdf Buffer Overflow Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?t=110378596500001\u0026r=1\u0026w=2"
          },
          {
            "name": "GLSA-200412-25",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml"
          },
          {
            "name": "20041223 [USN-48-1] xpdf, tetex-bin vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030241.html"
          },
          {
            "name": "SUSE-SR:2005:001",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
          },
          {
            "name": "RHSA-2005:354",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
          },
          {
            "name": "20041221 Multiple Vendor xpdf PDF Viewer Buffer Overflow Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://www.idefense.com/application/poi/display?id=172\u0026type=vulnerabilities"
          },
          {
            "name": "oval:org.mitre.oval:def:10830",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10830"
          },
          {
            "name": "SCOSA-2005.42",
            "tags": [
              "vendor-advisory",
              "x_refsource_SCO",
              "x_transferred"
            ],
            "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch"
          },
          {
            "name": "CLA-2005:921",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000921"
          },
          {
            "name": "RHSA-2005:057",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-12-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-03T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2005:013",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-013.html"
        },
        {
          "name": "17277",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17277"
        },
        {
          "name": "RHSA-2005:066",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-066.html"
        },
        {
          "name": "RHSA-2005:034",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
        },
        {
          "name": "RHSA-2005:018",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-018.html"
        },
        {
          "name": "FLSA:2352",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2352"
        },
        {
          "name": "FLSA:2353",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353"
        },
        {
          "name": "1012646",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1012646"
        },
        {
          "name": "12070",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/12070"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kde.org/info/security/advisory-20041223-1.txt"
        },
        {
          "name": "xpdf-gfx-doimage-bo(18641)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18641"
        },
        {
          "name": "GLSA-200501-17",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-17.xml"
        },
        {
          "name": "RHSA-2005:026",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-026.html"
        },
        {
          "name": "RHSA-2005:053",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
        },
        {
          "name": "USN-50-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/50-1/"
        },
        {
          "name": "GLSA-200501-13",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-13.xml"
        },
        {
          "name": "20041228 KDE Security Advisory: kpdf Buffer Overflow Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?t=110378596500001\u0026r=1\u0026w=2"
        },
        {
          "name": "GLSA-200412-25",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml"
        },
        {
          "name": "20041223 [USN-48-1] xpdf, tetex-bin vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030241.html"
        },
        {
          "name": "SUSE-SR:2005:001",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
        },
        {
          "name": "RHSA-2005:354",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
        },
        {
          "name": "20041221 Multiple Vendor xpdf PDF Viewer Buffer Overflow Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://www.idefense.com/application/poi/display?id=172\u0026type=vulnerabilities"
        },
        {
          "name": "oval:org.mitre.oval:def:10830",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10830"
        },
        {
          "name": "SCOSA-2005.42",
          "tags": [
            "vendor-advisory",
            "x_refsource_SCO"
          ],
          "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch"
        },
        {
          "name": "CLA-2005:921",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000921"
        },
        {
          "name": "RHSA-2005:057",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-1125",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2005:013",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-013.html"
            },
            {
              "name": "17277",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17277"
            },
            {
              "name": "RHSA-2005:066",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-066.html"
            },
            {
              "name": "RHSA-2005:034",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
            },
            {
              "name": "RHSA-2005:018",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-018.html"
            },
            {
              "name": "FLSA:2352",
              "refsource": "FEDORA",
              "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2352"
            },
            {
              "name": "FLSA:2353",
              "refsource": "FEDORA",
              "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353"
            },
            {
              "name": "1012646",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1012646"
            },
            {
              "name": "12070",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/12070"
            },
            {
              "name": "http://www.kde.org/info/security/advisory-20041223-1.txt",
              "refsource": "CONFIRM",
              "url": "http://www.kde.org/info/security/advisory-20041223-1.txt"
            },
            {
              "name": "xpdf-gfx-doimage-bo(18641)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18641"
            },
            {
              "name": "GLSA-200501-17",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-17.xml"
            },
            {
              "name": "RHSA-2005:026",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-026.html"
            },
            {
              "name": "RHSA-2005:053",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
            },
            {
              "name": "USN-50-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/50-1/"
            },
            {
              "name": "GLSA-200501-13",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-13.xml"
            },
            {
              "name": "20041228 KDE Security Advisory: kpdf Buffer Overflow Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?t=110378596500001\u0026r=1\u0026w=2"
            },
            {
              "name": "GLSA-200412-25",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml"
            },
            {
              "name": "20041223 [USN-48-1] xpdf, tetex-bin vulnerabilities",
              "refsource": "FULLDISC",
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030241.html"
            },
            {
              "name": "SUSE-SR:2005:001",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
            },
            {
              "name": "RHSA-2005:354",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
            },
            {
              "name": "20041221 Multiple Vendor xpdf PDF Viewer Buffer Overflow Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://www.idefense.com/application/poi/display?id=172\u0026type=vulnerabilities"
            },
            {
              "name": "oval:org.mitre.oval:def:10830",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10830"
            },
            {
              "name": "SCOSA-2005.42",
              "refsource": "SCO",
              "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt"
            },
            {
              "name": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch"
            },
            {
              "name": "CLA-2005:921",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000921"
            },
            {
              "name": "RHSA-2005:057",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-1125",
    "datePublished": "2004-12-22T05:00:00",
    "dateReserved": "2004-12-02T00:00:00",
    "dateUpdated": "2024-08-08T00:39:00.871Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2002-1384 (GCVE-0-2002-1384)
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:19
Severity ?
CWE
  • n/a
Summary
Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf.
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T03:19:28.818Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-232",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2003/dsa-232"
          },
          {
            "name": "RHSA-2002:295",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2002-295.html"
          },
          {
            "name": "MDKSA-2003:002",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:002"
          },
          {
            "name": "SUSE-SA:2003:002",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2003_002_cups.html"
          },
          {
            "name": "6475",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/6475"
          },
          {
            "name": "MDKSA-2003:001",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001"
          },
          {
            "name": "GLSA-200301-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=104152282309980\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.idefense.com/advisory/12.23.02.txt"
          },
          {
            "name": "RHSA-2002:307",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2002-307.html"
          },
          {
            "name": "pdftops-integer-overflow(10937)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10937"
          },
          {
            "name": "RHSA-2003:216",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2003-216.html"
          },
          {
            "name": "DSA-226",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2003/dsa-226"
          },
          {
            "name": "RHSA-2003:037",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2003-037.html"
          },
          {
            "name": "DSA-222",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2003/dsa-222"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2002-12-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2007-12-20T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "DSA-232",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2003/dsa-232"
        },
        {
          "name": "RHSA-2002:295",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2002-295.html"
        },
        {
          "name": "MDKSA-2003:002",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:002"
        },
        {
          "name": "SUSE-SA:2003:002",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2003_002_cups.html"
        },
        {
          "name": "6475",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/6475"
        },
        {
          "name": "MDKSA-2003:001",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001"
        },
        {
          "name": "GLSA-200301-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=104152282309980\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.idefense.com/advisory/12.23.02.txt"
        },
        {
          "name": "RHSA-2002:307",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2002-307.html"
        },
        {
          "name": "pdftops-integer-overflow(10937)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10937"
        },
        {
          "name": "RHSA-2003:216",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2003-216.html"
        },
        {
          "name": "DSA-226",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2003/dsa-226"
        },
        {
          "name": "RHSA-2003:037",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2003-037.html"
        },
        {
          "name": "DSA-222",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2003/dsa-222"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-1384",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-232",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2003/dsa-232"
            },
            {
              "name": "RHSA-2002:295",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2002-295.html"
            },
            {
              "name": "MDKSA-2003:002",
              "refsource": "MANDRAKE",
              "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:002"
            },
            {
              "name": "SUSE-SA:2003:002",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2003_002_cups.html"
            },
            {
              "name": "6475",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/6475"
            },
            {
              "name": "MDKSA-2003:001",
              "refsource": "MANDRAKE",
              "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001"
            },
            {
              "name": "GLSA-200301-1",
              "refsource": "GENTOO",
              "url": "http://marc.info/?l=bugtraq\u0026m=104152282309980\u0026w=2"
            },
            {
              "name": "http://www.idefense.com/advisory/12.23.02.txt",
              "refsource": "MISC",
              "url": "http://www.idefense.com/advisory/12.23.02.txt"
            },
            {
              "name": "RHSA-2002:307",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2002-307.html"
            },
            {
              "name": "pdftops-integer-overflow(10937)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10937"
            },
            {
              "name": "RHSA-2003:216",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2003-216.html"
            },
            {
              "name": "DSA-226",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2003/dsa-226"
            },
            {
              "name": "RHSA-2003:037",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2003-037.html"
            },
            {
              "name": "DSA-222",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2003/dsa-222"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2002-1384",
    "datePublished": "2004-09-01T04:00:00",
    "dateReserved": "2002-12-18T00:00:00",
    "dateUpdated": "2024-08-08T03:19:28.818Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2007-5392 (GCVE-0-2007-5392)
Vulnerability from cvelistv5
Published
2007-11-08 02:00
Modified
2024-08-07 15:31
Severity ?
CWE
  • n/a
Summary
Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow.
References
http://www.novell.com/linux/security/advisories/2007_60_pdf.html vendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/27632 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27743 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2007:222 vendor-advisory, x_refsource_MANDRIVA
http://www.vupen.com/english/advisories/2007/3774 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/27260 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27856 third-party-advisory, x_refsource_SECUNIA
http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html x_refsource_CONFIRM
http://secunia.com/advisories/27636 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/29604 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2007:223 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/27721 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27724 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/3776 vdb-entry, x_refsource_VUPEN
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/27577 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/29104 third-party-advisory, x_refsource_SECUNIA
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/27618 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27642 third-party-advisory, x_refsource_SECUNIA
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/27656 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/secunia_research/2007-88/advisory/ x_refsource_MISC
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html vendor-advisory, x_refsource_FEDORA
http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2007-1026.html vendor-advisory, x_refsource_REDHAT
http://www.debian.org/security/2008/dsa-1509 vendor-advisory, x_refsource_DEBIAN
http://www.redhat.com/support/errata/RHSA-2007-1022.html vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/27573 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2007-1029.html vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/27641 third-party-advisory, x_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200805-13.xml vendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/28812 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2008/dsa-1537 vendor-advisory, x_refsource_DEBIAN
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html vendor-advisory, x_refsource_FEDORA
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882 vendor-advisory, x_refsource_SLACKWARE
http://www.securityfocus.com/bid/26367 vdb-entry, x_refsource_BID
http://secunia.com/advisories/27615 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2007-1021.html vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2007/3786 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/27645 third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/483372 mailing-list, x_refsource_BUGTRAQ
http://secunia.com/advisories/30168 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27574 third-party-advisory, x_refsource_SECUNIA
https://issues.rpath.com/browse/RPL-1926 x_refsource_CONFIRM
http://secunia.com/advisories/26503 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2007:219 vendor-advisory, x_refsource_MANDRIVA
http://www.debian.org/security/2008/dsa-1480 vendor-advisory, x_refsource_DEBIAN
http://security.gentoo.org/glsa/glsa-200711-22.xml vendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/27634 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2007:227 vendor-advisory, x_refsource_MANDRIVA
http://www.kde.org/info/security/advisory-20071107-1.txt x_refsource_CONFIRM
http://secunia.com/advisories/28043 third-party-advisory, x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10036 vdb-entry, signature, x_refsource_OVAL
http://secunia.com/advisories/27619 third-party-advisory, x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/38303 vdb-entry, x_refsource_XF
http://www.mandriva.com/security/advisories?name=MDKSA-2007:220 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/27705 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27578 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27640 third-party-advisory, x_refsource_SECUNIA
http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html x_refsource_CONFIRM
http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html x_refsource_CONFIRM
http://security.gentoo.org/glsa/glsa-200711-34.xml vendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/27599 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27575 third-party-advisory, x_refsource_SECUNIA
http://www.securitytracker.com/id?1018905 vdb-entry, x_refsource_SECTRACK
http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html x_refsource_CONFIRM
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html vendor-advisory, x_refsource_FEDORA
http://www.mandriva.com/security/advisories?name=MDKSA-2007:228 vendor-advisory, x_refsource_MANDRIVA
http://www.vupen.com/english/advisories/2007/3775 vdb-entry, x_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2007-1027.html vendor-advisory, x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2007-1030.html vendor-advisory, x_refsource_REDHAT
http://www.ubuntu.com/usn/usn-542-1 vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/27658 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2007-1024.html vendor-advisory, x_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDKSA-2007:230 vendor-advisory, x_refsource_MANDRIVA
http://www.ubuntu.com/usn/usn-542-2 vendor-advisory, x_refsource_UBUNTU
http://www.redhat.com/support/errata/RHSA-2007-1025.html vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2007/3779 vdb-entry, x_refsource_VUPEN
http://www.mandriva.com/security/advisories?name=MDKSA-2007:221 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/27553 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27637 third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:31:58.169Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SA:2007:060",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_60_pdf.html"
          },
          {
            "name": "27632",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27632"
          },
          {
            "name": "27743",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27743"
          },
          {
            "name": "MDKSA-2007:222",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:222"
          },
          {
            "name": "ADV-2007-3774",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3774"
          },
          {
            "name": "27260",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27260"
          },
          {
            "name": "27856",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27856"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html"
          },
          {
            "name": "27636",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27636"
          },
          {
            "name": "29604",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29604"
          },
          {
            "name": "MDKSA-2007:223",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:223"
          },
          {
            "name": "27721",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27721"
          },
          {
            "name": "27724",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27724"
          },
          {
            "name": "ADV-2007-3776",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3776"
          },
          {
            "name": "FEDORA-2007-3059",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html"
          },
          {
            "name": "27577",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27577"
          },
          {
            "name": "29104",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29104"
          },
          {
            "name": "FEDORA-2007-3031",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html"
          },
          {
            "name": "27618",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27618"
          },
          {
            "name": "27642",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27642"
          },
          {
            "name": "FEDORA-2007-4031",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html"
          },
          {
            "name": "27656",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27656"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2007-88/advisory/"
          },
          {
            "name": "FEDORA-2007-3100",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html"
          },
          {
            "name": "RHSA-2007:1026",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1026.html"
          },
          {
            "name": "DSA-1509",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1509"
          },
          {
            "name": "RHSA-2007:1022",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html"
          },
          {
            "name": "27573",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27573"
          },
          {
            "name": "RHSA-2007:1029",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1029.html"
          },
          {
            "name": "27641",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27641"
          },
          {
            "name": "GLSA-200805-13",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml"
          },
          {
            "name": "28812",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28812"
          },
          {
            "name": "DSA-1537",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1537"
          },
          {
            "name": "FEDORA-2007-750",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html"
          },
          {
            "name": "SSA:2007-316-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.761882"
          },
          {
            "name": "26367",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26367"
          },
          {
            "name": "27615",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27615"
          },
          {
            "name": "RHSA-2007:1021",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1021.html"
          },
          {
            "name": "ADV-2007-3786",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3786"
          },
          {
            "name": "27645",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27645"
          },
          {
            "name": "20071107 Secunia Research: Xpdf \"Stream.cc\" Multiple Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/483372"
          },
          {
            "name": "30168",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30168"
          },
          {
            "name": "27574",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27574"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1926"
          },
          {
            "name": "26503",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26503"
          },
          {
            "name": "MDKSA-2007:219",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:219"
          },
          {
            "name": "DSA-1480",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1480"
          },
          {
            "name": "GLSA-200711-22",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200711-22.xml"
          },
          {
            "name": "27634",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27634"
          },
          {
            "name": "MDKSA-2007:227",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:227"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kde.org/info/security/advisory-20071107-1.txt"
          },
          {
            "name": "28043",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28043"
          },
          {
            "name": "oval:org.mitre.oval:def:10036",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10036"
          },
          {
            "name": "27619",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27619"
          },
          {
            "name": "xpdf-dctstreamreset-bo(38303)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38303"
          },
          {
            "name": "MDKSA-2007:220",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:220"
          },
          {
            "name": "27705",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27705"
          },
          {
            "name": "27578",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27578"
          },
          {
            "name": "27640",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27640"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html"
          },
          {
            "name": "GLSA-200711-34",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml"
          },
          {
            "name": "27599",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27599"
          },
          {
            "name": "27575",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27575"
          },
          {
            "name": "1018905",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018905"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html"
          },
          {
            "name": "FEDORA-2007-3390",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html"
          },
          {
            "name": "MDKSA-2007:228",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:228"
          },
          {
            "name": "ADV-2007-3775",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3775"
          },
          {
            "name": "RHSA-2007:1027",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html"
          },
          {
            "name": "RHSA-2007:1030",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html"
          },
          {
            "name": "USN-542-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-542-1"
          },
          {
            "name": "27658",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27658"
          },
          {
            "name": "RHSA-2007:1024",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1024.html"
          },
          {
            "name": "MDKSA-2007:230",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230"
          },
          {
            "name": "USN-542-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-542-2"
          },
          {
            "name": "RHSA-2007:1025",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1025.html"
          },
          {
            "name": "ADV-2007-3779",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3779"
          },
          {
            "name": "MDKSA-2007:221",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:221"
          },
          {
            "name": "27553",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27553"
          },
          {
            "name": "27637",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27637"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-11-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01",
        "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
        "shortName": "flexera"
      },
      "references": [
        {
          "name": "SUSE-SA:2007:060",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_60_pdf.html"
        },
        {
          "name": "27632",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27632"
        },
        {
          "name": "27743",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27743"
        },
        {
          "name": "MDKSA-2007:222",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:222"
        },
        {
          "name": "ADV-2007-3774",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3774"
        },
        {
          "name": "27260",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27260"
        },
        {
          "name": "27856",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27856"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html"
        },
        {
          "name": "27636",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27636"
        },
        {
          "name": "29604",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29604"
        },
        {
          "name": "MDKSA-2007:223",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:223"
        },
        {
          "name": "27721",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27721"
        },
        {
          "name": "27724",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27724"
        },
        {
          "name": "ADV-2007-3776",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3776"
        },
        {
          "name": "FEDORA-2007-3059",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html"
        },
        {
          "name": "27577",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27577"
        },
        {
          "name": "29104",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29104"
        },
        {
          "name": "FEDORA-2007-3031",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html"
        },
        {
          "name": "27618",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27618"
        },
        {
          "name": "27642",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27642"
        },
        {
          "name": "FEDORA-2007-4031",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html"
        },
        {
          "name": "27656",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27656"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2007-88/advisory/"
        },
        {
          "name": "FEDORA-2007-3100",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html"
        },
        {
          "name": "RHSA-2007:1026",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1026.html"
        },
        {
          "name": "DSA-1509",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1509"
        },
        {
          "name": "RHSA-2007:1022",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html"
        },
        {
          "name": "27573",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27573"
        },
        {
          "name": "RHSA-2007:1029",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1029.html"
        },
        {
          "name": "27641",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27641"
        },
        {
          "name": "GLSA-200805-13",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml"
        },
        {
          "name": "28812",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28812"
        },
        {
          "name": "DSA-1537",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1537"
        },
        {
          "name": "FEDORA-2007-750",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html"
        },
        {
          "name": "SSA:2007-316-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.761882"
        },
        {
          "name": "26367",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26367"
        },
        {
          "name": "27615",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27615"
        },
        {
          "name": "RHSA-2007:1021",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1021.html"
        },
        {
          "name": "ADV-2007-3786",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3786"
        },
        {
          "name": "27645",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27645"
        },
        {
          "name": "20071107 Secunia Research: Xpdf \"Stream.cc\" Multiple Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/483372"
        },
        {
          "name": "30168",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30168"
        },
        {
          "name": "27574",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27574"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1926"
        },
        {
          "name": "26503",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26503"
        },
        {
          "name": "MDKSA-2007:219",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:219"
        },
        {
          "name": "DSA-1480",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1480"
        },
        {
          "name": "GLSA-200711-22",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200711-22.xml"
        },
        {
          "name": "27634",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27634"
        },
        {
          "name": "MDKSA-2007:227",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:227"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kde.org/info/security/advisory-20071107-1.txt"
        },
        {
          "name": "28043",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28043"
        },
        {
          "name": "oval:org.mitre.oval:def:10036",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10036"
        },
        {
          "name": "27619",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27619"
        },
        {
          "name": "xpdf-dctstreamreset-bo(38303)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38303"
        },
        {
          "name": "MDKSA-2007:220",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:220"
        },
        {
          "name": "27705",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27705"
        },
        {
          "name": "27578",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27578"
        },
        {
          "name": "27640",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27640"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html"
        },
        {
          "name": "GLSA-200711-34",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml"
        },
        {
          "name": "27599",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27599"
        },
        {
          "name": "27575",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27575"
        },
        {
          "name": "1018905",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018905"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html"
        },
        {
          "name": "FEDORA-2007-3390",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html"
        },
        {
          "name": "MDKSA-2007:228",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:228"
        },
        {
          "name": "ADV-2007-3775",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3775"
        },
        {
          "name": "RHSA-2007:1027",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html"
        },
        {
          "name": "RHSA-2007:1030",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html"
        },
        {
          "name": "USN-542-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-542-1"
        },
        {
          "name": "27658",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27658"
        },
        {
          "name": "RHSA-2007:1024",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1024.html"
        },
        {
          "name": "MDKSA-2007:230",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230"
        },
        {
          "name": "USN-542-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-542-2"
        },
        {
          "name": "RHSA-2007:1025",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1025.html"
        },
        {
          "name": "ADV-2007-3779",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3779"
        },
        {
          "name": "MDKSA-2007:221",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:221"
        },
        {
          "name": "27553",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27553"
        },
        {
          "name": "27637",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27637"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
          "ID": "CVE-2007-5392",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SUSE-SA:2007:060",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2007_60_pdf.html"
            },
            {
              "name": "27632",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27632"
            },
            {
              "name": "27743",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27743"
            },
            {
              "name": "MDKSA-2007:222",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:222"
            },
            {
              "name": "ADV-2007-3774",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3774"
            },
            {
              "name": "27260",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27260"
            },
            {
              "name": "27856",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27856"
            },
            {
              "name": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html",
              "refsource": "CONFIRM",
              "url": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html"
            },
            {
              "name": "27636",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27636"
            },
            {
              "name": "29604",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29604"
            },
            {
              "name": "MDKSA-2007:223",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:223"
            },
            {
              "name": "27721",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27721"
            },
            {
              "name": "27724",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27724"
            },
            {
              "name": "ADV-2007-3776",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3776"
            },
            {
              "name": "FEDORA-2007-3059",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html"
            },
            {
              "name": "27577",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27577"
            },
            {
              "name": "29104",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29104"
            },
            {
              "name": "FEDORA-2007-3031",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html"
            },
            {
              "name": "27618",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27618"
            },
            {
              "name": "27642",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27642"
            },
            {
              "name": "FEDORA-2007-4031",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html"
            },
            {
              "name": "27656",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27656"
            },
            {
              "name": "http://secunia.com/secunia_research/2007-88/advisory/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2007-88/advisory/"
            },
            {
              "name": "FEDORA-2007-3100",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html"
            },
            {
              "name": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html",
              "refsource": "CONFIRM",
              "url": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html"
            },
            {
              "name": "RHSA-2007:1026",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1026.html"
            },
            {
              "name": "DSA-1509",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2008/dsa-1509"
            },
            {
              "name": "RHSA-2007:1022",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html"
            },
            {
              "name": "27573",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27573"
            },
            {
              "name": "RHSA-2007:1029",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1029.html"
            },
            {
              "name": "27641",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27641"
            },
            {
              "name": "GLSA-200805-13",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml"
            },
            {
              "name": "28812",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28812"
            },
            {
              "name": "DSA-1537",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2008/dsa-1537"
            },
            {
              "name": "FEDORA-2007-750",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html"
            },
            {
              "name": "SSA:2007-316-01",
              "refsource": "SLACKWARE",
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.761882"
            },
            {
              "name": "26367",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26367"
            },
            {
              "name": "27615",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27615"
            },
            {
              "name": "RHSA-2007:1021",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1021.html"
            },
            {
              "name": "ADV-2007-3786",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3786"
            },
            {
              "name": "27645",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27645"
            },
            {
              "name": "20071107 Secunia Research: Xpdf \"Stream.cc\" Multiple Vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/483372"
            },
            {
              "name": "30168",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30168"
            },
            {
              "name": "27574",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27574"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1926",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-1926"
            },
            {
              "name": "26503",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26503"
            },
            {
              "name": "MDKSA-2007:219",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:219"
            },
            {
              "name": "DSA-1480",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2008/dsa-1480"
            },
            {
              "name": "GLSA-200711-22",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200711-22.xml"
            },
            {
              "name": "27634",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27634"
            },
            {
              "name": "MDKSA-2007:227",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:227"
            },
            {
              "name": "http://www.kde.org/info/security/advisory-20071107-1.txt",
              "refsource": "CONFIRM",
              "url": "http://www.kde.org/info/security/advisory-20071107-1.txt"
            },
            {
              "name": "28043",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28043"
            },
            {
              "name": "oval:org.mitre.oval:def:10036",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10036"
            },
            {
              "name": "27619",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27619"
            },
            {
              "name": "xpdf-dctstreamreset-bo(38303)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38303"
            },
            {
              "name": "MDKSA-2007:220",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:220"
            },
            {
              "name": "27705",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27705"
            },
            {
              "name": "27578",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27578"
            },
            {
              "name": "27640",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27640"
            },
            {
              "name": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html",
              "refsource": "CONFIRM",
              "url": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html"
            },
            {
              "name": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html",
              "refsource": "CONFIRM",
              "url": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html"
            },
            {
              "name": "GLSA-200711-34",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml"
            },
            {
              "name": "27599",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27599"
            },
            {
              "name": "27575",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27575"
            },
            {
              "name": "1018905",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018905"
            },
            {
              "name": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html",
              "refsource": "CONFIRM",
              "url": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html"
            },
            {
              "name": "FEDORA-2007-3390",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html"
            },
            {
              "name": "MDKSA-2007:228",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:228"
            },
            {
              "name": "ADV-2007-3775",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3775"
            },
            {
              "name": "RHSA-2007:1027",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html"
            },
            {
              "name": "RHSA-2007:1030",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html"
            },
            {
              "name": "USN-542-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-542-1"
            },
            {
              "name": "27658",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27658"
            },
            {
              "name": "RHSA-2007:1024",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1024.html"
            },
            {
              "name": "MDKSA-2007:230",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230"
            },
            {
              "name": "USN-542-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-542-2"
            },
            {
              "name": "RHSA-2007:1025",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1025.html"
            },
            {
              "name": "ADV-2007-3779",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3779"
            },
            {
              "name": "MDKSA-2007:221",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:221"
            },
            {
              "name": "27553",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27553"
            },
            {
              "name": "27637",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27637"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
    "assignerShortName": "flexera",
    "cveId": "CVE-2007-5392",
    "datePublished": "2007-11-08T02:00:00",
    "dateReserved": "2007-10-12T00:00:00",
    "dateUpdated": "2024-08-07T15:31:58.169Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-4976 (GCVE-0-2024-4976)
Vulnerability from cvelistv5
Published
2024-05-15 20:34
Modified
2024-08-01 20:55
CWE
Summary
Out-of-bounds array write in Xpdf 4.05 and earlier, due to missing object type check in AcroForm field reference.
Impacted products
Vendor Product Version
Xpdf Xpdf Version: 0
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:xpdf:xpdf:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "xpdf",
            "vendor": "xpdf",
            "versions": [
              {
                "lessThanOrEqual": "4.05",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-4976",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-16T18:50:15.005590Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-06T19:54:06.311Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:55:10.484Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.xpdfreader.com/security-bug/CVE-2024-4976.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "all"
          ],
          "product": "Xpdf",
          "vendor": "Xpdf",
          "versions": [
            {
              "lessThanOrEqual": "4.05",
              "status": "affected",
              "version": "0",
              "versionType": "version"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Vladislav Shevchenko (HSE university, Moscow)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Out-of-bounds array write in Xpdf 4.05 and earlier, due to missing object type check in AcroForm field reference.\u003cbr\u003e"
            }
          ],
          "value": "Out-of-bounds array write in Xpdf 4.05 and earlier, due to missing object type check in AcroForm field reference."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 2.1,
            "baseSeverity": "LOW",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "LOW",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-15T20:34:24.716Z",
        "orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924",
        "shortName": "GandC"
      },
      "references": [
        {
          "url": "https://www.xpdfreader.com/security-bug/CVE-2024-4976.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Out-of-bounds array write in Xpdf 4.05 due to missing object type check",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924",
    "assignerShortName": "GandC",
    "cveId": "CVE-2024-4976",
    "datePublished": "2024-05-15T20:34:24.716Z",
    "dateReserved": "2024-05-15T20:23:00.257Z",
    "dateUpdated": "2024-08-01T20:55:10.484Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-2097 (GCVE-0-2005-2097)
Vulnerability from cvelistv5
Published
2005-08-16 04:00
Modified
2024-08-07 22:15
Severity ?
CWE
  • n/a
Summary
xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temporary file to be created when xpdf attempts to reconstruct the information.
References
http://www.redhat.com/support/errata/RHSA-2005-706.html vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/17277 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2005-671.html vendor-advisory, x_refsource_REDHAT
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10280 vdb-entry, signature, x_refsource_OVAL
http://www.debian.org/security/2006/dsa-1136 vendor-advisory, x_refsource_DEBIAN
http://www.mandriva.com/security/advisories?name=MDKSA-2005:138 vendor-advisory, x_refsource_MANDRIVA
http://www.novell.com/linux/security/advisories/2005_19_sr.html vendor-advisory, x_refsource_SUSE
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 vendor-advisory, x_refsource_SUNALERT
http://secunia.com/advisories/18398 third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/427053/100/0/threaded vendor-advisory, x_refsource_FEDORA
http://www.debian.org/security/2006/dsa-936 vendor-advisory, x_refsource_DEBIAN
https://usn.ubuntu.com/163-1/ vendor-advisory, x_refsource_UBUNTU
http://www.vupen.com/english/advisories/2007/2280 vdb-entry, x_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2005-670.html vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/18407 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/25729 third-party-advisory, x_refsource_SECUNIA
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt vendor-advisory, x_refsource_SCO
http://www.debian.org/security/2005/dsa-780 vendor-advisory, x_refsource_DEBIAN
http://www.securityfocus.com/bid/14529 vdb-entry, x_refsource_BID
http://www.securityfocus.com/archive/1/427990/100/0/threaded vendor-advisory, x_refsource_FEDORA
http://www.redhat.com/support/errata/RHSA-2005-708.html vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/21339 third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T22:15:37.381Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2005:706",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-706.html"
          },
          {
            "name": "17277",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17277"
          },
          {
            "name": "RHSA-2005:671",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-671.html"
          },
          {
            "name": "oval:org.mitre.oval:def:10280",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10280"
          },
          {
            "name": "DSA-1136",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1136"
          },
          {
            "name": "MDKSA-2005:138",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:138"
          },
          {
            "name": "SUSE-SR:2005:019",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
          },
          {
            "name": "102972",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
          },
          {
            "name": "18398",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18398"
          },
          {
            "name": "FLSA-2006:176751",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
          },
          {
            "name": "DSA-936",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-936"
          },
          {
            "name": "USN-163-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/163-1/"
          },
          {
            "name": "ADV-2007-2280",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2280"
          },
          {
            "name": "RHSA-2005:670",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-670.html"
          },
          {
            "name": "18407",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18407"
          },
          {
            "name": "25729",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25729"
          },
          {
            "name": "SCOSA-2005.42",
            "tags": [
              "vendor-advisory",
              "x_refsource_SCO",
              "x_transferred"
            ],
            "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt"
          },
          {
            "name": "DSA-780",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-780"
          },
          {
            "name": "14529",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/14529"
          },
          {
            "name": "FLSA:175404",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
          },
          {
            "name": "RHSA-2005:708",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-708.html"
          },
          {
            "name": "21339",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21339"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-08-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "xpdf and kpdf do not properly validate the \"loca\" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a \"broken\" loca table, which causes a large temporary file to be created when xpdf attempts to reconstruct the information."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2005:706",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-706.html"
        },
        {
          "name": "17277",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17277"
        },
        {
          "name": "RHSA-2005:671",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-671.html"
        },
        {
          "name": "oval:org.mitre.oval:def:10280",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10280"
        },
        {
          "name": "DSA-1136",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1136"
        },
        {
          "name": "MDKSA-2005:138",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:138"
        },
        {
          "name": "SUSE-SR:2005:019",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
        },
        {
          "name": "102972",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
        },
        {
          "name": "18398",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18398"
        },
        {
          "name": "FLSA-2006:176751",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
        },
        {
          "name": "DSA-936",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-936"
        },
        {
          "name": "USN-163-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/163-1/"
        },
        {
          "name": "ADV-2007-2280",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2280"
        },
        {
          "name": "RHSA-2005:670",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-670.html"
        },
        {
          "name": "18407",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18407"
        },
        {
          "name": "25729",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25729"
        },
        {
          "name": "SCOSA-2005.42",
          "tags": [
            "vendor-advisory",
            "x_refsource_SCO"
          ],
          "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt"
        },
        {
          "name": "DSA-780",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-780"
        },
        {
          "name": "14529",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/14529"
        },
        {
          "name": "FLSA:175404",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
        },
        {
          "name": "RHSA-2005:708",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-708.html"
        },
        {
          "name": "21339",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21339"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2005-2097",
    "datePublished": "2005-08-16T04:00:00",
    "dateReserved": "2005-06-30T00:00:00",
    "dateUpdated": "2024-08-07T22:15:37.381Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-3626 (GCVE-0-2005-3626)
Vulnerability from cvelistv5
Published
2006-01-06 22:00
Modified
2024-08-07 23:17
Severity ?
CWE
  • n/a
Summary
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
References
http://www.securityfocus.com/bid/16143 vdb-entry, x_refsource_BID
http://www.debian.org/security/2005/dsa-932 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18349 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18147 third-party-advisory, x_refsource_SECUNIA
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt vendor-advisory, x_refsource_SCO
http://scary.beasts.org/security/CESA-2005-003.txt x_refsource_MISC
http://www.kde.org/info/security/advisory-20051207-2.txt x_refsource_CONFIRM
http://secunia.com/advisories/18679 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18312 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18644 third-party-advisory, x_refsource_SECUNIA
https://usn.ubuntu.com/236-1/ vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/18425 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18373 third-party-advisory, x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992 vdb-entry, signature, x_refsource_OVAL
http://secunia.com/advisories/18303 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-931 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18554 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:003 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/19230 third-party-advisory, x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 vendor-advisory, x_refsource_SUNALERT
http://www.mandriva.com/security/advisories?name=MDKSA-2006:012 vendor-advisory, x_refsource_MANDRIVA
http://www.debian.org/security/2006/dsa-962 vendor-advisory, x_refsource_DEBIAN
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2006-0163.html vendor-advisory, x_refsource_REDHAT
http://www.debian.org/security/2005/dsa-937 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18398 third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/427053/100/0/threaded vendor-advisory, x_refsource_FEDORA
http://www.trustix.org/errata/2006/0002/ vendor-advisory, x_refsource_TRUSTIX
http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html vendor-advisory, x_refsource_SUSE
http://www.debian.org/security/2006/dsa-936 vendor-advisory, x_refsource_DEBIAN
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/18329 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18463 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18642 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18674 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:005 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/18313 third-party-advisory, x_refsource_SECUNIA
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U vendor-advisory, x_refsource_SGI
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U vendor-advisory, x_refsource_SGI
http://secunia.com/advisories/18448 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18436 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18428 third-party-advisory, x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/24026 vdb-entry, x_refsource_XF
http://secunia.com/advisories/18380 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18423 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18416 third-party-advisory, x_refsource_SECUNIA
http://rhn.redhat.com/errata/RHSA-2006-0177.html vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2007/2280 vdb-entry, x_refsource_VUPEN
http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml vendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/18335 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18407 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18332 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18517 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18582 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18534 third-party-advisory, x_refsource_SECUNIA
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 vendor-advisory, x_refsource_SLACKWARE
http://secunia.com/advisories/18908 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html x_refsource_CONFIRM
http://secunia.com/advisories/25729 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18414 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:006 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/18338 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:008 vendor-advisory, x_refsource_MANDRIVA
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U vendor-advisory, x_refsource_SGI
http://www.redhat.com/support/errata/RHSA-2006-0160.html vendor-advisory, x_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 vendor-advisory, x_refsource_MANDRAKE
http://www.debian.org/security/2005/dsa-940 vendor-advisory, x_refsource_DEBIAN
http://www.mandriva.com/security/advisories?name=MDKSA-2006:004 vendor-advisory, x_refsource_MANDRIVA
http://www.vupen.com/english/advisories/2006/0047 vdb-entry, x_refsource_VUPEN
http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml vendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/18389 third-party-advisory, x_refsource_SECUNIA
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 vendor-advisory, x_refsource_SLACKWARE
http://secunia.com/advisories/19377 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html vendor-advisory, x_refsource_FEDORA
http://www.securityfocus.com/archive/1/427990/100/0/threaded vendor-advisory, x_refsource_FEDORA
http://www.debian.org/security/2006/dsa-961 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18675 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18913 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-938 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18334 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18375 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2006/dsa-950 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18387 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/18385 third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:17:23.446Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "16143",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16143"
          },
          {
            "name": "DSA-932",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-932"
          },
          {
            "name": "18349",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18349"
          },
          {
            "name": "18147",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18147"
          },
          {
            "name": "SCOSA-2006.15",
            "tags": [
              "vendor-advisory",
              "x_refsource_SCO",
              "x_transferred"
            ],
            "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
          },
          {
            "name": "18679",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18679"
          },
          {
            "name": "18312",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18312"
          },
          {
            "name": "18644",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18644"
          },
          {
            "name": "USN-236-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/236-1/"
          },
          {
            "name": "18425",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18425"
          },
          {
            "name": "18373",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18373"
          },
          {
            "name": "oval:org.mitre.oval:def:9992",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992"
          },
          {
            "name": "18303",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18303"
          },
          {
            "name": "DSA-931",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-931"
          },
          {
            "name": "18554",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18554"
          },
          {
            "name": "MDKSA-2006:003",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
          },
          {
            "name": "19230",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19230"
          },
          {
            "name": "102972",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
          },
          {
            "name": "MDKSA-2006:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
          },
          {
            "name": "DSA-962",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-962"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
          },
          {
            "name": "RHSA-2006:0163",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
          },
          {
            "name": "DSA-937",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-937"
          },
          {
            "name": "18398",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18398"
          },
          {
            "name": "FLSA-2006:176751",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
          },
          {
            "name": "2006-0002",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2006/0002/"
          },
          {
            "name": "SUSE-SA:2006:001",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
          },
          {
            "name": "DSA-936",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-936"
          },
          {
            "name": "FEDORA-2005-026",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
          },
          {
            "name": "18329",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18329"
          },
          {
            "name": "18463",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18463"
          },
          {
            "name": "18642",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18642"
          },
          {
            "name": "18674",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18674"
          },
          {
            "name": "MDKSA-2006:005",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
          },
          {
            "name": "18313",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18313"
          },
          {
            "name": "20051201-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
          },
          {
            "name": "20060101-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
          },
          {
            "name": "18448",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18448"
          },
          {
            "name": "18436",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18436"
          },
          {
            "name": "18428",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18428"
          },
          {
            "name": "xpdf-flatedecode-dos(24026)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026"
          },
          {
            "name": "18380",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18380"
          },
          {
            "name": "18423",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18423"
          },
          {
            "name": "18416",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18416"
          },
          {
            "name": "RHSA-2006:0177",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
          },
          {
            "name": "ADV-2007-2280",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2280"
          },
          {
            "name": "GLSA-200601-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
          },
          {
            "name": "18335",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18335"
          },
          {
            "name": "18407",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18407"
          },
          {
            "name": "18332",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18332"
          },
          {
            "name": "18517",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18517"
          },
          {
            "name": "18582",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18582"
          },
          {
            "name": "18534",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18534"
          },
          {
            "name": "SSA:2006-045-09",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
          },
          {
            "name": "18908",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18908"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
          },
          {
            "name": "25729",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25729"
          },
          {
            "name": "18414",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18414"
          },
          {
            "name": "MDKSA-2006:006",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
          },
          {
            "name": "18338",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18338"
          },
          {
            "name": "MDKSA-2006:008",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
          },
          {
            "name": "20060201-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
          },
          {
            "name": "RHSA-2006:0160",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
          },
          {
            "name": "MDKSA-2006:010",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
          },
          {
            "name": "DSA-940",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-940"
          },
          {
            "name": "MDKSA-2006:004",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
          },
          {
            "name": "ADV-2006-0047",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0047"
          },
          {
            "name": "GLSA-200601-17",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
          },
          {
            "name": "18389",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18389"
          },
          {
            "name": "SSA:2006-045-04",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
          },
          {
            "name": "19377",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19377"
          },
          {
            "name": "FEDORA-2005-025",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
          },
          {
            "name": "FLSA:175404",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
          },
          {
            "name": "DSA-961",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-961"
          },
          {
            "name": "18675",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18675"
          },
          {
            "name": "18913",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18913"
          },
          {
            "name": "DSA-938",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-938"
          },
          {
            "name": "18334",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18334"
          },
          {
            "name": "18375",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18375"
          },
          {
            "name": "DSA-950",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-950"
          },
          {
            "name": "18387",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18387"
          },
          {
            "name": "MDKSA-2006:011",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
          },
          {
            "name": "18385",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18385"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-01-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "16143",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16143"
        },
        {
          "name": "DSA-932",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-932"
        },
        {
          "name": "18349",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18349"
        },
        {
          "name": "18147",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18147"
        },
        {
          "name": "SCOSA-2006.15",
          "tags": [
            "vendor-advisory",
            "x_refsource_SCO"
          ],
          "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
        },
        {
          "name": "18679",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18679"
        },
        {
          "name": "18312",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18312"
        },
        {
          "name": "18644",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18644"
        },
        {
          "name": "USN-236-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/236-1/"
        },
        {
          "name": "18425",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18425"
        },
        {
          "name": "18373",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18373"
        },
        {
          "name": "oval:org.mitre.oval:def:9992",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992"
        },
        {
          "name": "18303",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18303"
        },
        {
          "name": "DSA-931",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-931"
        },
        {
          "name": "18554",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18554"
        },
        {
          "name": "MDKSA-2006:003",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
        },
        {
          "name": "19230",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19230"
        },
        {
          "name": "102972",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
        },
        {
          "name": "MDKSA-2006:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
        },
        {
          "name": "DSA-962",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-962"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
        },
        {
          "name": "RHSA-2006:0163",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
        },
        {
          "name": "DSA-937",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-937"
        },
        {
          "name": "18398",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18398"
        },
        {
          "name": "FLSA-2006:176751",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
        },
        {
          "name": "2006-0002",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2006/0002/"
        },
        {
          "name": "SUSE-SA:2006:001",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
        },
        {
          "name": "DSA-936",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-936"
        },
        {
          "name": "FEDORA-2005-026",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
        },
        {
          "name": "18329",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18329"
        },
        {
          "name": "18463",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18463"
        },
        {
          "name": "18642",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18642"
        },
        {
          "name": "18674",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18674"
        },
        {
          "name": "MDKSA-2006:005",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
        },
        {
          "name": "18313",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18313"
        },
        {
          "name": "20051201-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
        },
        {
          "name": "20060101-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
        },
        {
          "name": "18448",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18448"
        },
        {
          "name": "18436",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18436"
        },
        {
          "name": "18428",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18428"
        },
        {
          "name": "xpdf-flatedecode-dos(24026)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026"
        },
        {
          "name": "18380",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18380"
        },
        {
          "name": "18423",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18423"
        },
        {
          "name": "18416",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18416"
        },
        {
          "name": "RHSA-2006:0177",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
        },
        {
          "name": "ADV-2007-2280",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2280"
        },
        {
          "name": "GLSA-200601-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
        },
        {
          "name": "18335",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18335"
        },
        {
          "name": "18407",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18407"
        },
        {
          "name": "18332",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18332"
        },
        {
          "name": "18517",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18517"
        },
        {
          "name": "18582",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18582"
        },
        {
          "name": "18534",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18534"
        },
        {
          "name": "SSA:2006-045-09",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
        },
        {
          "name": "18908",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18908"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
        },
        {
          "name": "25729",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25729"
        },
        {
          "name": "18414",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18414"
        },
        {
          "name": "MDKSA-2006:006",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
        },
        {
          "name": "18338",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18338"
        },
        {
          "name": "MDKSA-2006:008",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
        },
        {
          "name": "20060201-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
        },
        {
          "name": "RHSA-2006:0160",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
        },
        {
          "name": "MDKSA-2006:010",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
        },
        {
          "name": "DSA-940",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-940"
        },
        {
          "name": "MDKSA-2006:004",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
        },
        {
          "name": "ADV-2006-0047",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0047"
        },
        {
          "name": "GLSA-200601-17",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
        },
        {
          "name": "18389",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18389"
        },
        {
          "name": "SSA:2006-045-04",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
        },
        {
          "name": "19377",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19377"
        },
        {
          "name": "FEDORA-2005-025",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
        },
        {
          "name": "FLSA:175404",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
        },
        {
          "name": "DSA-961",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-961"
        },
        {
          "name": "18675",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18675"
        },
        {
          "name": "18913",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18913"
        },
        {
          "name": "DSA-938",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-938"
        },
        {
          "name": "18334",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18334"
        },
        {
          "name": "18375",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18375"
        },
        {
          "name": "DSA-950",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-950"
        },
        {
          "name": "18387",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18387"
        },
        {
          "name": "MDKSA-2006:011",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
        },
        {
          "name": "18385",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18385"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2005-3626",
    "datePublished": "2006-01-06T22:00:00",
    "dateReserved": "2005-11-16T00:00:00",
    "dateUpdated": "2024-08-07T23:17:23.446Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2004-0888 (GCVE-0-2004-0888)
Vulnerability from cvelistv5
Published
2004-10-26 04:00
Modified
2024-08-08 00:31
Severity ?
CWE
  • n/a
Summary
Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889.
References
http://www.redhat.com/support/errata/RHSA-2004-592.html vendor-advisory, x_refsource_REDHAT
http://www.securityfocus.com/bid/11501 vdb-entry, x_refsource_BID
http://www.redhat.com/support/errata/RHSA-2005-066.html vendor-advisory, x_refsource_REDHAT
https://www.ubuntu.com/usn/usn-9-1/ vendor-advisory, x_refsource_UBUNTU
http://www.mandriva.com/security/advisories?name=MDKSA-2004:113 vendor-advisory, x_refsource_MANDRAKE
http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml vendor-advisory, x_refsource_GENTOO
http://www.debian.org/security/2004/dsa-581 vendor-advisory, x_refsource_DEBIAN
http://www.debian.org/security/2004/dsa-573 vendor-advisory, x_refsource_DEBIAN
https://bugzilla.fedora.us/show_bug.cgi?id=2353 vendor-advisory, x_refsource_FEDORA
http://www.mandriva.com/security/advisories?name=MDKSA-2004:116 vendor-advisory, x_refsource_MANDRAKE
http://www.debian.org/security/2004/dsa-599 vendor-advisory, x_refsource_DEBIAN
https://exchange.xforce.ibmcloud.com/vulnerabilities/17818 vdb-entry, x_refsource_XF
http://www.redhat.com/support/errata/RHSA-2005-354.html vendor-advisory, x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2004-543.html vendor-advisory, x_refsource_REDHAT
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9714 vdb-entry, signature, x_refsource_OVAL
http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000886 vendor-advisory, x_refsource_CONECTIVA
http://www.mandriva.com/security/advisories?name=MDKSA-2004:114 vendor-advisory, x_refsource_MANDRAKE
http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml vendor-advisory, x_refsource_GENTOO
http://www.mandriva.com/security/advisories?name=MDKSA-2004:115 vendor-advisory, x_refsource_MANDRAKE
http://marc.info/?l=bugtraq&m=109880927526773&w=2 vendor-advisory, x_refsource_SUSE
http://marc.info/?l=bugtraq&m=110815379627883&w=2 vendor-advisory, x_refsource_FEDORA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:31:47.615Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2004:592",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-592.html"
          },
          {
            "name": "11501",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/11501"
          },
          {
            "name": "RHSA-2005:066",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-066.html"
          },
          {
            "name": "USN-9-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://www.ubuntu.com/usn/usn-9-1/"
          },
          {
            "name": "MDKSA-2004:113",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113"
          },
          {
            "name": "GLSA-200410-20",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml"
          },
          {
            "name": "DSA-581",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-581"
          },
          {
            "name": "DSA-573",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-573"
          },
          {
            "name": "FLSA:2353",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353"
          },
          {
            "name": "MDKSA-2004:116",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:116"
          },
          {
            "name": "DSA-599",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-599"
          },
          {
            "name": "xpdf-pdf-bo(17818)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
          },
          {
            "name": "RHSA-2005:354",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
          },
          {
            "name": "RHSA-2004:543",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-543.html"
          },
          {
            "name": "oval:org.mitre.oval:def:9714",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9714"
          },
          {
            "name": "CLA-2004:886",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000886"
          },
          {
            "name": "MDKSA-2004:114",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:114"
          },
          {
            "name": "GLSA-200410-30",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml"
          },
          {
            "name": "MDKSA-2004:115",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:115"
          },
          {
            "name": "SUSE-SA:2004:039",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2"
          },
          {
            "name": "FLSA:2352",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=110815379627883\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-10-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2004:592",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-592.html"
        },
        {
          "name": "11501",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/11501"
        },
        {
          "name": "RHSA-2005:066",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-066.html"
        },
        {
          "name": "USN-9-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://www.ubuntu.com/usn/usn-9-1/"
        },
        {
          "name": "MDKSA-2004:113",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113"
        },
        {
          "name": "GLSA-200410-20",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml"
        },
        {
          "name": "DSA-581",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-581"
        },
        {
          "name": "DSA-573",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-573"
        },
        {
          "name": "FLSA:2353",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353"
        },
        {
          "name": "MDKSA-2004:116",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:116"
        },
        {
          "name": "DSA-599",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-599"
        },
        {
          "name": "xpdf-pdf-bo(17818)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
        },
        {
          "name": "RHSA-2005:354",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
        },
        {
          "name": "RHSA-2004:543",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-543.html"
        },
        {
          "name": "oval:org.mitre.oval:def:9714",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9714"
        },
        {
          "name": "CLA-2004:886",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000886"
        },
        {
          "name": "MDKSA-2004:114",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:114"
        },
        {
          "name": "GLSA-200410-30",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml"
        },
        {
          "name": "MDKSA-2004:115",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:115"
        },
        {
          "name": "SUSE-SA:2004:039",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2"
        },
        {
          "name": "FLSA:2352",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=110815379627883\u0026w=2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0888",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2004:592",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-592.html"
            },
            {
              "name": "11501",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/11501"
            },
            {
              "name": "RHSA-2005:066",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-066.html"
            },
            {
              "name": "USN-9-1",
              "refsource": "UBUNTU",
              "url": "https://www.ubuntu.com/usn/usn-9-1/"
            },
            {
              "name": "MDKSA-2004:113",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113"
            },
            {
              "name": "GLSA-200410-20",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml"
            },
            {
              "name": "DSA-581",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-581"
            },
            {
              "name": "DSA-573",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-573"
            },
            {
              "name": "FLSA:2353",
              "refsource": "FEDORA",
              "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353"
            },
            {
              "name": "MDKSA-2004:116",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:116"
            },
            {
              "name": "DSA-599",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-599"
            },
            {
              "name": "xpdf-pdf-bo(17818)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
            },
            {
              "name": "RHSA-2005:354",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
            },
            {
              "name": "RHSA-2004:543",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-543.html"
            },
            {
              "name": "oval:org.mitre.oval:def:9714",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9714"
            },
            {
              "name": "CLA-2004:886",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000886"
            },
            {
              "name": "MDKSA-2004:114",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:114"
            },
            {
              "name": "GLSA-200410-30",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml"
            },
            {
              "name": "MDKSA-2004:115",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:115"
            },
            {
              "name": "SUSE-SA:2004:039",
              "refsource": "SUSE",
              "url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2"
            },
            {
              "name": "FLSA:2352",
              "refsource": "FEDORA",
              "url": "http://marc.info/?l=bugtraq\u0026m=110815379627883\u0026w=2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0888",
    "datePublished": "2004-10-26T04:00:00",
    "dateReserved": "2004-09-22T00:00:00",
    "dateUpdated": "2024-08-08T00:31:47.615Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-2971 (GCVE-0-2024-2971)
Vulnerability from cvelistv5
Published
2024-03-26 21:31
Modified
2024-08-06 15:22
CWE
Summary
Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by negative object number in indirect reference in the input PDF file.
Impacted products
Vendor Product Version
Xpdf Xpdf Version: 0
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T19:32:42.482Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.xpdfreader.com/security-bug/CVE-2024-2971.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-2971",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-06T15:22:09.869348Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-06T15:22:59.533Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "all"
          ],
          "product": "Xpdf",
          "vendor": "Xpdf",
          "versions": [
            {
              "lessThanOrEqual": "4.05",
              "status": "affected",
              "version": "0",
              "versionType": "Version"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Song Jiaxuan (Huazhong University of Science and Technology)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003eOut-of-bounds array write in Xpdf 4.05 and earlier, triggered by negative object number in indirect reference in the input PDF file.\u003c/div\u003e"
            }
          ],
          "value": "Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by negative object number in indirect reference in the input PDF file.\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 2.9,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787: Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-26T21:31:43.511Z",
        "orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924",
        "shortName": "GandC"
      },
      "references": [
        {
          "url": "https://www.xpdfreader.com/security-bug/CVE-2024-2971.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Out-of-bounds array access due to negative object numbers in indirect references in Xpdf 4.05",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924",
    "assignerShortName": "GandC",
    "cveId": "CVE-2024-2971",
    "datePublished": "2024-03-26T21:31:43.511Z",
    "dateReserved": "2024-03-26T21:14:56.706Z",
    "dateUpdated": "2024-08-06T15:22:59.533Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-4141 (GCVE-0-2024-4141)
Vulnerability from cvelistv5
Published
2024-04-24 18:36
Modified
2024-08-01 20:33
CWE
Summary
Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid character code in a Type 1 font. The root problem was a bounds check that was being optimized away by modern compilers.
Impacted products
Vendor Product Version
Xpdf Xpdf Version: 0
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:xpdf:xpdf:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "xpdf",
            "vendor": "xpdf",
            "versions": [
              {
                "lessThan": "4.05",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-4141",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-25T18:19:02.469803Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:54:17.039Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:33:52.612Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.xpdfreader.com/security-bug/CVE-2024-4141.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "all"
          ],
          "product": "Xpdf",
          "vendor": "Xpdf",
          "versions": [
            {
              "lessThan": "4.05",
              "status": "affected",
              "version": "0",
              "versionType": "version"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Wu JieCong"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid character code in a Type 1 font. The root problem was a bounds check that was being optimized away by modern compilers.\u003cbr\u003e"
            }
          ],
          "value": "Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid character code in a Type 1 font. The root problem was a bounds check that was being optimized away by modern compilers.\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 2.9,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-24T18:36:49.410Z",
        "orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924",
        "shortName": "GandC"
      },
      "references": [
        {
          "url": "https://www.xpdfreader.com/security-bug/CVE-2024-4141.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Out-of-bounds array write in Xpdf 4.05 due to incorrect bounds check",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924",
    "assignerShortName": "GandC",
    "cveId": "CVE-2024-4141",
    "datePublished": "2024-04-24T18:36:49.410Z",
    "dateReserved": "2024-04-24T18:24:52.705Z",
    "dateUpdated": "2024-08-01T20:33:52.612Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2007-5393 (GCVE-0-2007-5393)
Vulnerability from cvelistv5
Published
2007-11-08 02:00
Modified
2024-08-07 15:31
Severity ?
CWE
  • n/a
Summary
Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter.
References
http://secunia.com/advisories/27579 third-party-advisory, x_refsource_SECUNIA
http://www.novell.com/linux/security/advisories/2007_60_pdf.html vendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/27632 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27743 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2007:222 vendor-advisory, x_refsource_MANDRIVA
http://www.vupen.com/english/advisories/2007/3774 vdb-entry, x_refsource_VUPEN
https://exchange.xforce.ibmcloud.com/vulnerabilities/38304 vdb-entry, x_refsource_XF
http://secunia.com/advisories/27260 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27856 third-party-advisory, x_refsource_SECUNIA
http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html x_refsource_CONFIRM
http://secunia.com/advisories/27636 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/29604 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2007:223 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/27721 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27724 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/3776 vdb-entry, x_refsource_VUPEN
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/27577 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/29104 third-party-advisory, x_refsource_SECUNIA
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html vendor-advisory, x_refsource_FEDORA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9839 vdb-entry, signature, x_refsource_OVAL
http://secunia.com/advisories/27618 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27642 third-party-advisory, x_refsource_SECUNIA
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/27656 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/secunia_research/2007-88/advisory/ x_refsource_MISC
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html vendor-advisory, x_refsource_FEDORA
http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2007-1026.html vendor-advisory, x_refsource_REDHAT
http://www.debian.org/security/2008/dsa-1509 vendor-advisory, x_refsource_DEBIAN
http://www.redhat.com/support/errata/RHSA-2007-1022.html vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/27573 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2007-1029.html vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/27641 third-party-advisory, x_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200805-13.xml vendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/28812 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2008/dsa-1537 vendor-advisory, x_refsource_DEBIAN
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html vendor-advisory, x_refsource_FEDORA
http://www.redhat.com/support/errata/RHSA-2007-1031.html vendor-advisory, x_refsource_REDHAT
http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm x_refsource_CONFIRM
http://secunia.com/advisories/27772 third-party-advisory, x_refsource_SECUNIA
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882 vendor-advisory, x_refsource_SLACKWARE
http://www.securityfocus.com/bid/26367 vdb-entry, x_refsource_BID
http://secunia.com/advisories/27615 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2007-1021.html vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2007/3786 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/27645 third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/483372 mailing-list, x_refsource_BUGTRAQ
http://secunia.com/advisories/30168 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27574 third-party-advisory, x_refsource_SECUNIA
https://issues.rpath.com/browse/RPL-1926 x_refsource_CONFIRM
http://secunia.com/advisories/26503 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2007:219 vendor-advisory, x_refsource_MANDRIVA
http://www.debian.org/security/2008/dsa-1480 vendor-advisory, x_refsource_DEBIAN
http://security.gentoo.org/glsa/glsa-200711-22.xml vendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/27634 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2007:227 vendor-advisory, x_refsource_MANDRIVA
http://www.kde.org/info/security/advisory-20071107-1.txt x_refsource_CONFIRM
http://secunia.com/advisories/28043 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27619 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2007:220 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/27705 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27578 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27640 third-party-advisory, x_refsource_SECUNIA
http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2007-1023.html vendor-advisory, x_refsource_REDHAT
http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html x_refsource_CONFIRM
http://secunia.com/advisories/27718 third-party-advisory, x_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200711-34.xml vendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/27599 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27575 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2007-1028.html vendor-advisory, x_refsource_REDHAT
http://www.securitytracker.com/id?1018905 vdb-entry, x_refsource_SECTRACK
http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html x_refsource_CONFIRM
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html vendor-advisory, x_refsource_FEDORA
http://www.mandriva.com/security/advisories?name=MDKSA-2007:228 vendor-advisory, x_refsource_MANDRIVA
http://www.vupen.com/english/advisories/2007/3775 vdb-entry, x_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2007-1027.html vendor-advisory, x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2007-1030.html vendor-advisory, x_refsource_REDHAT
http://www.ubuntu.com/usn/usn-542-1 vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/27658 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2007-1024.html vendor-advisory, x_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDKSA-2007:230 vendor-advisory, x_refsource_MANDRIVA
http://www.ubuntu.com/usn/usn-542-2 vendor-advisory, x_refsource_UBUNTU
http://www.redhat.com/support/errata/RHSA-2007-1025.html vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2007/3779 vdb-entry, x_refsource_VUPEN
http://www.debian.org/security/2007/dsa-1408 vendor-advisory, x_refsource_DEBIAN
http://www.redhat.com/support/errata/RHSA-2007-1051.html vendor-advisory, x_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDKSA-2007:221 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/27553 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27637 third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:31:58.116Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "27579",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27579"
          },
          {
            "name": "SUSE-SA:2007:060",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_60_pdf.html"
          },
          {
            "name": "27632",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27632"
          },
          {
            "name": "27743",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27743"
          },
          {
            "name": "MDKSA-2007:222",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:222"
          },
          {
            "name": "ADV-2007-3774",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3774"
          },
          {
            "name": "xpdf-ccittfaxstreamlookchar-bo(38304)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38304"
          },
          {
            "name": "27260",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27260"
          },
          {
            "name": "27856",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27856"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html"
          },
          {
            "name": "27636",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27636"
          },
          {
            "name": "29604",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29604"
          },
          {
            "name": "MDKSA-2007:223",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:223"
          },
          {
            "name": "27721",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27721"
          },
          {
            "name": "27724",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27724"
          },
          {
            "name": "ADV-2007-3776",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3776"
          },
          {
            "name": "FEDORA-2007-3059",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html"
          },
          {
            "name": "27577",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27577"
          },
          {
            "name": "29104",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29104"
          },
          {
            "name": "FEDORA-2007-3031",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html"
          },
          {
            "name": "oval:org.mitre.oval:def:9839",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9839"
          },
          {
            "name": "27618",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27618"
          },
          {
            "name": "27642",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27642"
          },
          {
            "name": "FEDORA-2007-4031",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html"
          },
          {
            "name": "27656",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27656"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2007-88/advisory/"
          },
          {
            "name": "FEDORA-2007-3100",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html"
          },
          {
            "name": "RHSA-2007:1026",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1026.html"
          },
          {
            "name": "DSA-1509",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1509"
          },
          {
            "name": "RHSA-2007:1022",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html"
          },
          {
            "name": "27573",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27573"
          },
          {
            "name": "RHSA-2007:1029",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1029.html"
          },
          {
            "name": "27641",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27641"
          },
          {
            "name": "GLSA-200805-13",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml"
          },
          {
            "name": "28812",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28812"
          },
          {
            "name": "DSA-1537",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1537"
          },
          {
            "name": "FEDORA-2007-750",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html"
          },
          {
            "name": "RHSA-2007:1031",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1031.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm"
          },
          {
            "name": "27772",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27772"
          },
          {
            "name": "SSA:2007-316-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.761882"
          },
          {
            "name": "26367",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26367"
          },
          {
            "name": "27615",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27615"
          },
          {
            "name": "RHSA-2007:1021",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1021.html"
          },
          {
            "name": "ADV-2007-3786",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3786"
          },
          {
            "name": "27645",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27645"
          },
          {
            "name": "20071107 Secunia Research: Xpdf \"Stream.cc\" Multiple Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/483372"
          },
          {
            "name": "30168",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30168"
          },
          {
            "name": "27574",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27574"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1926"
          },
          {
            "name": "26503",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26503"
          },
          {
            "name": "MDKSA-2007:219",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:219"
          },
          {
            "name": "DSA-1480",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1480"
          },
          {
            "name": "GLSA-200711-22",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200711-22.xml"
          },
          {
            "name": "27634",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27634"
          },
          {
            "name": "MDKSA-2007:227",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:227"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kde.org/info/security/advisory-20071107-1.txt"
          },
          {
            "name": "28043",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28043"
          },
          {
            "name": "27619",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27619"
          },
          {
            "name": "MDKSA-2007:220",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:220"
          },
          {
            "name": "27705",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27705"
          },
          {
            "name": "27578",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27578"
          },
          {
            "name": "27640",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27640"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html"
          },
          {
            "name": "RHSA-2007:1023",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1023.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html"
          },
          {
            "name": "27718",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27718"
          },
          {
            "name": "GLSA-200711-34",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml"
          },
          {
            "name": "27599",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27599"
          },
          {
            "name": "27575",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27575"
          },
          {
            "name": "RHSA-2007:1028",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1028.html"
          },
          {
            "name": "1018905",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018905"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html"
          },
          {
            "name": "FEDORA-2007-3390",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html"
          },
          {
            "name": "MDKSA-2007:228",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:228"
          },
          {
            "name": "ADV-2007-3775",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3775"
          },
          {
            "name": "RHSA-2007:1027",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html"
          },
          {
            "name": "RHSA-2007:1030",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html"
          },
          {
            "name": "USN-542-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-542-1"
          },
          {
            "name": "27658",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27658"
          },
          {
            "name": "RHSA-2007:1024",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1024.html"
          },
          {
            "name": "MDKSA-2007:230",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230"
          },
          {
            "name": "USN-542-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-542-2"
          },
          {
            "name": "RHSA-2007:1025",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1025.html"
          },
          {
            "name": "ADV-2007-3779",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3779"
          },
          {
            "name": "DSA-1408",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2007/dsa-1408"
          },
          {
            "name": "RHSA-2007:1051",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1051.html"
          },
          {
            "name": "MDKSA-2007:221",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:221"
          },
          {
            "name": "27553",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27553"
          },
          {
            "name": "27637",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27637"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-11-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01",
        "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
        "shortName": "flexera"
      },
      "references": [
        {
          "name": "27579",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27579"
        },
        {
          "name": "SUSE-SA:2007:060",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_60_pdf.html"
        },
        {
          "name": "27632",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27632"
        },
        {
          "name": "27743",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27743"
        },
        {
          "name": "MDKSA-2007:222",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:222"
        },
        {
          "name": "ADV-2007-3774",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3774"
        },
        {
          "name": "xpdf-ccittfaxstreamlookchar-bo(38304)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38304"
        },
        {
          "name": "27260",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27260"
        },
        {
          "name": "27856",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27856"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html"
        },
        {
          "name": "27636",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27636"
        },
        {
          "name": "29604",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29604"
        },
        {
          "name": "MDKSA-2007:223",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:223"
        },
        {
          "name": "27721",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27721"
        },
        {
          "name": "27724",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27724"
        },
        {
          "name": "ADV-2007-3776",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3776"
        },
        {
          "name": "FEDORA-2007-3059",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html"
        },
        {
          "name": "27577",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27577"
        },
        {
          "name": "29104",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29104"
        },
        {
          "name": "FEDORA-2007-3031",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html"
        },
        {
          "name": "oval:org.mitre.oval:def:9839",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9839"
        },
        {
          "name": "27618",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27618"
        },
        {
          "name": "27642",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27642"
        },
        {
          "name": "FEDORA-2007-4031",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html"
        },
        {
          "name": "27656",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27656"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2007-88/advisory/"
        },
        {
          "name": "FEDORA-2007-3100",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html"
        },
        {
          "name": "RHSA-2007:1026",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1026.html"
        },
        {
          "name": "DSA-1509",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1509"
        },
        {
          "name": "RHSA-2007:1022",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html"
        },
        {
          "name": "27573",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27573"
        },
        {
          "name": "RHSA-2007:1029",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1029.html"
        },
        {
          "name": "27641",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27641"
        },
        {
          "name": "GLSA-200805-13",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml"
        },
        {
          "name": "28812",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28812"
        },
        {
          "name": "DSA-1537",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1537"
        },
        {
          "name": "FEDORA-2007-750",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html"
        },
        {
          "name": "RHSA-2007:1031",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1031.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm"
        },
        {
          "name": "27772",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27772"
        },
        {
          "name": "SSA:2007-316-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.761882"
        },
        {
          "name": "26367",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26367"
        },
        {
          "name": "27615",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27615"
        },
        {
          "name": "RHSA-2007:1021",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1021.html"
        },
        {
          "name": "ADV-2007-3786",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3786"
        },
        {
          "name": "27645",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27645"
        },
        {
          "name": "20071107 Secunia Research: Xpdf \"Stream.cc\" Multiple Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/483372"
        },
        {
          "name": "30168",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30168"
        },
        {
          "name": "27574",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27574"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1926"
        },
        {
          "name": "26503",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26503"
        },
        {
          "name": "MDKSA-2007:219",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:219"
        },
        {
          "name": "DSA-1480",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1480"
        },
        {
          "name": "GLSA-200711-22",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200711-22.xml"
        },
        {
          "name": "27634",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27634"
        },
        {
          "name": "MDKSA-2007:227",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:227"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kde.org/info/security/advisory-20071107-1.txt"
        },
        {
          "name": "28043",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28043"
        },
        {
          "name": "27619",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27619"
        },
        {
          "name": "MDKSA-2007:220",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:220"
        },
        {
          "name": "27705",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27705"
        },
        {
          "name": "27578",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27578"
        },
        {
          "name": "27640",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27640"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html"
        },
        {
          "name": "RHSA-2007:1023",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1023.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html"
        },
        {
          "name": "27718",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27718"
        },
        {
          "name": "GLSA-200711-34",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml"
        },
        {
          "name": "27599",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27599"
        },
        {
          "name": "27575",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27575"
        },
        {
          "name": "RHSA-2007:1028",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1028.html"
        },
        {
          "name": "1018905",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018905"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html"
        },
        {
          "name": "FEDORA-2007-3390",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html"
        },
        {
          "name": "MDKSA-2007:228",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:228"
        },
        {
          "name": "ADV-2007-3775",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3775"
        },
        {
          "name": "RHSA-2007:1027",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html"
        },
        {
          "name": "RHSA-2007:1030",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html"
        },
        {
          "name": "USN-542-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-542-1"
        },
        {
          "name": "27658",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27658"
        },
        {
          "name": "RHSA-2007:1024",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1024.html"
        },
        {
          "name": "MDKSA-2007:230",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230"
        },
        {
          "name": "USN-542-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-542-2"
        },
        {
          "name": "RHSA-2007:1025",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1025.html"
        },
        {
          "name": "ADV-2007-3779",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3779"
        },
        {
          "name": "DSA-1408",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2007/dsa-1408"
        },
        {
          "name": "RHSA-2007:1051",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1051.html"
        },
        {
          "name": "MDKSA-2007:221",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:221"
        },
        {
          "name": "27553",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27553"
        },
        {
          "name": "27637",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27637"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
          "ID": "CVE-2007-5393",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "27579",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27579"
            },
            {
              "name": "SUSE-SA:2007:060",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2007_60_pdf.html"
            },
            {
              "name": "27632",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27632"
            },
            {
              "name": "27743",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27743"
            },
            {
              "name": "MDKSA-2007:222",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:222"
            },
            {
              "name": "ADV-2007-3774",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3774"
            },
            {
              "name": "xpdf-ccittfaxstreamlookchar-bo(38304)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38304"
            },
            {
              "name": "27260",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27260"
            },
            {
              "name": "27856",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27856"
            },
            {
              "name": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html",
              "refsource": "CONFIRM",
              "url": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html"
            },
            {
              "name": "27636",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27636"
            },
            {
              "name": "29604",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29604"
            },
            {
              "name": "MDKSA-2007:223",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:223"
            },
            {
              "name": "27721",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27721"
            },
            {
              "name": "27724",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27724"
            },
            {
              "name": "ADV-2007-3776",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3776"
            },
            {
              "name": "FEDORA-2007-3059",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html"
            },
            {
              "name": "27577",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27577"
            },
            {
              "name": "29104",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29104"
            },
            {
              "name": "FEDORA-2007-3031",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html"
            },
            {
              "name": "oval:org.mitre.oval:def:9839",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9839"
            },
            {
              "name": "27618",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27618"
            },
            {
              "name": "27642",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27642"
            },
            {
              "name": "FEDORA-2007-4031",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html"
            },
            {
              "name": "27656",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27656"
            },
            {
              "name": "http://secunia.com/secunia_research/2007-88/advisory/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2007-88/advisory/"
            },
            {
              "name": "FEDORA-2007-3100",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html"
            },
            {
              "name": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html",
              "refsource": "CONFIRM",
              "url": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html"
            },
            {
              "name": "RHSA-2007:1026",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1026.html"
            },
            {
              "name": "DSA-1509",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2008/dsa-1509"
            },
            {
              "name": "RHSA-2007:1022",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html"
            },
            {
              "name": "27573",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27573"
            },
            {
              "name": "RHSA-2007:1029",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1029.html"
            },
            {
              "name": "27641",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27641"
            },
            {
              "name": "GLSA-200805-13",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml"
            },
            {
              "name": "28812",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28812"
            },
            {
              "name": "DSA-1537",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2008/dsa-1537"
            },
            {
              "name": "FEDORA-2007-750",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html"
            },
            {
              "name": "RHSA-2007:1031",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1031.html"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm",
              "refsource": "CONFIRM",
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm"
            },
            {
              "name": "27772",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27772"
            },
            {
              "name": "SSA:2007-316-01",
              "refsource": "SLACKWARE",
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.761882"
            },
            {
              "name": "26367",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26367"
            },
            {
              "name": "27615",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27615"
            },
            {
              "name": "RHSA-2007:1021",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1021.html"
            },
            {
              "name": "ADV-2007-3786",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3786"
            },
            {
              "name": "27645",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27645"
            },
            {
              "name": "20071107 Secunia Research: Xpdf \"Stream.cc\" Multiple Vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/483372"
            },
            {
              "name": "30168",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30168"
            },
            {
              "name": "27574",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27574"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1926",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-1926"
            },
            {
              "name": "26503",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26503"
            },
            {
              "name": "MDKSA-2007:219",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:219"
            },
            {
              "name": "DSA-1480",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2008/dsa-1480"
            },
            {
              "name": "GLSA-200711-22",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200711-22.xml"
            },
            {
              "name": "27634",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27634"
            },
            {
              "name": "MDKSA-2007:227",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:227"
            },
            {
              "name": "http://www.kde.org/info/security/advisory-20071107-1.txt",
              "refsource": "CONFIRM",
              "url": "http://www.kde.org/info/security/advisory-20071107-1.txt"
            },
            {
              "name": "28043",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28043"
            },
            {
              "name": "27619",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27619"
            },
            {
              "name": "MDKSA-2007:220",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:220"
            },
            {
              "name": "27705",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27705"
            },
            {
              "name": "27578",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27578"
            },
            {
              "name": "27640",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27640"
            },
            {
              "name": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html",
              "refsource": "CONFIRM",
              "url": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html"
            },
            {
              "name": "RHSA-2007:1023",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1023.html"
            },
            {
              "name": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html",
              "refsource": "CONFIRM",
              "url": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html"
            },
            {
              "name": "27718",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27718"
            },
            {
              "name": "GLSA-200711-34",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml"
            },
            {
              "name": "27599",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27599"
            },
            {
              "name": "27575",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27575"
            },
            {
              "name": "RHSA-2007:1028",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1028.html"
            },
            {
              "name": "1018905",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018905"
            },
            {
              "name": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html",
              "refsource": "CONFIRM",
              "url": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html"
            },
            {
              "name": "FEDORA-2007-3390",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html"
            },
            {
              "name": "MDKSA-2007:228",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:228"
            },
            {
              "name": "ADV-2007-3775",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3775"
            },
            {
              "name": "RHSA-2007:1027",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html"
            },
            {
              "name": "RHSA-2007:1030",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html"
            },
            {
              "name": "USN-542-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-542-1"
            },
            {
              "name": "27658",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27658"
            },
            {
              "name": "RHSA-2007:1024",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1024.html"
            },
            {
              "name": "MDKSA-2007:230",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230"
            },
            {
              "name": "USN-542-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-542-2"
            },
            {
              "name": "RHSA-2007:1025",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1025.html"
            },
            {
              "name": "ADV-2007-3779",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3779"
            },
            {
              "name": "DSA-1408",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2007/dsa-1408"
            },
            {
              "name": "RHSA-2007:1051",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1051.html"
            },
            {
              "name": "MDKSA-2007:221",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:221"
            },
            {
              "name": "27553",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27553"
            },
            {
              "name": "27637",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27637"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
    "assignerShortName": "flexera",
    "cveId": "CVE-2007-5393",
    "datePublished": "2007-11-08T02:00:00",
    "dateReserved": "2007-10-12T00:00:00",
    "dateUpdated": "2024-08-07T15:31:58.116Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-3248 (GCVE-0-2024-3248)
Vulnerability from cvelistv5
Published
2024-04-02 23:04
Modified
2024-08-12 13:52
CWE
Summary
In Xpdf 4.05 (and earlier), a PDF object loop in the attachments leads to infinite recursion and a stack overflow.
Impacted products
Vendor Product Version
Xpdf Xpdf Version: 0
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:05:08.315Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://forum.xpdfreader.com/viewtopic.php?t=43657"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:xpdf:xpdf:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "xpdf",
            "vendor": "xpdf",
            "versions": [
              {
                "lessThanOrEqual": "4.05",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-3248",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-12T13:50:27.401794Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-12T13:52:19.102Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "all"
          ],
          "product": "Xpdf",
          "vendor": "Xpdf",
          "versions": [
            {
              "lessThanOrEqual": "4.05",
              "status": "affected",
              "version": "0",
              "versionType": "version"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "In Xpdf 4.05 (and earlier), a PDF object loop in the attachments leads to infinite recursion and a stack overflow.\u003cbr\u003e"
            }
          ],
          "value": "In Xpdf 4.05 (and earlier), a PDF object loop in the attachments leads to infinite recursion and a stack overflow.\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 2.9,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-674",
              "description": "CWE-674 Uncontrolled Recursion",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-02T23:04:40.828Z",
        "orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924",
        "shortName": "GandC"
      },
      "references": [
        {
          "url": "https://forum.xpdfreader.com/viewtopic.php?t=43657"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Stack overflow in Xpdf 4.05 due to object loop in attachments",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924",
    "assignerShortName": "GandC",
    "cveId": "CVE-2024-3248",
    "datePublished": "2024-04-02T23:04:40.828Z",
    "dateReserved": "2024-04-02T23:00:19.912Z",
    "dateUpdated": "2024-08-12T13:52:19.102Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-3624 (GCVE-0-2005-3624)
Vulnerability from cvelistv5
Published
2006-01-06 22:00
Modified
2024-08-07 23:17
Severity ?
CWE
  • n/a
Summary
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
References
http://www.securityfocus.com/bid/16143 vdb-entry, x_refsource_BID
http://www.debian.org/security/2005/dsa-932 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18349 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18147 third-party-advisory, x_refsource_SECUNIA
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt vendor-advisory, x_refsource_SCO
http://scary.beasts.org/security/CESA-2005-003.txt x_refsource_MISC
http://www.kde.org/info/security/advisory-20051207-2.txt x_refsource_CONFIRM
http://secunia.com/advisories/18679 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18312 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18644 third-party-advisory, x_refsource_SECUNIA
https://usn.ubuntu.com/236-1/ vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/18425 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18373 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18303 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-931 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18554 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:003 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/19230 third-party-advisory, x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 vendor-advisory, x_refsource_SUNALERT
http://www.mandriva.com/security/advisories?name=MDKSA-2006:012 vendor-advisory, x_refsource_MANDRIVA
http://www.debian.org/security/2006/dsa-962 vendor-advisory, x_refsource_DEBIAN
http://www.redhat.com/support/errata/RHSA-2006-0163.html vendor-advisory, x_refsource_REDHAT
http://www.debian.org/security/2005/dsa-937 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18398 third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/427053/100/0/threaded vendor-advisory, x_refsource_FEDORA
http://www.trustix.org/errata/2006/0002/ vendor-advisory, x_refsource_TRUSTIX
http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html vendor-advisory, x_refsource_SUSE
http://www.debian.org/security/2006/dsa-936 vendor-advisory, x_refsource_DEBIAN
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/18329 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18463 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18642 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18674 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:005 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/18313 third-party-advisory, x_refsource_SECUNIA
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U vendor-advisory, x_refsource_SGI
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U vendor-advisory, x_refsource_SGI
http://secunia.com/advisories/18448 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18436 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18428 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18380 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18423 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18416 third-party-advisory, x_refsource_SECUNIA
http://rhn.redhat.com/errata/RHSA-2006-0177.html vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2007/2280 vdb-entry, x_refsource_VUPEN
http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml vendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/18407 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18332 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18517 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18582 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18534 third-party-advisory, x_refsource_SECUNIA
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 vendor-advisory, x_refsource_SLACKWARE
http://secunia.com/advisories/18908 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/25729 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18414 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:006 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/18338 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:008 vendor-advisory, x_refsource_MANDRIVA
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U vendor-advisory, x_refsource_SGI
http://www.redhat.com/support/errata/RHSA-2006-0160.html vendor-advisory, x_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 vendor-advisory, x_refsource_MANDRAKE
http://www.debian.org/security/2005/dsa-940 vendor-advisory, x_refsource_DEBIAN
http://www.mandriva.com/security/advisories?name=MDKSA-2006:004 vendor-advisory, x_refsource_MANDRIVA
http://www.vupen.com/english/advisories/2006/0047 vdb-entry, x_refsource_VUPEN
http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml vendor-advisory, x_refsource_GENTOO
https://exchange.xforce.ibmcloud.com/vulnerabilities/24022 vdb-entry, x_refsource_XF
http://secunia.com/advisories/18389 third-party-advisory, x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437 vdb-entry, signature, x_refsource_OVAL
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 vendor-advisory, x_refsource_SLACKWARE
http://secunia.com/advisories/19377 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html vendor-advisory, x_refsource_FEDORA
http://www.securityfocus.com/archive/1/427990/100/0/threaded vendor-advisory, x_refsource_FEDORA
http://www.debian.org/security/2006/dsa-961 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18675 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18913 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-938 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18334 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18375 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2006/dsa-950 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18387 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/18385 third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:17:23.457Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "16143",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16143"
          },
          {
            "name": "DSA-932",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-932"
          },
          {
            "name": "18349",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18349"
          },
          {
            "name": "18147",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18147"
          },
          {
            "name": "SCOSA-2006.15",
            "tags": [
              "vendor-advisory",
              "x_refsource_SCO",
              "x_transferred"
            ],
            "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
          },
          {
            "name": "18679",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18679"
          },
          {
            "name": "18312",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18312"
          },
          {
            "name": "18644",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18644"
          },
          {
            "name": "USN-236-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/236-1/"
          },
          {
            "name": "18425",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18425"
          },
          {
            "name": "18373",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18373"
          },
          {
            "name": "18303",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18303"
          },
          {
            "name": "DSA-931",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-931"
          },
          {
            "name": "18554",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18554"
          },
          {
            "name": "MDKSA-2006:003",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
          },
          {
            "name": "19230",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19230"
          },
          {
            "name": "102972",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
          },
          {
            "name": "MDKSA-2006:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
          },
          {
            "name": "DSA-962",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-962"
          },
          {
            "name": "RHSA-2006:0163",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
          },
          {
            "name": "DSA-937",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-937"
          },
          {
            "name": "18398",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18398"
          },
          {
            "name": "FLSA-2006:176751",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
          },
          {
            "name": "2006-0002",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2006/0002/"
          },
          {
            "name": "SUSE-SA:2006:001",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
          },
          {
            "name": "DSA-936",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-936"
          },
          {
            "name": "FEDORA-2005-026",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
          },
          {
            "name": "18329",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18329"
          },
          {
            "name": "18463",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18463"
          },
          {
            "name": "18642",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18642"
          },
          {
            "name": "18674",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18674"
          },
          {
            "name": "MDKSA-2006:005",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
          },
          {
            "name": "18313",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18313"
          },
          {
            "name": "20051201-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
          },
          {
            "name": "20060101-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
          },
          {
            "name": "18448",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18448"
          },
          {
            "name": "18436",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18436"
          },
          {
            "name": "18428",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18428"
          },
          {
            "name": "18380",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18380"
          },
          {
            "name": "18423",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18423"
          },
          {
            "name": "18416",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18416"
          },
          {
            "name": "RHSA-2006:0177",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
          },
          {
            "name": "ADV-2007-2280",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2280"
          },
          {
            "name": "GLSA-200601-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
          },
          {
            "name": "18407",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18407"
          },
          {
            "name": "18332",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18332"
          },
          {
            "name": "18517",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18517"
          },
          {
            "name": "18582",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18582"
          },
          {
            "name": "18534",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18534"
          },
          {
            "name": "SSA:2006-045-09",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
          },
          {
            "name": "18908",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18908"
          },
          {
            "name": "25729",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25729"
          },
          {
            "name": "18414",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18414"
          },
          {
            "name": "MDKSA-2006:006",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
          },
          {
            "name": "18338",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18338"
          },
          {
            "name": "MDKSA-2006:008",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
          },
          {
            "name": "20060201-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
          },
          {
            "name": "RHSA-2006:0160",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
          },
          {
            "name": "MDKSA-2006:010",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
          },
          {
            "name": "DSA-940",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-940"
          },
          {
            "name": "MDKSA-2006:004",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
          },
          {
            "name": "ADV-2006-0047",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0047"
          },
          {
            "name": "GLSA-200601-17",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
          },
          {
            "name": "xpdf-ccitt-faxstream-bo(24022)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022"
          },
          {
            "name": "18389",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18389"
          },
          {
            "name": "oval:org.mitre.oval:def:9437",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437"
          },
          {
            "name": "SSA:2006-045-04",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
          },
          {
            "name": "19377",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19377"
          },
          {
            "name": "FEDORA-2005-025",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
          },
          {
            "name": "FLSA:175404",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
          },
          {
            "name": "DSA-961",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-961"
          },
          {
            "name": "18675",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18675"
          },
          {
            "name": "18913",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18913"
          },
          {
            "name": "DSA-938",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-938"
          },
          {
            "name": "18334",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18334"
          },
          {
            "name": "18375",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18375"
          },
          {
            "name": "DSA-950",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-950"
          },
          {
            "name": "18387",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18387"
          },
          {
            "name": "MDKSA-2006:011",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
          },
          {
            "name": "18385",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18385"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-01-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "16143",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16143"
        },
        {
          "name": "DSA-932",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-932"
        },
        {
          "name": "18349",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18349"
        },
        {
          "name": "18147",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18147"
        },
        {
          "name": "SCOSA-2006.15",
          "tags": [
            "vendor-advisory",
            "x_refsource_SCO"
          ],
          "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
        },
        {
          "name": "18679",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18679"
        },
        {
          "name": "18312",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18312"
        },
        {
          "name": "18644",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18644"
        },
        {
          "name": "USN-236-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/236-1/"
        },
        {
          "name": "18425",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18425"
        },
        {
          "name": "18373",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18373"
        },
        {
          "name": "18303",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18303"
        },
        {
          "name": "DSA-931",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-931"
        },
        {
          "name": "18554",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18554"
        },
        {
          "name": "MDKSA-2006:003",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
        },
        {
          "name": "19230",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19230"
        },
        {
          "name": "102972",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
        },
        {
          "name": "MDKSA-2006:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
        },
        {
          "name": "DSA-962",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-962"
        },
        {
          "name": "RHSA-2006:0163",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
        },
        {
          "name": "DSA-937",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-937"
        },
        {
          "name": "18398",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18398"
        },
        {
          "name": "FLSA-2006:176751",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
        },
        {
          "name": "2006-0002",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2006/0002/"
        },
        {
          "name": "SUSE-SA:2006:001",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
        },
        {
          "name": "DSA-936",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-936"
        },
        {
          "name": "FEDORA-2005-026",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
        },
        {
          "name": "18329",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18329"
        },
        {
          "name": "18463",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18463"
        },
        {
          "name": "18642",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18642"
        },
        {
          "name": "18674",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18674"
        },
        {
          "name": "MDKSA-2006:005",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
        },
        {
          "name": "18313",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18313"
        },
        {
          "name": "20051201-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
        },
        {
          "name": "20060101-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
        },
        {
          "name": "18448",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18448"
        },
        {
          "name": "18436",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18436"
        },
        {
          "name": "18428",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18428"
        },
        {
          "name": "18380",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18380"
        },
        {
          "name": "18423",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18423"
        },
        {
          "name": "18416",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18416"
        },
        {
          "name": "RHSA-2006:0177",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
        },
        {
          "name": "ADV-2007-2280",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2280"
        },
        {
          "name": "GLSA-200601-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
        },
        {
          "name": "18407",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18407"
        },
        {
          "name": "18332",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18332"
        },
        {
          "name": "18517",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18517"
        },
        {
          "name": "18582",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18582"
        },
        {
          "name": "18534",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18534"
        },
        {
          "name": "SSA:2006-045-09",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
        },
        {
          "name": "18908",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18908"
        },
        {
          "name": "25729",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25729"
        },
        {
          "name": "18414",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18414"
        },
        {
          "name": "MDKSA-2006:006",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
        },
        {
          "name": "18338",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18338"
        },
        {
          "name": "MDKSA-2006:008",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
        },
        {
          "name": "20060201-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
        },
        {
          "name": "RHSA-2006:0160",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
        },
        {
          "name": "MDKSA-2006:010",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
        },
        {
          "name": "DSA-940",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-940"
        },
        {
          "name": "MDKSA-2006:004",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
        },
        {
          "name": "ADV-2006-0047",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0047"
        },
        {
          "name": "GLSA-200601-17",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
        },
        {
          "name": "xpdf-ccitt-faxstream-bo(24022)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022"
        },
        {
          "name": "18389",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18389"
        },
        {
          "name": "oval:org.mitre.oval:def:9437",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437"
        },
        {
          "name": "SSA:2006-045-04",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
        },
        {
          "name": "19377",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19377"
        },
        {
          "name": "FEDORA-2005-025",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
        },
        {
          "name": "FLSA:175404",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
        },
        {
          "name": "DSA-961",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-961"
        },
        {
          "name": "18675",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18675"
        },
        {
          "name": "18913",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18913"
        },
        {
          "name": "DSA-938",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-938"
        },
        {
          "name": "18334",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18334"
        },
        {
          "name": "18375",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18375"
        },
        {
          "name": "DSA-950",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-950"
        },
        {
          "name": "18387",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18387"
        },
        {
          "name": "MDKSA-2006:011",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
        },
        {
          "name": "18385",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18385"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2005-3624",
    "datePublished": "2006-01-06T22:00:00",
    "dateReserved": "2005-11-16T00:00:00",
    "dateUpdated": "2024-08-07T23:17:23.457Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-0206 (GCVE-0-2010-0206)
Vulnerability from cvelistv5
Published
2019-10-30 20:10
Modified
2024-08-07 00:37
Severity ?
CWE
  • Other
Summary
xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream objects.
Impacted products
Vendor Product Version
xpdf xpdf Version: N/A
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:37:54.188Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security-tracker.debian.org/tracker/CVE-2010-0206"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0206"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "xpdf",
          "vendor": "xpdf",
          "versions": [
            {
              "status": "affected",
              "version": "N/A"
            }
          ]
        }
      ],
      "datePublic": "2010-04-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream objects."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Other",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-30T20:10:52",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security-tracker.debian.org/tracker/CVE-2010-0206"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0206"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2010-0206",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "xpdf",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "N/A"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "xpdf"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream objects."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security-tracker.debian.org/tracker/CVE-2010-0206",
              "refsource": "MISC",
              "url": "https://security-tracker.debian.org/tracker/CVE-2010-0206"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0206",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0206"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2010-0206",
    "datePublished": "2019-10-30T20:10:52",
    "dateReserved": "2010-01-06T00:00:00",
    "dateUpdated": "2024-08-07T00:37:54.188Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2000-0727 (GCVE-0-2000-0727)
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:28
Severity ?
CWE
  • n/a
Summary
xpdf PDF viewer client earlier than 0.91 does not properly launch a web browser for embedded URL's, which allows an attacker to execute arbitrary commands via a URL that contains shell metacharacters.
References
http://marc.info/?l=bugtraq&m=96766355023239&w=2 mailing-list, x_refsource_BUGTRAQ
http://marc.info/?l=bugtraq&m=96886599829687&w=2 mailing-list, x_refsource_BUGTRAQ
http://www.debian.org/security/2000/20000910a vendor-advisory, x_refsource_DEBIAN
http://www.securityfocus.com/bid/1624 vdb-entry, x_refsource_BID
http://www.calderasystems.com/support/security/advisories/CSSA-2000-031.0.txt vendor-advisory, x_refsource_CALDERA
http://www.redhat.com/support/errata/RHSA-2000-060.html vendor-advisory, x_refsource_REDHAT
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T05:28:41.438Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20000829 MDKSA-2000:041 - xpdf update",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=96766355023239\u0026w=2"
          },
          {
            "name": "20000913 Conectiva Linux Security Announcement - xpdf",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=96886599829687\u0026w=2"
          },
          {
            "name": "20000910 xpdf: local exploit",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2000/20000910a"
          },
          {
            "name": "1624",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/1624"
          },
          {
            "name": "CSSA-2000-031.0",
            "tags": [
              "vendor-advisory",
              "x_refsource_CALDERA",
              "x_transferred"
            ],
            "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-031.0.txt"
          },
          {
            "name": "RHSA-2000:060",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2000-060.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2000-08-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "xpdf PDF viewer client earlier than 0.91 does not properly launch a web browser for embedded URL\u0027s, which allows an attacker to execute arbitrary commands via a URL that contains shell metacharacters."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2004-09-02T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20000829 MDKSA-2000:041 - xpdf update",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=96766355023239\u0026w=2"
        },
        {
          "name": "20000913 Conectiva Linux Security Announcement - xpdf",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=96886599829687\u0026w=2"
        },
        {
          "name": "20000910 xpdf: local exploit",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2000/20000910a"
        },
        {
          "name": "1624",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/1624"
        },
        {
          "name": "CSSA-2000-031.0",
          "tags": [
            "vendor-advisory",
            "x_refsource_CALDERA"
          ],
          "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-031.0.txt"
        },
        {
          "name": "RHSA-2000:060",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2000-060.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2000-0727",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "xpdf PDF viewer client earlier than 0.91 does not properly launch a web browser for embedded URL\u0027s, which allows an attacker to execute arbitrary commands via a URL that contains shell metacharacters."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20000829 MDKSA-2000:041 - xpdf update",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=96766355023239\u0026w=2"
            },
            {
              "name": "20000913 Conectiva Linux Security Announcement - xpdf",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=96886599829687\u0026w=2"
            },
            {
              "name": "20000910 xpdf: local exploit",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2000/20000910a"
            },
            {
              "name": "1624",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/1624"
            },
            {
              "name": "CSSA-2000-031.0",
              "refsource": "CALDERA",
              "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-031.0.txt"
            },
            {
              "name": "RHSA-2000:060",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2000-060.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2000-0727",
    "datePublished": "2000-10-13T04:00:00",
    "dateReserved": "2000-09-19T00:00:00",
    "dateUpdated": "2024-08-08T05:28:41.438Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-3247 (GCVE-0-2024-3247)
Vulnerability from cvelistv5
Published
2024-04-02 22:57
Modified
2024-08-01 20:05
CWE
Summary
In Xpdf 4.05 (and earlier), a PDF object loop in an object stream leads to infinite recursion and a stack overflow.
Impacted products
Vendor Product Version
Xpdf Xpdf Version: 0
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:xpdf:xpdf:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "xpdf",
            "vendor": "xpdf",
            "versions": [
              {
                "lessThanOrEqual": "4.05",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-3247",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-03T17:26:43.928823Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-31T20:35:23.652Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:05:08.335Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://forum.xpdfreader.com/viewtopic.php?t=43597"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "all"
          ],
          "product": "Xpdf",
          "vendor": "Xpdf",
          "versions": [
            {
              "lessThanOrEqual": "4.05",
              "status": "affected",
              "version": "0",
              "versionType": "version"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Zhijie Zhang, from Institute of Information Engineering, Chinese Academy of Sciences"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "In Xpdf 4.05 (and earlier), a PDF object loop in an object stream leads to infinite recursion and a stack overflow.\u003cbr\u003e"
            }
          ],
          "value": "In Xpdf 4.05 (and earlier), a PDF object loop in an object stream leads to infinite recursion and a stack overflow.\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 2.9,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-674",
              "description": "CWE-674 Uncontrolled Recursion",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-02T22:57:35.394Z",
        "orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924",
        "shortName": "GandC"
      },
      "references": [
        {
          "url": "https://forum.xpdfreader.com/viewtopic.php?t=43597"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Stack overflow in Xpdf 4.05 due to object loop in PDF object stream",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924",
    "assignerShortName": "GandC",
    "cveId": "CVE-2024-3247",
    "datePublished": "2024-04-02T22:57:35.394Z",
    "dateReserved": "2024-04-02T22:48:13.391Z",
    "dateUpdated": "2024-08-01T20:05:08.335Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-0064 (GCVE-0-2005-0064)
Vulnerability from cvelistv5
Published
2005-01-19 05:00
Modified
2024-08-07 20:57
Severity ?
CWE
  • n/a
Summary
Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value.
References
http://secunia.com/advisories/17277 third-party-advisory, x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11781 vdb-entry, signature, x_refsource_OVAL
http://www.redhat.com/support/errata/RHSA-2005-066.html vendor-advisory, x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2005-034.html vendor-advisory, x_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDKSA-2005:018 vendor-advisory, x_refsource_MANDRAKE
http://www.mandriva.com/security/advisories?name=MDKSA-2005:017 vendor-advisory, x_refsource_MANDRAKE
http://www.mandriva.com/security/advisories?name=MDKSA-2005:016 vendor-advisory, x_refsource_MANDRAKE
http://www.trustix.org/errata/2005/0003/ vendor-advisory, x_refsource_TRUSTIX
https://bugzilla.fedora.us/show_bug.cgi?id=2352 vendor-advisory, x_refsource_FEDORA
https://bugzilla.fedora.us/show_bug.cgi?id=2353 vendor-advisory, x_refsource_FEDORA
http://www.debian.org/security/2005/dsa-645 vendor-advisory, x_refsource_DEBIAN
https://security.gentoo.org/glsa/200502-10 vendor-advisory, x_refsource_GENTOO
http://www.redhat.com/support/errata/RHSA-2005-026.html vendor-advisory, x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2005-053.html vendor-advisory, x_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDKSA-2005:020 vendor-advisory, x_refsource_MANDRAKE
https://security.gentoo.org/glsa/200501-28 vendor-advisory, x_refsource_GENTOO
http://www.idefense.com/application/poi/display?id=186&type=vulnerabilities third-party-advisory, x_refsource_IDEFENSE
http://www.redhat.com/support/errata/RHSA-2005-059.html vendor-advisory, x_refsource_REDHAT
http://marc.info/?l=bugtraq&m=110625368019554&w=2 mailing-list, x_refsource_BUGTRAQ
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt vendor-advisory, x_refsource_SCO
http://www.debian.org/security/2005/dsa-648 vendor-advisory, x_refsource_DEBIAN
http://www.mandriva.com/security/advisories?name=MDKSA-2005:021 vendor-advisory, x_refsource_MANDRAKE
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000921 vendor-advisory, x_refsource_CONECTIVA
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=MDKSA-2005:019 vendor-advisory, x_refsource_MANDRAKE
http://www.redhat.com/support/errata/RHSA-2005-057.html vendor-advisory, x_refsource_REDHAT
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T20:57:40.988Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "17277",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17277"
          },
          {
            "name": "oval:org.mitre.oval:def:11781",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11781"
          },
          {
            "name": "RHSA-2005:066",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-066.html"
          },
          {
            "name": "RHSA-2005:034",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
          },
          {
            "name": "MDKSA-2005:018",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:018"
          },
          {
            "name": "MDKSA-2005:017",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:017"
          },
          {
            "name": "MDKSA-2005:016",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:016"
          },
          {
            "name": "2005-0003",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2005/0003/"
          },
          {
            "name": "FLSA:2352",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2352"
          },
          {
            "name": "FLSA:2353",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353"
          },
          {
            "name": "DSA-645",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-645"
          },
          {
            "name": "GLSA-200502-10",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/200502-10"
          },
          {
            "name": "RHSA-2005:026",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-026.html"
          },
          {
            "name": "RHSA-2005:053",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
          },
          {
            "name": "MDKSA-2005:020",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:020"
          },
          {
            "name": "GLSA-200501-28",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/200501-28"
          },
          {
            "name": "20050118 Multiple Unix/Linux Vendor Xpdf makeFileKey2 Stack Overflow",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://www.idefense.com/application/poi/display?id=186\u0026type=vulnerabilities"
          },
          {
            "name": "RHSA-2005:059",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-059.html"
          },
          {
            "name": "20050119 [USN-64-1] xpdf, CUPS vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=110625368019554\u0026w=2"
          },
          {
            "name": "SCOSA-2005.42",
            "tags": [
              "vendor-advisory",
              "x_refsource_SCO",
              "x_transferred"
            ],
            "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt"
          },
          {
            "name": "DSA-648",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-648"
          },
          {
            "name": "MDKSA-2005:021",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:021"
          },
          {
            "name": "CLA-2005:921",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000921"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch"
          },
          {
            "name": "MDKSA-2005:019",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:019"
          },
          {
            "name": "RHSA-2005:057",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-01-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "17277",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17277"
        },
        {
          "name": "oval:org.mitre.oval:def:11781",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11781"
        },
        {
          "name": "RHSA-2005:066",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-066.html"
        },
        {
          "name": "RHSA-2005:034",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
        },
        {
          "name": "MDKSA-2005:018",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:018"
        },
        {
          "name": "MDKSA-2005:017",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:017"
        },
        {
          "name": "MDKSA-2005:016",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:016"
        },
        {
          "name": "2005-0003",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2005/0003/"
        },
        {
          "name": "FLSA:2352",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2352"
        },
        {
          "name": "FLSA:2353",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353"
        },
        {
          "name": "DSA-645",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-645"
        },
        {
          "name": "GLSA-200502-10",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/200502-10"
        },
        {
          "name": "RHSA-2005:026",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-026.html"
        },
        {
          "name": "RHSA-2005:053",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
        },
        {
          "name": "MDKSA-2005:020",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:020"
        },
        {
          "name": "GLSA-200501-28",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/200501-28"
        },
        {
          "name": "20050118 Multiple Unix/Linux Vendor Xpdf makeFileKey2 Stack Overflow",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://www.idefense.com/application/poi/display?id=186\u0026type=vulnerabilities"
        },
        {
          "name": "RHSA-2005:059",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-059.html"
        },
        {
          "name": "20050119 [USN-64-1] xpdf, CUPS vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=110625368019554\u0026w=2"
        },
        {
          "name": "SCOSA-2005.42",
          "tags": [
            "vendor-advisory",
            "x_refsource_SCO"
          ],
          "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt"
        },
        {
          "name": "DSA-648",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-648"
        },
        {
          "name": "MDKSA-2005:021",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:021"
        },
        {
          "name": "CLA-2005:921",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000921"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch"
        },
        {
          "name": "MDKSA-2005:019",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:019"
        },
        {
          "name": "RHSA-2005:057",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-0064",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "17277",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17277"
            },
            {
              "name": "oval:org.mitre.oval:def:11781",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11781"
            },
            {
              "name": "RHSA-2005:066",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-066.html"
            },
            {
              "name": "RHSA-2005:034",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
            },
            {
              "name": "MDKSA-2005:018",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:018"
            },
            {
              "name": "MDKSA-2005:017",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:017"
            },
            {
              "name": "MDKSA-2005:016",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:016"
            },
            {
              "name": "2005-0003",
              "refsource": "TRUSTIX",
              "url": "http://www.trustix.org/errata/2005/0003/"
            },
            {
              "name": "FLSA:2352",
              "refsource": "FEDORA",
              "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2352"
            },
            {
              "name": "FLSA:2353",
              "refsource": "FEDORA",
              "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353"
            },
            {
              "name": "DSA-645",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-645"
            },
            {
              "name": "GLSA-200502-10",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/200502-10"
            },
            {
              "name": "RHSA-2005:026",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-026.html"
            },
            {
              "name": "RHSA-2005:053",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
            },
            {
              "name": "MDKSA-2005:020",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:020"
            },
            {
              "name": "GLSA-200501-28",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/200501-28"
            },
            {
              "name": "20050118 Multiple Unix/Linux Vendor Xpdf makeFileKey2 Stack Overflow",
              "refsource": "IDEFENSE",
              "url": "http://www.idefense.com/application/poi/display?id=186\u0026type=vulnerabilities"
            },
            {
              "name": "RHSA-2005:059",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-059.html"
            },
            {
              "name": "20050119 [USN-64-1] xpdf, CUPS vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=110625368019554\u0026w=2"
            },
            {
              "name": "SCOSA-2005.42",
              "refsource": "SCO",
              "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt"
            },
            {
              "name": "DSA-648",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-648"
            },
            {
              "name": "MDKSA-2005:021",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:021"
            },
            {
              "name": "CLA-2005:921",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000921"
            },
            {
              "name": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch"
            },
            {
              "name": "MDKSA-2005:019",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:019"
            },
            {
              "name": "RHSA-2005:057",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-0064",
    "datePublished": "2005-01-19T05:00:00",
    "dateReserved": "2005-01-13T00:00:00",
    "dateUpdated": "2024-08-07T20:57:40.988Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-3154 (GCVE-0-2025-3154)
Vulnerability from cvelistv5
Published
2025-04-02 22:18
Modified
2025-04-03 19:15
CWE
Summary
Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid VerticesPerRow value in a PDF shading dictionary.
Impacted products
Vendor Product Version
Xpdf Xpdf Version: 0
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-3154",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-03T19:14:58.924660Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-03T19:15:26.279Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "all"
          ],
          "product": "Xpdf",
          "vendor": "Xpdf",
          "versions": [
            {
              "lessThanOrEqual": "4.05",
              "status": "affected",
              "version": "0",
              "versionType": "version"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Erik Viken"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid VerticesPerRow value in a PDF shading dictionary."
            }
          ],
          "value": "Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid VerticesPerRow value in a PDF shading dictionary."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 2.1,
            "baseSeverity": "LOW",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-02T22:18:46.033Z",
        "orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924",
        "shortName": "GandC"
      },
      "references": [
        {
          "url": "https://www.xpdfreader.com/security-bug/CVE-2025-3154.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Out-of-bounds array write due to invalid VerticesPerRow in Xpdf 4.05",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924",
    "assignerShortName": "GandC",
    "cveId": "CVE-2025-3154",
    "datePublished": "2025-04-02T22:18:46.033Z",
    "dateReserved": "2025-04-02T22:09:54.712Z",
    "dateUpdated": "2025-04-03T19:15:26.279Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-7866 (GCVE-0-2024-7866)
Vulnerability from cvelistv5
Published
2024-08-15 19:50
Modified
2024-08-16 17:13
CWE
Summary
In Xpdf 4.05 (and earlier), a PDF object loop in a pattern resource leads to infinite recursion and a stack overflow.
Impacted products
Vendor Product Version
Xpdf Xpdf Version: 0
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-7866",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-16T17:13:19.735300Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-16T17:13:35.817Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "all"
          ],
          "product": "Xpdf",
          "vendor": "Xpdf",
          "versions": [
            {
              "lessThanOrEqual": "4.05",
              "status": "affected",
              "version": "0",
              "versionType": "Version"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "xiaobaozidi"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "In Xpdf 4.05 (and earlier), a PDF object loop in a pattern resource leads to infinite recursion and a stack overflow.\u003cbr\u003e"
            }
          ],
          "value": "In Xpdf 4.05 (and earlier), a PDF object loop in a pattern resource leads to infinite recursion and a stack overflow."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 2.1,
            "baseSeverity": "LOW",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-674",
              "description": "CWE-674 Uncontrolled Recursion",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-15T19:50:06.413Z",
        "orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924",
        "shortName": "GandC"
      },
      "references": [
        {
          "url": "https://www.xpdfreader.com/security-bug/object-loops.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Stack overflow in Xpdf 4.05 due to object loop in PDF pattern",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924",
    "assignerShortName": "GandC",
    "cveId": "CVE-2024-7866",
    "datePublished": "2024-08-15T19:50:06.413Z",
    "dateReserved": "2024-08-15T19:41:01.904Z",
    "dateUpdated": "2024-08-16T17:13:35.817Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2006-1244 (GCVE-0-2006-1244)
Vulnerability from cvelistv5
Published
2006-03-15 19:00
Modified
2024-08-07 17:03
Severity ?
CWE
  • n/a
Summary
Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed. Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature.
References
http://secunia.com/advisories/19644 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2006/dsa-979 vendor-advisory, x_refsource_DEBIAN
http://www.debian.org/security/2006/dsa-998 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/19164 third-party-advisory, x_refsource_SECUNIA
http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3.diff.gz x_refsource_MISC
http://secunia.com/advisories/19364 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2006/dsa-983 vendor-advisory, x_refsource_DEBIAN
http://www.debian.org/security/2006/dsa-982 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/19091 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/19065 third-party-advisory, x_refsource_SECUNIA
http://www.osvdb.org/23834 vdb-entry, x_refsource_OSVDB
http://www.debian.org/security/2006/dsa-1019 vendor-advisory, x_refsource_DEBIAN
http://www.securityfocus.com/bid/16748 vdb-entry, x_refsource_BID
http://secunia.com/advisories/18948 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2006/dsa-984 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/19021 third-party-advisory, x_refsource_SECUNIA
https://usn.ubuntu.com/270-1/ vendor-advisory, x_refsource_UBUNTU
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T17:03:28.588Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "19644",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19644"
          },
          {
            "name": "DSA-979",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-979"
          },
          {
            "name": "DSA-998",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-998"
          },
          {
            "name": "19164",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19164"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3.diff.gz"
          },
          {
            "name": "19364",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19364"
          },
          {
            "name": "DSA-983",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-983"
          },
          {
            "name": "DSA-982",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-982"
          },
          {
            "name": "19091",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19091"
          },
          {
            "name": "19065",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19065"
          },
          {
            "name": "23834",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/23834"
          },
          {
            "name": "DSA-1019",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1019"
          },
          {
            "name": "16748",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16748"
          },
          {
            "name": "18948",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18948"
          },
          {
            "name": "DSA-984",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-984"
          },
          {
            "name": "19021",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19021"
          },
          {
            "name": "USN-270-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/270-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-02-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc.  NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed.  Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-03T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "19644",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19644"
        },
        {
          "name": "DSA-979",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-979"
        },
        {
          "name": "DSA-998",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-998"
        },
        {
          "name": "19164",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19164"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3.diff.gz"
        },
        {
          "name": "19364",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19364"
        },
        {
          "name": "DSA-983",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-983"
        },
        {
          "name": "DSA-982",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-982"
        },
        {
          "name": "19091",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19091"
        },
        {
          "name": "19065",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19065"
        },
        {
          "name": "23834",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/23834"
        },
        {
          "name": "DSA-1019",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1019"
        },
        {
          "name": "16748",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16748"
        },
        {
          "name": "18948",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18948"
        },
        {
          "name": "DSA-984",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-984"
        },
        {
          "name": "19021",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19021"
        },
        {
          "name": "USN-270-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/270-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-1244",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc.  NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed.  Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "19644",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19644"
            },
            {
              "name": "DSA-979",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-979"
            },
            {
              "name": "DSA-998",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-998"
            },
            {
              "name": "19164",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19164"
            },
            {
              "name": "http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3.diff.gz",
              "refsource": "MISC",
              "url": "http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3.diff.gz"
            },
            {
              "name": "19364",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19364"
            },
            {
              "name": "DSA-983",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-983"
            },
            {
              "name": "DSA-982",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-982"
            },
            {
              "name": "19091",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19091"
            },
            {
              "name": "19065",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19065"
            },
            {
              "name": "23834",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/23834"
            },
            {
              "name": "DSA-1019",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-1019"
            },
            {
              "name": "16748",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/16748"
            },
            {
              "name": "18948",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18948"
            },
            {
              "name": "DSA-984",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-984"
            },
            {
              "name": "19021",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19021"
            },
            {
              "name": "USN-270-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/270-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-1244",
    "datePublished": "2006-03-15T19:00:00",
    "dateReserved": "2006-03-15T00:00:00",
    "dateUpdated": "2024-08-07T17:03:28.588Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-2662 (GCVE-0-2023-2662)
Vulnerability from cvelistv5
Published
2023-05-11 20:08
Modified
2025-01-24 16:06
CWE
Summary
In Xpdf 4.04 (and earlier), a bad color space object in the input PDF file can cause a divide-by-zero.
Impacted products
Vendor Product Version
Xpdf Xpdf Version: 4.04
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T06:26:09.951Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://forum.xpdfreader.com/viewtopic.php?t=42505"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-2662",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-24T16:05:31.137989Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-369",
                "description": "CWE-369 Divide By Zero",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-24T16:06:27.283Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "all"
          ],
          "product": "Xpdf",
          "vendor": "Xpdf",
          "versions": [
            {
              "status": "affected",
              "version": "4.04"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "huckleberry"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003eIn Xpdf 4.04 (and earlier), a bad color space object in the input PDF file can cause a divide-by-zero.\u003cbr\u003e\u003c/div\u003e"
            }
          ],
          "value": "In Xpdf 4.04 (and earlier), a bad color space object in the input PDF file can cause a divide-by-zero.\n\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 2.9,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-369",
              "description": "CWE-369 Divide By Zero",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-11T20:08:27.720Z",
        "orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924",
        "shortName": "GandC"
      },
      "references": [
        {
          "url": "https://forum.xpdfreader.com/viewtopic.php?t=42505"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Divide-by-zero in Xpdf 4.04 due to bad color space object",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924",
    "assignerShortName": "GandC",
    "cveId": "CVE-2023-2662",
    "datePublished": "2023-05-11T20:08:25.610Z",
    "dateReserved": "2023-05-11T20:03:56.213Z",
    "dateUpdated": "2025-01-24T16:06:27.283Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-2664 (GCVE-0-2023-2664)
Vulnerability from cvelistv5
Published
2023-05-11 20:21
Modified
2025-01-23 21:23
CWE
Summary
 In Xpdf 4.04 (and earlier), a PDF object loop in the embedded file tree leads to infinite recursion and a stack overflow.
Impacted products
Vendor Product Version
Xpdf Xpdf Version: 4.04
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T06:26:09.765Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://forum.xpdfreader.com/viewtopic.php?t=42422"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-2664",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-23T21:22:45.913757Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-23T21:23:23.646Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "all"
          ],
          "product": "Xpdf",
          "vendor": "Xpdf",
          "versions": [
            {
              "status": "affected",
              "version": "4.04"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "BabyBus"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003e\u0026nbsp;In Xpdf 4.04 (and earlier), a PDF object loop in the embedded file tree leads to infinite recursion and a stack overflow.\u003cbr\u003e\u003c/div\u003e"
            }
          ],
          "value": "\u00a0In Xpdf 4.04 (and earlier), a PDF object loop in the embedded file tree leads to infinite recursion and a stack overflow.\n\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 2.9,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-674",
              "description": "CWE-674 Uncontrolled Recursion",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-11T20:21:25.821Z",
        "orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924",
        "shortName": "GandC"
      },
      "references": [
        {
          "url": "https://forum.xpdfreader.com/viewtopic.php?t=42422"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Stack overflow in Xpdf 4.04 due to object loop in PDF embedded file tree",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924",
    "assignerShortName": "GandC",
    "cveId": "CVE-2023-2664",
    "datePublished": "2023-05-11T20:21:25.821Z",
    "dateReserved": "2023-05-11T20:19:40.531Z",
    "dateUpdated": "2025-01-23T21:23:23.646Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2004-0889 (GCVE-0-2004-0889)
Vulnerability from cvelistv5
Published
2004-10-26 04:00
Modified
2024-08-08 00:31
Severity ?
CWE
  • n/a
Summary
Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:31:48.137Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "11501",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/11501"
          },
          {
            "name": "MDKSA-2004:113",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113"
          },
          {
            "name": "GLSA-200410-20",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml"
          },
          {
            "name": "GLSA-200410-30",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml"
          },
          {
            "name": "xpdf-pdf-file-bo(17819)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17819"
          },
          {
            "name": "SUSE-SA:2004:039",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-10-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "11501",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/11501"
        },
        {
          "name": "MDKSA-2004:113",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113"
        },
        {
          "name": "GLSA-200410-20",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml"
        },
        {
          "name": "GLSA-200410-30",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml"
        },
        {
          "name": "xpdf-pdf-file-bo(17819)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17819"
        },
        {
          "name": "SUSE-SA:2004:039",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0889",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "11501",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/11501"
            },
            {
              "name": "MDKSA-2004:113",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113"
            },
            {
              "name": "GLSA-200410-20",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml"
            },
            {
              "name": "GLSA-200410-30",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml"
            },
            {
              "name": "xpdf-pdf-file-bo(17819)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17819"
            },
            {
              "name": "SUSE-SA:2004:039",
              "refsource": "SUSE",
              "url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0889",
    "datePublished": "2004-10-26T04:00:00",
    "dateReserved": "2004-09-22T00:00:00",
    "dateUpdated": "2024-08-08T00:31:48.137Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-7868 (GCVE-0-2024-7868)
Vulnerability from cvelistv5
Published
2024-08-15 20:22
Modified
2024-08-15 20:33
CWE
  • CWE-908 - Use of Uninitialized Resource
Summary
In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address.
Impacted products
Vendor Product Version
Xpdf Xpdf Version: 0
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-7868",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-15T20:33:27.606080Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-15T20:33:39.716Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "all"
          ],
          "product": "Xpdf",
          "vendor": "Xpdf",
          "versions": [
            {
              "lessThanOrEqual": "4.05",
              "status": "affected",
              "version": "0",
              "versionType": "Version"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "KMFL"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address.\u003cbr\u003e"
            }
          ],
          "value": "In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 2.1,
            "baseSeverity": "LOW",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-908",
              "description": "CWE-908 Use of Uninitialized Resource",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-15T20:22:52.873Z",
        "orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924",
        "shortName": "GandC"
      },
      "references": [
        {
          "url": "https://www.xpdfreader.com/security-bug/CVE-2024-7868.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Uninitialized variable in Xpdf 4.05 due to invalid JPEG header",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924",
    "assignerShortName": "GandC",
    "cveId": "CVE-2024-7868",
    "datePublished": "2024-08-15T20:22:52.873Z",
    "dateReserved": "2024-08-15T20:15:02.215Z",
    "dateUpdated": "2024-08-15T20:33:39.716Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-3436 (GCVE-0-2023-3436)
Vulnerability from cvelistv5
Published
2023-06-27 20:55
Modified
2024-11-07 17:00
CWE
Summary
Xpdf 4.04 will deadlock on a PDF object stream whose "Length" field is itself in another object stream.
Impacted products
Vendor Product Version
Xpdf Xpdf Version: 4.04
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T06:55:03.471Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://forum.xpdfreader.com/viewtopic.php?t=42618"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:xpdfreader:xpdf:4.04:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "xpdf",
            "vendor": "xpdfreader",
            "versions": [
              {
                "status": "affected",
                "version": "4.04"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-3436",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T16:57:28.396828Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T17:00:22.993Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "all"
          ],
          "product": "Xpdf",
          "vendor": "Xpdf",
          "versions": [
            {
              "status": "affected",
              "version": "4.04"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Jiahao Liu"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003eXpdf 4.04 will deadlock on a PDF object stream whose \"Length\" field is itself in another object stream.\u003c/div\u003e"
            }
          ],
          "value": "Xpdf 4.04 will deadlock on a PDF object stream whose \"Length\" field is itself in another object stream.\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-833",
              "description": "CWE-833 Deadlock",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-27T20:55:27.693Z",
        "orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924",
        "shortName": "GandC"
      },
      "references": [
        {
          "url": "https://forum.xpdfreader.com/viewtopic.php?t=42618"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Deadlock in Xpdf 4.04 due to PDF object stream references",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924",
    "assignerShortName": "GandC",
    "cveId": "CVE-2023-3436",
    "datePublished": "2023-06-27T20:55:21.049Z",
    "dateReserved": "2023-06-27T20:43:04.057Z",
    "dateUpdated": "2024-11-07T17:00:22.993Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2000-0728 (GCVE-0-2000-0728)
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:28
Severity ?
CWE
  • n/a
Summary
xpdf PDF viewer client earlier than 0.91 allows local users to overwrite arbitrary files via a symlink attack.
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T05:28:41.285Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20000829 MDKSA-2000:041 - xpdf update",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=96766355023239\u0026w=2"
          },
          {
            "name": "20000913 Conectiva Linux Security Announcement - xpdf",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=96886599829687\u0026w=2"
          },
          {
            "name": "1624",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/1624"
          },
          {
            "name": "CSSA-2000-031.0",
            "tags": [
              "vendor-advisory",
              "x_refsource_CALDERA",
              "x_transferred"
            ],
            "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-031.0.txt"
          },
          {
            "name": "RHSA-2000:060",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2000-060.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2000-08-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "xpdf PDF viewer client earlier than 0.91 allows local users to overwrite arbitrary files via a symlink attack."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2004-09-02T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20000829 MDKSA-2000:041 - xpdf update",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=96766355023239\u0026w=2"
        },
        {
          "name": "20000913 Conectiva Linux Security Announcement - xpdf",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=96886599829687\u0026w=2"
        },
        {
          "name": "1624",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/1624"
        },
        {
          "name": "CSSA-2000-031.0",
          "tags": [
            "vendor-advisory",
            "x_refsource_CALDERA"
          ],
          "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-031.0.txt"
        },
        {
          "name": "RHSA-2000:060",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2000-060.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2000-0728",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "xpdf PDF viewer client earlier than 0.91 allows local users to overwrite arbitrary files via a symlink attack."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20000829 MDKSA-2000:041 - xpdf update",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=96766355023239\u0026w=2"
            },
            {
              "name": "20000913 Conectiva Linux Security Announcement - xpdf",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=96886599829687\u0026w=2"
            },
            {
              "name": "1624",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/1624"
            },
            {
              "name": "CSSA-2000-031.0",
              "refsource": "CALDERA",
              "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-031.0.txt"
            },
            {
              "name": "RHSA-2000:060",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2000-060.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2000-0728",
    "datePublished": "2000-10-13T04:00:00",
    "dateReserved": "2000-09-19T00:00:00",
    "dateUpdated": "2024-08-08T05:28:41.285Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-3191 (GCVE-0-2005-3191)
Vulnerability from cvelistv5
Published
2005-12-07 01:00
Modified
2024-08-07 23:01
Severity ?
CWE
  • n/a
Summary
Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KDE kpdf, (d) pdftohtml, (e) KOffice KWord, (f) CUPS, and (g) libextractor allow user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with an out-of-range number of components (numComps), which is used as an array index.
References
http://securityreason.com/securityalert/234 third-party-advisory, x_refsource_SREASON
http://secunia.com/advisories/17929 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/19797 third-party-advisory, x_refsource_SECUNIA
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt vendor-advisory, x_refsource_SCO
http://securityreason.com/securityalert/233 third-party-advisory, x_refsource_SREASON
http://www.debian.org/security/2005/dsa-932 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18349 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18147 third-party-advisory, x_refsource_SECUNIA
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt vendor-advisory, x_refsource_SCO
http://secunia.com/advisories/18055 third-party-advisory, x_refsource_SECUNIA
http://www.kde.org/info/security/advisory-20051207-1.txt x_refsource_CONFIRM
http://secunia.com/advisories/18503 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18549 third-party-advisory, x_refsource_SECUNIA
http://www.kde.org/info/security/advisory-20051207-2.txt x_refsource_CONFIRM
http://secunia.com/advisories/18679 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18189 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/26413 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17940 third-party-advisory, x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9760 vdb-entry, signature, x_refsource_OVAL
https://exchange.xforce.ibmcloud.com/vulnerabilities/23444 vdb-entry, x_refsource_XF
http://secunia.com/advisories/18303 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-931 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18554 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:003 vendor-advisory, x_refsource_MANDRIVA
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289 x_refsource_MISC
http://secunia.com/advisories/19230 third-party-advisory, x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 vendor-advisory, x_refsource_SUNALERT
http://www.mandriva.com/security/advisories?name=MDKSA-2006:012 vendor-advisory, x_refsource_MANDRIVA
http://www.debian.org/security/2006/dsa-962 vendor-advisory, x_refsource_DEBIAN
http://securitytracker.com/id?1015309 vdb-entry, x_refsource_SECTRACK
http://www.debian.org/security/2005/dsa-937 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/18398 third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/427053/100/0/threaded vendor-advisory, x_refsource_FEDORA
http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html vendor-advisory, x_refsource_SUSE
http://www.debian.org/security/2006/dsa-936 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/17916 third-party-advisory, x_refsource_SECUNIA
http://www.idefense.com/application/poi/display?id=343&type=vulnerabilities third-party-advisory, x_refsource_IDEFENSE
http://www.redhat.com/support/errata/RHSA-2005-840.html vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2005/2789 vdb-entry, x_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2005-867.html vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/18674 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:005 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/18313 third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/bid/15727 vdb-entry, x_refsource_BID
https://issues.rpath.com/browse/RPL-1609 x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2005-868.html vendor-advisory, x_refsource_REDHAT
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U vendor-advisory, x_refsource_SGI
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U vendor-advisory, x_refsource_SGI
http://secunia.com/advisories/18448 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18436 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18428 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18380 third-party-advisory, x_refsource_SECUNIA
http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml vendor-advisory, x_refsource_GENTOO
http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/18416 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/2280 vdb-entry, x_refsource_VUPEN
http://www.securityfocus.com/bid/15726 vdb-entry, x_refsource_BID
http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml vendor-advisory, x_refsource_GENTOO
http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/18336 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18061 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18407 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18009 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17908 third-party-advisory, x_refsource_SECUNIA
http://www.ubuntulinux.org/usn/usn-227-1 vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/17897 third-party-advisory, x_refsource_SECUNIA
http://www.idefense.com/application/poi/display?id=342&type=vulnerabilities third-party-advisory, x_refsource_IDEFENSE
http://secunia.com/advisories/18517 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18582 third-party-advisory, x_refsource_SECUNIA
http://www.novell.com/linux/security/advisories/2006_02_sr.html vendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/18534 third-party-advisory, x_refsource_SECUNIA
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 vendor-advisory, x_refsource_SLACKWARE
http://www.trustix.org/errata/2005/0072/ vendor-advisory, x_refsource_TRUSTIX
http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html vendor-advisory, x_refsource_FEDORA
http://www.securityfocus.com/archive/1/418883/100/0/threaded mailing-list, x_refsource_BUGTRAQ
https://exchange.xforce.ibmcloud.com/vulnerabilities/23443 vdb-entry, x_refsource_XF
http://secunia.com/advisories/18908 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/25729 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2005/2786 vdb-entry, x_refsource_VUPEN
http://www.mandriva.com/security/advisories?name=MDKSA-2006:006 vendor-advisory, x_refsource_MANDRIVA
http://www.vupen.com/english/advisories/2005/2788 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/17926 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/19798 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:008 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/18191 third-party-advisory, x_refsource_SECUNIA
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U vendor-advisory, x_refsource_SGI
http://www.redhat.com/support/errata/RHSA-2006-0160.html vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/17912 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 vendor-advisory, x_refsource_MANDRAKE
http://secunia.com/advisories/17921 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-940 vendor-advisory, x_refsource_DEBIAN
http://www.mandriva.com/security/advisories?name=MDKSA-2006:004 vendor-advisory, x_refsource_MANDRIVA
http://www.vupen.com/english/advisories/2005/2790 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/18389 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18192 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2005/2856 vdb-entry, x_refsource_VUPEN
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 vendor-advisory, x_refsource_SLACKWARE
http://secunia.com/advisories/19377 third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/427990/100/0/threaded vendor-advisory, x_refsource_FEDORA
http://www.debian.org/security/2006/dsa-961 vendor-advisory, x_refsource_DEBIAN
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt vendor-advisory, x_refsource_SCO
http://secunia.com/advisories/18675 third-party-advisory, x_refsource_SECUNIA
http://securitytracker.com/id?1015324 vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/18913 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-938 vendor-advisory, x_refsource_DEBIAN
http://www.novell.com/linux/security/advisories/2005_29_sr.html vendor-advisory, x_refsource_SUSE
http://www.vupen.com/english/advisories/2005/2787 vdb-entry, x_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2005-878.html vendor-advisory, x_refsource_REDHAT
http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/17920 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2006/dsa-950 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/17955 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17976 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18387 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/18385 third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:01:58.841Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "234",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/234"
          },
          {
            "name": "17929",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17929"
          },
          {
            "name": "19797",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19797"
          },
          {
            "name": "SCOSA-2006.20",
            "tags": [
              "vendor-advisory",
              "x_refsource_SCO",
              "x_transferred"
            ],
            "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt"
          },
          {
            "name": "233",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/233"
          },
          {
            "name": "DSA-932",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-932"
          },
          {
            "name": "18349",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18349"
          },
          {
            "name": "18147",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18147"
          },
          {
            "name": "SCOSA-2006.15",
            "tags": [
              "vendor-advisory",
              "x_refsource_SCO",
              "x_transferred"
            ],
            "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
          },
          {
            "name": "18055",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18055"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kde.org/info/security/advisory-20051207-1.txt"
          },
          {
            "name": "18503",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18503"
          },
          {
            "name": "18549",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18549"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
          },
          {
            "name": "18679",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18679"
          },
          {
            "name": "18189",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18189"
          },
          {
            "name": "26413",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26413"
          },
          {
            "name": "17940",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17940"
          },
          {
            "name": "oval:org.mitre.oval:def:9760",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9760"
          },
          {
            "name": "xpdf-dctstream-baseline-bo(23444)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23444"
          },
          {
            "name": "18303",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18303"
          },
          {
            "name": "DSA-931",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-931"
          },
          {
            "name": "18554",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18554"
          },
          {
            "name": "MDKSA-2006:003",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289"
          },
          {
            "name": "19230",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19230"
          },
          {
            "name": "102972",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
          },
          {
            "name": "MDKSA-2006:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
          },
          {
            "name": "DSA-962",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-962"
          },
          {
            "name": "1015309",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015309"
          },
          {
            "name": "DSA-937",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-937"
          },
          {
            "name": "18398",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18398"
          },
          {
            "name": "FLSA-2006:176751",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
          },
          {
            "name": "SUSE-SA:2006:001",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
          },
          {
            "name": "DSA-936",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-936"
          },
          {
            "name": "17916",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17916"
          },
          {
            "name": "20051205 Multiple Vendor xpdf DCTStream Progressive Heap Overflow",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://www.idefense.com/application/poi/display?id=343\u0026type=vulnerabilities"
          },
          {
            "name": "RHSA-2005:840",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-840.html"
          },
          {
            "name": "ADV-2005-2789",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/2789"
          },
          {
            "name": "RHSA-2005:867",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-867.html"
          },
          {
            "name": "18674",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18674"
          },
          {
            "name": "MDKSA-2006:005",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
          },
          {
            "name": "18313",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18313"
          },
          {
            "name": "15727",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/15727"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1609"
          },
          {
            "name": "RHSA-2005:868",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2005-868.html"
          },
          {
            "name": "20051201-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
          },
          {
            "name": "20060101-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
          },
          {
            "name": "18448",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18448"
          },
          {
            "name": "18436",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18436"
          },
          {
            "name": "18428",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18428"
          },
          {
            "name": "18380",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18380"
          },
          {
            "name": "GLSA-200512-08",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml"
          },
          {
            "name": "FEDORA-2005-1126",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html"
          },
          {
            "name": "18416",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18416"
          },
          {
            "name": "ADV-2007-2280",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2280"
          },
          {
            "name": "15726",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/15726"
          },
          {
            "name": "GLSA-200601-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
          },
          {
            "name": "FEDORA-2005-1142",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html"
          },
          {
            "name": "18336",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18336"
          },
          {
            "name": "18061",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18061"
          },
          {
            "name": "18407",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18407"
          },
          {
            "name": "18009",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18009"
          },
          {
            "name": "17908",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17908"
          },
          {
            "name": "USN-227-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntulinux.org/usn/usn-227-1"
          },
          {
            "name": "17897",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17897"
          },
          {
            "name": "Multiple Vendor xpdf DCTStream Baseline Heap Overflow Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://www.idefense.com/application/poi/display?id=342\u0026type=vulnerabilities"
          },
          {
            "name": "18517",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18517"
          },
          {
            "name": "18582",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18582"
          },
          {
            "name": "SUSE-SR:2006:002",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2006_02_sr.html"
          },
          {
            "name": "18534",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18534"
          },
          {
            "name": "SSA:2006-045-09",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
          },
          {
            "name": "TSLSA-2005-0072",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2005/0072/"
          },
          {
            "name": "FEDORA-2005-1127",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html"
          },
          {
            "name": "20051207 [KDE Security Advisory] multiple buffer overflows in kpdf/koffice",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/418883/100/0/threaded"
          },
          {
            "name": "xpdf-dctstream-progressive-bo(23443)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23443"
          },
          {
            "name": "18908",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18908"
          },
          {
            "name": "25729",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25729"
          },
          {
            "name": "ADV-2005-2786",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/2786"
          },
          {
            "name": "MDKSA-2006:006",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
          },
          {
            "name": "ADV-2005-2788",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/2788"
          },
          {
            "name": "17926",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17926"
          },
          {
            "name": "19798",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19798"
          },
          {
            "name": "MDKSA-2006:008",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
          },
          {
            "name": "18191",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18191"
          },
          {
            "name": "20060201-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
          },
          {
            "name": "RHSA-2006:0160",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
          },
          {
            "name": "17912",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17912"
          },
          {
            "name": "MDKSA-2006:010",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
          },
          {
            "name": "17921",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17921"
          },
          {
            "name": "DSA-940",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-940"
          },
          {
            "name": "MDKSA-2006:004",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
          },
          {
            "name": "ADV-2005-2790",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/2790"
          },
          {
            "name": "18389",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18389"
          },
          {
            "name": "18192",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18192"
          },
          {
            "name": "ADV-2005-2856",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/2856"
          },
          {
            "name": "SSA:2006-045-04",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
          },
          {
            "name": "19377",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19377"
          },
          {
            "name": "FLSA:175404",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
          },
          {
            "name": "DSA-961",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-961"
          },
          {
            "name": "SCOSA-2006.21",
            "tags": [
              "vendor-advisory",
              "x_refsource_SCO",
              "x_transferred"
            ],
            "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt"
          },
          {
            "name": "18675",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18675"
          },
          {
            "name": "1015324",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015324"
          },
          {
            "name": "18913",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18913"
          },
          {
            "name": "DSA-938",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-938"
          },
          {
            "name": "SUSE-SR:2005:029",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2005_29_sr.html"
          },
          {
            "name": "ADV-2005-2787",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/2787"
          },
          {
            "name": "RHSA-2005:878",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-878.html"
          },
          {
            "name": "FEDORA-2005-1141",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html"
          },
          {
            "name": "17920",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17920"
          },
          {
            "name": "DSA-950",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-950"
          },
          {
            "name": "17955",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17955"
          },
          {
            "name": "17976",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17976"
          },
          {
            "name": "18387",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18387"
          },
          {
            "name": "MDKSA-2006:011",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
          },
          {
            "name": "18385",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18385"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-12-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KDE kpdf, (d) pdftohtml, (e) KOffice KWord, (f) CUPS, and (g) libextractor allow user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with an out-of-range number of components (numComps), which is used as an array index."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "234",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/234"
        },
        {
          "name": "17929",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17929"
        },
        {
          "name": "19797",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19797"
        },
        {
          "name": "SCOSA-2006.20",
          "tags": [
            "vendor-advisory",
            "x_refsource_SCO"
          ],
          "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt"
        },
        {
          "name": "233",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/233"
        },
        {
          "name": "DSA-932",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-932"
        },
        {
          "name": "18349",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18349"
        },
        {
          "name": "18147",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18147"
        },
        {
          "name": "SCOSA-2006.15",
          "tags": [
            "vendor-advisory",
            "x_refsource_SCO"
          ],
          "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
        },
        {
          "name": "18055",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18055"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kde.org/info/security/advisory-20051207-1.txt"
        },
        {
          "name": "18503",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18503"
        },
        {
          "name": "18549",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18549"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
        },
        {
          "name": "18679",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18679"
        },
        {
          "name": "18189",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18189"
        },
        {
          "name": "26413",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26413"
        },
        {
          "name": "17940",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17940"
        },
        {
          "name": "oval:org.mitre.oval:def:9760",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9760"
        },
        {
          "name": "xpdf-dctstream-baseline-bo(23444)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23444"
        },
        {
          "name": "18303",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18303"
        },
        {
          "name": "DSA-931",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-931"
        },
        {
          "name": "18554",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18554"
        },
        {
          "name": "MDKSA-2006:003",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289"
        },
        {
          "name": "19230",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19230"
        },
        {
          "name": "102972",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
        },
        {
          "name": "MDKSA-2006:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
        },
        {
          "name": "DSA-962",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-962"
        },
        {
          "name": "1015309",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015309"
        },
        {
          "name": "DSA-937",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-937"
        },
        {
          "name": "18398",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18398"
        },
        {
          "name": "FLSA-2006:176751",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
        },
        {
          "name": "SUSE-SA:2006:001",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
        },
        {
          "name": "DSA-936",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-936"
        },
        {
          "name": "17916",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17916"
        },
        {
          "name": "20051205 Multiple Vendor xpdf DCTStream Progressive Heap Overflow",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://www.idefense.com/application/poi/display?id=343\u0026type=vulnerabilities"
        },
        {
          "name": "RHSA-2005:840",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-840.html"
        },
        {
          "name": "ADV-2005-2789",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/2789"
        },
        {
          "name": "RHSA-2005:867",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-867.html"
        },
        {
          "name": "18674",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18674"
        },
        {
          "name": "MDKSA-2006:005",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
        },
        {
          "name": "18313",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18313"
        },
        {
          "name": "15727",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/15727"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1609"
        },
        {
          "name": "RHSA-2005:868",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2005-868.html"
        },
        {
          "name": "20051201-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
        },
        {
          "name": "20060101-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
        },
        {
          "name": "18448",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18448"
        },
        {
          "name": "18436",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18436"
        },
        {
          "name": "18428",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18428"
        },
        {
          "name": "18380",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18380"
        },
        {
          "name": "GLSA-200512-08",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml"
        },
        {
          "name": "FEDORA-2005-1126",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html"
        },
        {
          "name": "18416",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18416"
        },
        {
          "name": "ADV-2007-2280",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2280"
        },
        {
          "name": "15726",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/15726"
        },
        {
          "name": "GLSA-200601-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
        },
        {
          "name": "FEDORA-2005-1142",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html"
        },
        {
          "name": "18336",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18336"
        },
        {
          "name": "18061",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18061"
        },
        {
          "name": "18407",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18407"
        },
        {
          "name": "18009",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18009"
        },
        {
          "name": "17908",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17908"
        },
        {
          "name": "USN-227-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntulinux.org/usn/usn-227-1"
        },
        {
          "name": "17897",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17897"
        },
        {
          "name": "Multiple Vendor xpdf DCTStream Baseline Heap Overflow Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://www.idefense.com/application/poi/display?id=342\u0026type=vulnerabilities"
        },
        {
          "name": "18517",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18517"
        },
        {
          "name": "18582",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18582"
        },
        {
          "name": "SUSE-SR:2006:002",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2006_02_sr.html"
        },
        {
          "name": "18534",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18534"
        },
        {
          "name": "SSA:2006-045-09",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
        },
        {
          "name": "TSLSA-2005-0072",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2005/0072/"
        },
        {
          "name": "FEDORA-2005-1127",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html"
        },
        {
          "name": "20051207 [KDE Security Advisory] multiple buffer overflows in kpdf/koffice",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/418883/100/0/threaded"
        },
        {
          "name": "xpdf-dctstream-progressive-bo(23443)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23443"
        },
        {
          "name": "18908",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18908"
        },
        {
          "name": "25729",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25729"
        },
        {
          "name": "ADV-2005-2786",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/2786"
        },
        {
          "name": "MDKSA-2006:006",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
        },
        {
          "name": "ADV-2005-2788",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/2788"
        },
        {
          "name": "17926",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17926"
        },
        {
          "name": "19798",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19798"
        },
        {
          "name": "MDKSA-2006:008",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
        },
        {
          "name": "18191",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18191"
        },
        {
          "name": "20060201-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
        },
        {
          "name": "RHSA-2006:0160",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
        },
        {
          "name": "17912",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17912"
        },
        {
          "name": "MDKSA-2006:010",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
        },
        {
          "name": "17921",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17921"
        },
        {
          "name": "DSA-940",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-940"
        },
        {
          "name": "MDKSA-2006:004",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
        },
        {
          "name": "ADV-2005-2790",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/2790"
        },
        {
          "name": "18389",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18389"
        },
        {
          "name": "18192",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18192"
        },
        {
          "name": "ADV-2005-2856",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/2856"
        },
        {
          "name": "SSA:2006-045-04",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
        },
        {
          "name": "19377",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19377"
        },
        {
          "name": "FLSA:175404",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
        },
        {
          "name": "DSA-961",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-961"
        },
        {
          "name": "SCOSA-2006.21",
          "tags": [
            "vendor-advisory",
            "x_refsource_SCO"
          ],
          "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt"
        },
        {
          "name": "18675",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18675"
        },
        {
          "name": "1015324",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015324"
        },
        {
          "name": "18913",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18913"
        },
        {
          "name": "DSA-938",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-938"
        },
        {
          "name": "SUSE-SR:2005:029",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2005_29_sr.html"
        },
        {
          "name": "ADV-2005-2787",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/2787"
        },
        {
          "name": "RHSA-2005:878",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-878.html"
        },
        {
          "name": "FEDORA-2005-1141",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html"
        },
        {
          "name": "17920",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17920"
        },
        {
          "name": "DSA-950",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-950"
        },
        {
          "name": "17955",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17955"
        },
        {
          "name": "17976",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17976"
        },
        {
          "name": "18387",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18387"
        },
        {
          "name": "MDKSA-2006:011",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
        },
        {
          "name": "18385",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18385"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-3191",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KDE kpdf, (d) pdftohtml, (e) KOffice KWord, (f) CUPS, and (g) libextractor allow user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with an out-of-range number of components (numComps), which is used as an array index."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "234",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/234"
            },
            {
              "name": "17929",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17929"
            },
            {
              "name": "19797",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19797"
            },
            {
              "name": "SCOSA-2006.20",
              "refsource": "SCO",
              "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt"
            },
            {
              "name": "233",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/233"
            },
            {
              "name": "DSA-932",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-932"
            },
            {
              "name": "18349",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18349"
            },
            {
              "name": "18147",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18147"
            },
            {
              "name": "SCOSA-2006.15",
              "refsource": "SCO",
              "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
            },
            {
              "name": "18055",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18055"
            },
            {
              "name": "http://www.kde.org/info/security/advisory-20051207-1.txt",
              "refsource": "CONFIRM",
              "url": "http://www.kde.org/info/security/advisory-20051207-1.txt"
            },
            {
              "name": "18503",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18503"
            },
            {
              "name": "18549",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18549"
            },
            {
              "name": "http://www.kde.org/info/security/advisory-20051207-2.txt",
              "refsource": "CONFIRM",
              "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
            },
            {
              "name": "18679",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18679"
            },
            {
              "name": "18189",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18189"
            },
            {
              "name": "26413",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26413"
            },
            {
              "name": "17940",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17940"
            },
            {
              "name": "oval:org.mitre.oval:def:9760",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9760"
            },
            {
              "name": "xpdf-dctstream-baseline-bo(23444)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23444"
            },
            {
              "name": "18303",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18303"
            },
            {
              "name": "DSA-931",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-931"
            },
            {
              "name": "18554",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18554"
            },
            {
              "name": "MDKSA-2006:003",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
            },
            {
              "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289",
              "refsource": "MISC",
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289"
            },
            {
              "name": "19230",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19230"
            },
            {
              "name": "102972",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
            },
            {
              "name": "MDKSA-2006:012",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
            },
            {
              "name": "DSA-962",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-962"
            },
            {
              "name": "1015309",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015309"
            },
            {
              "name": "DSA-937",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-937"
            },
            {
              "name": "18398",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18398"
            },
            {
              "name": "FLSA-2006:176751",
              "refsource": "FEDORA",
              "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
            },
            {
              "name": "SUSE-SA:2006:001",
              "refsource": "SUSE",
              "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
            },
            {
              "name": "DSA-936",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-936"
            },
            {
              "name": "17916",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17916"
            },
            {
              "name": "20051205 Multiple Vendor xpdf DCTStream Progressive Heap Overflow",
              "refsource": "IDEFENSE",
              "url": "http://www.idefense.com/application/poi/display?id=343\u0026type=vulnerabilities"
            },
            {
              "name": "RHSA-2005:840",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-840.html"
            },
            {
              "name": "ADV-2005-2789",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2005/2789"
            },
            {
              "name": "RHSA-2005:867",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-867.html"
            },
            {
              "name": "18674",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18674"
            },
            {
              "name": "MDKSA-2006:005",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
            },
            {
              "name": "18313",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18313"
            },
            {
              "name": "15727",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/15727"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1609",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-1609"
            },
            {
              "name": "RHSA-2005:868",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2005-868.html"
            },
            {
              "name": "20051201-01-U",
              "refsource": "SGI",
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
            },
            {
              "name": "20060101-01-U",
              "refsource": "SGI",
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
            },
            {
              "name": "18448",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18448"
            },
            {
              "name": "18436",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18436"
            },
            {
              "name": "18428",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18428"
            },
            {
              "name": "18380",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18380"
            },
            {
              "name": "GLSA-200512-08",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml"
            },
            {
              "name": "FEDORA-2005-1126",
              "refsource": "FEDORA",
              "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html"
            },
            {
              "name": "18416",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18416"
            },
            {
              "name": "ADV-2007-2280",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2280"
            },
            {
              "name": "15726",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/15726"
            },
            {
              "name": "GLSA-200601-02",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
            },
            {
              "name": "FEDORA-2005-1142",
              "refsource": "FEDORA",
              "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html"
            },
            {
              "name": "18336",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18336"
            },
            {
              "name": "18061",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18061"
            },
            {
              "name": "18407",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18407"
            },
            {
              "name": "18009",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18009"
            },
            {
              "name": "17908",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17908"
            },
            {
              "name": "USN-227-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntulinux.org/usn/usn-227-1"
            },
            {
              "name": "17897",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17897"
            },
            {
              "name": "Multiple Vendor xpdf DCTStream Baseline Heap Overflow Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://www.idefense.com/application/poi/display?id=342\u0026type=vulnerabilities"
            },
            {
              "name": "18517",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18517"
            },
            {
              "name": "18582",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18582"
            },
            {
              "name": "SUSE-SR:2006:002",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2006_02_sr.html"
            },
            {
              "name": "18534",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18534"
            },
            {
              "name": "SSA:2006-045-09",
              "refsource": "SLACKWARE",
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
            },
            {
              "name": "TSLSA-2005-0072",
              "refsource": "TRUSTIX",
              "url": "http://www.trustix.org/errata/2005/0072/"
            },
            {
              "name": "FEDORA-2005-1127",
              "refsource": "FEDORA",
              "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html"
            },
            {
              "name": "20051207 [KDE Security Advisory] multiple buffer overflows in kpdf/koffice",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/418883/100/0/threaded"
            },
            {
              "name": "xpdf-dctstream-progressive-bo(23443)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23443"
            },
            {
              "name": "18908",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18908"
            },
            {
              "name": "25729",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25729"
            },
            {
              "name": "ADV-2005-2786",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2005/2786"
            },
            {
              "name": "MDKSA-2006:006",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
            },
            {
              "name": "ADV-2005-2788",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2005/2788"
            },
            {
              "name": "17926",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17926"
            },
            {
              "name": "19798",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19798"
            },
            {
              "name": "MDKSA-2006:008",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
            },
            {
              "name": "18191",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18191"
            },
            {
              "name": "20060201-01-U",
              "refsource": "SGI",
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
            },
            {
              "name": "RHSA-2006:0160",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
            },
            {
              "name": "17912",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17912"
            },
            {
              "name": "MDKSA-2006:010",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
            },
            {
              "name": "17921",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17921"
            },
            {
              "name": "DSA-940",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-940"
            },
            {
              "name": "MDKSA-2006:004",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
            },
            {
              "name": "ADV-2005-2790",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2005/2790"
            },
            {
              "name": "18389",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18389"
            },
            {
              "name": "18192",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18192"
            },
            {
              "name": "ADV-2005-2856",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2005/2856"
            },
            {
              "name": "SSA:2006-045-04",
              "refsource": "SLACKWARE",
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
            },
            {
              "name": "19377",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19377"
            },
            {
              "name": "FLSA:175404",
              "refsource": "FEDORA",
              "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
            },
            {
              "name": "DSA-961",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-961"
            },
            {
              "name": "SCOSA-2006.21",
              "refsource": "SCO",
              "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt"
            },
            {
              "name": "18675",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18675"
            },
            {
              "name": "1015324",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015324"
            },
            {
              "name": "18913",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18913"
            },
            {
              "name": "DSA-938",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-938"
            },
            {
              "name": "SUSE-SR:2005:029",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2005_29_sr.html"
            },
            {
              "name": "ADV-2005-2787",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2005/2787"
            },
            {
              "name": "RHSA-2005:878",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-878.html"
            },
            {
              "name": "FEDORA-2005-1141",
              "refsource": "FEDORA",
              "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html"
            },
            {
              "name": "17920",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17920"
            },
            {
              "name": "DSA-950",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-950"
            },
            {
              "name": "17955",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17955"
            },
            {
              "name": "17976",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17976"
            },
            {
              "name": "18387",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18387"
            },
            {
              "name": "MDKSA-2006:011",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
            },
            {
              "name": "18385",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18385"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-3191",
    "datePublished": "2005-12-07T01:00:00",
    "dateReserved": "2005-10-14T00:00:00",
    "dateUpdated": "2024-08-07T23:01:58.841Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd
Published
2005-04-27 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
References
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2005:041
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2005:042
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2005:043
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2005:044
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2005:052
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2005:056
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-034.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-053.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-057.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-132.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-213.htmlPatch, Vendor Advisory
cve@mitre.orghttp://www.securityfocus.com/bid/11501Patch, Vendor Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/17818
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2005:041
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2005:042
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2005:043
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2005:044
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2005:052
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2005:056
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-034.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-053.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-057.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-132.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-213.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/11501Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/17818
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107
Impacted products
Vendor Product Version
ascii ptex 3.1.4
cstex cstetex 2.0.2
easy_software_products cups 1.0.4
easy_software_products cups 1.0.4_8
easy_software_products cups 1.1.1
easy_software_products cups 1.1.4
easy_software_products cups 1.1.4_2
easy_software_products cups 1.1.4_3
easy_software_products cups 1.1.4_5
easy_software_products cups 1.1.6
easy_software_products cups 1.1.7
easy_software_products cups 1.1.10
easy_software_products cups 1.1.12
easy_software_products cups 1.1.13
easy_software_products cups 1.1.14
easy_software_products cups 1.1.15
easy_software_products cups 1.1.16
easy_software_products cups 1.1.17
easy_software_products cups 1.1.18
easy_software_products cups 1.1.19
easy_software_products cups 1.1.19_rc5
easy_software_products cups 1.1.20
gnome gpdf 0.110
gnome gpdf 0.112
gnome gpdf 0.131
kde koffice 1.3
kde koffice 1.3.1
kde koffice 1.3.2
kde koffice 1.3.3
kde koffice 1.3_beta1
kde koffice 1.3_beta2
kde koffice 1.3_beta3
kde kpdf 3.2
pdftohtml pdftohtml 0.32a
pdftohtml pdftohtml 0.32b
pdftohtml pdftohtml 0.33
pdftohtml pdftohtml 0.33a
pdftohtml pdftohtml 0.34
pdftohtml pdftohtml 0.35
pdftohtml pdftohtml 0.36
sgi propack 3.0
tetex tetex 1.0.6
tetex tetex 1.0.7
tetex tetex 2.0
tetex tetex 2.0.1
tetex tetex 2.0.2
xpdf xpdf 0.90
xpdf xpdf 0.91
xpdf xpdf 0.92
xpdf xpdf 0.93
xpdf xpdf 1.0
xpdf xpdf 1.0a
xpdf xpdf 1.1
xpdf xpdf 2.0
xpdf xpdf 2.1
xpdf xpdf 2.3
xpdf xpdf 3.0
sgi advanced_linux_environment 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
gentoo linux *
kde kde 3.2
kde kde 3.2.1
kde kde 3.2.2
kde kde 3.2.3
kde kde 3.3
kde kde 3.3.1
mandrakesoft mandrake_linux_corporate_server 3.0
mandrakesoft mandrake_linux_corporate_server 3.0
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 3.0
redhat enterprise_linux 3.0
redhat enterprise_linux 3.0
redhat enterprise_linux_desktop 3.0
redhat fedora_core core_1.0
redhat fedora_core core_2.0
redhat fedora_core core_3.0
redhat linux 9.0
redhat linux_advanced_workstation 2.1
redhat linux_advanced_workstation 2.1
suse suse_linux 1.0
suse suse_linux 2.0
suse suse_linux 3.0
suse suse_linux 4.0
suse suse_linux 4.2
suse suse_linux 4.3
suse suse_linux 4.4
suse suse_linux 4.4.1
suse suse_linux 5.0
suse suse_linux 5.1
suse suse_linux 5.2
suse suse_linux 5.3
suse suse_linux 6.0
suse suse_linux 6.1
suse suse_linux 6.1
suse suse_linux 6.2
suse suse_linux 6.3
suse suse_linux 6.3
suse suse_linux 6.3
suse suse_linux 6.4
suse suse_linux 6.4
suse suse_linux 6.4
suse suse_linux 6.4
suse suse_linux 7.0
suse suse_linux 7.0
suse suse_linux 7.0
suse suse_linux 7.0
suse suse_linux 7.0
suse suse_linux 7.1
suse suse_linux 7.1
suse suse_linux 7.1
suse suse_linux 7.1
suse suse_linux 7.1
suse suse_linux 7.2
suse suse_linux 7.2
suse suse_linux 7.3
suse suse_linux 7.3
suse suse_linux 7.3
suse suse_linux 7.3
suse suse_linux 8.0
suse suse_linux 8.0
suse suse_linux 8.1
suse suse_linux 8.2
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.1
suse suse_linux 9.1
suse suse_linux 9.2
suse suse_linux 9.2
ubuntu ubuntu_linux 4.1
ubuntu ubuntu_linux 4.1



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ascii:ptex:3.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AE020D3-0F38-4F53-AFB7-B4E98EAC659F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cstex:cstetex:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E16058D9-AC8B-4A7C-865F-93B476348363",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "68BD578F-CCAD-4515-9205-EB4F297C6DB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4_8:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3182CA2-7375-43BC-A0E5-DE11D4B65EE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCF4C8D0-3030-4DD5-800B-76A582A4CD0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "734D0C2C-F71F-461A-87EE-202C6B706753",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F0F402D-5CD0-4477-8B59-C753CECB02BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_3:*:*:*:*:*:*:*",
              "matchCriteriaId": "959F7AFA-ED20-434C-993F-06C2A8574662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4F5A0A4-2884-46CA-A846-8B954EB80CFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1741CC9D-C4A8-48F9-86CF-EC20AE2A6BE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "35E65857-12C7-49DE-AD27-3CACD456231C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "47CEF035-57A6-470B-916A-E5562C28E866",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E26BB15-4CF8-4496-A7F7-EB34C444EF72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "D414984E-4F6B-4278-8346-968587E4B18E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "33C36DCB-2FDD-44E6-85E8-875575AAE69E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C4B7C23-0C54-4FBA-A774-9CC1E148376E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FA0EF14-33E6-4D44-B86E-F04014EA3C8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5428EE6-F90A-4BB6-9D8C-8B99E80AB6DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "A786A770-919E-4E23-949D-D836F316618A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "00A2249C-73DE-434E-A41F-4EDB0ADC0845",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19_rc5:*:*:*:*:*:*:*",
              "matchCriteriaId": "73AB4D3D-FF35-4A50-A144-3AD41F6F2E55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB7653F1-70E2-423F-A6A9-30333644B506",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnome:gpdf:0.110:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CB6AE42-D493-43E5-A97C-76C8450E5881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnome:gpdf:0.112:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E70576E-C253-4F8B-A93E-14CC2EE7114D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnome:gpdf:0.131:*:*:*:*:*:*:*",
              "matchCriteriaId": "832C5512-B473-40E8-BF4F-EC6ABFE46749",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "053435DD-BFDF-4C39-9919-11C42D569085",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9BB1A3C-3348-4545-A513-E504B33F72AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD45E2C8-0B0E-484F-8050-94BF77798183",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EAA654E-9DD4-4614-92D7-EF4D676B3A18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3_beta1:*:*:*:*:*:*:*",
              "matchCriteriaId": "89C96FC9-40DB-467D-A701-49F97A1B887D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3_beta2:*:*:*:*:*:*:*",
              "matchCriteriaId": "76128BDC-2CA7-4AE7-8C4F-BCB3835CA938",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3_beta3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B2517C7-27EF-4961-91C3-CA33219AFF2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.32a:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE346726-71D6-438B-B600-A7E107332816",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.32b:*:*:*:*:*:*:*",
              "matchCriteriaId": "87E85020-B4DB-4011-BDD0-1C8967D45A84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8189A9AB-F685-40E2-944F-8BD3DD6FA0A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.33a:*:*:*:*:*:*:*",
              "matchCriteriaId": "C33B8585-FA5F-4210-A997-615BCEE1726F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4AE4C34-C497-426F-AC0D-1805A50582EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2989EFF-07B9-4EF2-B6C1-59E4F52FDC92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3970101-5E83-49FD-BCB6-D9176D46B5A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "739A56F5-B19A-4B92-B9CB-04ECE4FFE204",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CC6233-E207-40CC-81FF-A8670EEA4295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "64DD9B5C-3DB8-4E15-B4A6-541E4E221C1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.92:*:*:*:*:*:*:*",
              "matchCriteriaId": "0304E1E3-8766-40D0-8879-A652B4E9E72D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.93:*:*:*:*:*:*:*",
              "matchCriteriaId": "188F1343-8082-4B54-8DA4-E344818ABD52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B95DA7DE-B786-4EE7-A3F4-C077A7986D5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:1.0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5306C05-4A71-4175-8C22-F2DE0F2FE4C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B9DEF16-ECD5-4BBE-8986-52A6171B3D9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFDBEEC-B2C1-47F0-82D3-FC9147B590A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "354487CF-0086-4AE2-872B-0032E3EB89EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1169B802-7279-437F-AF59-621A67DC92EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:advanced_linux_environment:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A05AC3EE-6292-4ECC-9680-048A12FCE723",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
              "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
              "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "82F69843-978D-4686-BC5B-1D09DA4A21BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "81E19472-47B4-4398-A188-CA5A5D3E7060",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
              "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*",
              "matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "DB89C970-DE94-4E09-A90A-077DB83AD156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
              "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "111575DE-98A2-4C54-BDE1-CACC74D22B35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1976D15D-9EE6-4A49-B59F-34F0505FD5BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "962FC8D7-BE5D-4E7D-9ADC-511681C593BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "451453AC-65FF-4E3B-9AC1-2DDB2E2182E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7716120D-5110-42B0-A574-9AA2AC8D3C32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB4C8426-CAF2-4366-94C0-1BA1C544FB6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:4.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CC7D746-B98B-4FAF-B816-57222759A344",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "830D48B8-D21D-4D31-99A1-20C231804DBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C0BBDD2-9FF9-4CB7-BCAF-D4AF15DC2C7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1C826AA-6E2F-4DAC-A7A2-9F47729B5DA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCC94EF9-5872-402F-B2FC-06331A924BB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F163E145-09F7-4BE2-9B46-5B6713070BAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.1:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "C7F08806-9458-439A-8EAE-2553122262ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B67020A-6942-4478-B501-764147C4970D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E74E0A28-7C78-4160-8BCF-99605285C0EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.3:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "76159C25-0760-47CB-AFCE-28306CDEA830",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:i386:*:*:*:*:*",
              "matchCriteriaId": "8A206E1C-C2EC-4356-8777-B18D7069A4C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "6E2FE291-1142-4627-A497-C0BB0D934A0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.4:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "49BC7C7E-046C-4186-822E-9F3A2AD3577B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "2FE69F6F-6B17-4C87-ACA4-A2A1FB47206A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "467A30EB-CB8F-4928-AC8F-F659084A9E2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "714C1439-AB8E-4A8B-A783-D60E9DDC38D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.0:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "62CAE5B0-4D46-4A93-A343-C8E9CB574C62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "819868A7-EB1E-4CA9-8D71-72F194E5EFEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:spa:*:*:*:*:*",
              "matchCriteriaId": "FB647A8B-ADB9-402B-96E1-45321C75731B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "0944FD27-736E-4B55-8D96-9F2CA9BB9B05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:x86:*:*:*:*:*",
              "matchCriteriaId": "373BB5AC-1F38-4D0A-97DC-08E9654403EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.1:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "B5E71DA3-F4A0-46AF-92A2-E691C7A65528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0519FF7D-363E-4530-9E63-6EA3E88432DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:i386:*:*:*:*:*",
              "matchCriteriaId": "1975A2DD-EB22-4ED3-8719-F78AA7F414B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAE3FF4F-646F-4E05-A08A-C9399DEF60F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:i386:*:*:*:*:*",
              "matchCriteriaId": "19F606EE-530F-4C06-82DB-52035EE03FA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "A0E896D5-0005-4E7E-895D-B202AFCE09A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "5A8B313F-93C7-4558-9571-DE1111487E17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities."
    },
    {
      "lang": "es",
      "value": "El parche para corregir las vulnerabilidades de desbordamiento de entero en Xpdf 2.0 y 3.0 (CAN-2004-0888) es incompleto para arquitecturas de 64 bits en ciertas distribuciones de Linux como Red Hat, lo que podr\u00eda dejar a los usuarios de Xpdf expuestos a las vulnerabilidades originales."
    }
  ],
  "id": "CVE-2005-0206",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-04-27T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-132.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-213.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/11501"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-132.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-213.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/11501"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2007-11-08 02:46
Modified
2025-04-09 00:30
Severity ?
Summary
Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter.
References
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/26503
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27260Patch, Vendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27553Vendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27573Vendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27574
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27575Vendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27577Vendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27578Vendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27579Vendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27599
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27615
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27618
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27619
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27632
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27634
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27636
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27637
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27640
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27641
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27642
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27645
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27656
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27658
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27705
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27718
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27721
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27724
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27743
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27772
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27856
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/28043
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/28812
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/29104
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/29604
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/30168
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/secunia_research/2007-88/advisory/Vendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://security.gentoo.org/glsa/glsa-200711-22.xml
PSIRT-CNA@flexerasoftware.comhttp://security.gentoo.org/glsa/glsa-200711-34.xml
PSIRT-CNA@flexerasoftware.comhttp://security.gentoo.org/glsa/glsa-200805-13.xml
PSIRT-CNA@flexerasoftware.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882
PSIRT-CNA@flexerasoftware.comhttp://support.avaya.com/elmodocs2/security/ASA-2007-476.htm
PSIRT-CNA@flexerasoftware.comhttp://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html
PSIRT-CNA@flexerasoftware.comhttp://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html
PSIRT-CNA@flexerasoftware.comhttp://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html
PSIRT-CNA@flexerasoftware.comhttp://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html
PSIRT-CNA@flexerasoftware.comhttp://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html
PSIRT-CNA@flexerasoftware.comhttp://www.debian.org/security/2007/dsa-1408
PSIRT-CNA@flexerasoftware.comhttp://www.debian.org/security/2008/dsa-1480
PSIRT-CNA@flexerasoftware.comhttp://www.debian.org/security/2008/dsa-1509
PSIRT-CNA@flexerasoftware.comhttp://www.debian.org/security/2008/dsa-1537
PSIRT-CNA@flexerasoftware.comhttp://www.kde.org/info/security/advisory-20071107-1.txt
PSIRT-CNA@flexerasoftware.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:219
PSIRT-CNA@flexerasoftware.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:220
PSIRT-CNA@flexerasoftware.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:221
PSIRT-CNA@flexerasoftware.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:222
PSIRT-CNA@flexerasoftware.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:223
PSIRT-CNA@flexerasoftware.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:227
PSIRT-CNA@flexerasoftware.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:228
PSIRT-CNA@flexerasoftware.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:230
PSIRT-CNA@flexerasoftware.comhttp://www.novell.com/linux/security/advisories/2007_60_pdf.html
PSIRT-CNA@flexerasoftware.comhttp://www.redhat.com/support/errata/RHSA-2007-1021.htmlVendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://www.redhat.com/support/errata/RHSA-2007-1022.htmlVendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://www.redhat.com/support/errata/RHSA-2007-1023.htmlVendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://www.redhat.com/support/errata/RHSA-2007-1024.htmlVendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://www.redhat.com/support/errata/RHSA-2007-1025.html
PSIRT-CNA@flexerasoftware.comhttp://www.redhat.com/support/errata/RHSA-2007-1026.htmlVendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://www.redhat.com/support/errata/RHSA-2007-1027.html
PSIRT-CNA@flexerasoftware.comhttp://www.redhat.com/support/errata/RHSA-2007-1028.htmlVendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://www.redhat.com/support/errata/RHSA-2007-1029.htmlVendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://www.redhat.com/support/errata/RHSA-2007-1030.htmlVendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://www.redhat.com/support/errata/RHSA-2007-1031.htmlVendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://www.redhat.com/support/errata/RHSA-2007-1051.htmlVendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://www.securityfocus.com/archive/1/483372
PSIRT-CNA@flexerasoftware.comhttp://www.securityfocus.com/bid/26367
PSIRT-CNA@flexerasoftware.comhttp://www.securitytracker.com/id?1018905
PSIRT-CNA@flexerasoftware.comhttp://www.ubuntu.com/usn/usn-542-1
PSIRT-CNA@flexerasoftware.comhttp://www.ubuntu.com/usn/usn-542-2
PSIRT-CNA@flexerasoftware.comhttp://www.vupen.com/english/advisories/2007/3774
PSIRT-CNA@flexerasoftware.comhttp://www.vupen.com/english/advisories/2007/3775
PSIRT-CNA@flexerasoftware.comhttp://www.vupen.com/english/advisories/2007/3776
PSIRT-CNA@flexerasoftware.comhttp://www.vupen.com/english/advisories/2007/3779
PSIRT-CNA@flexerasoftware.comhttp://www.vupen.com/english/advisories/2007/3786
PSIRT-CNA@flexerasoftware.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/38304
PSIRT-CNA@flexerasoftware.comhttps://issues.rpath.com/browse/RPL-1926
PSIRT-CNA@flexerasoftware.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9839
PSIRT-CNA@flexerasoftware.comhttps://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html
PSIRT-CNA@flexerasoftware.comhttps://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html
PSIRT-CNA@flexerasoftware.comhttps://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html
PSIRT-CNA@flexerasoftware.comhttps://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html
PSIRT-CNA@flexerasoftware.comhttps://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html
PSIRT-CNA@flexerasoftware.comhttps://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/26503
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27260Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27553Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27573Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27574
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27575Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27577Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27578Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27579Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27599
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27615
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27618
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27619
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27632
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27634
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27636
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27637
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27640
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27641
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27642
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27645
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27656
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27658
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27705
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27718
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27721
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27724
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27743
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27772
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27856
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28043
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28812
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29104
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29604
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30168
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/secunia_research/2007-88/advisory/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200711-22.xml
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200711-34.xml
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200805-13.xml
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882
af854a3a-2127-422b-91ae-364da2661108http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm
af854a3a-2127-422b-91ae-364da2661108http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html
af854a3a-2127-422b-91ae-364da2661108http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html
af854a3a-2127-422b-91ae-364da2661108http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html
af854a3a-2127-422b-91ae-364da2661108http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html
af854a3a-2127-422b-91ae-364da2661108http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2007/dsa-1408
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1480
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1509
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1537
af854a3a-2127-422b-91ae-364da2661108http://www.kde.org/info/security/advisory-20071107-1.txt
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:219
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:220
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:221
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:222
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:223
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:227
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:228
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:230
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2007_60_pdf.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-1021.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-1022.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-1023.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-1024.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-1025.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-1026.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-1027.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-1028.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-1029.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-1030.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-1031.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-1051.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/483372
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/26367
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1018905
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-542-1
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-542-2
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/3774
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/3775
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/3776
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/3779
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/3786
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/38304
af854a3a-2127-422b-91ae-364da2661108https://issues.rpath.com/browse/RPL-1926
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9839
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html
Impacted products
Vendor Product Version
xpdf xpdf 3.02p11



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.02p11:*:*:*:*:*:*:*",
              "matchCriteriaId": "45863F75-92B6-4FF8-864C-23184905A877",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en el m\u00e9todo CCITTFaxStream::lookChar en el archivo xpdf/Stream.cc en Xpdf versi\u00f3n 3.02p11, permite a atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo PDF que contiene un filtro CCITTFaxDecode dise\u00f1ado."
    }
  ],
  "id": "CVE-2007-5393",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-11-08T02:46:00.000",
  "references": [
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/26503"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27260"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27553"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27573"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27574"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27575"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27577"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27578"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27579"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27599"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27615"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27618"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27619"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27632"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27634"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27636"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27637"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27640"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27641"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27642"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27645"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27656"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27658"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27705"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27718"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27721"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27724"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27743"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27772"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27856"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/28043"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/28812"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/29104"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/29604"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/30168"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2007-88/advisory/"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://security.gentoo.org/glsa/glsa-200711-22.xml"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.761882"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.debian.org/security/2007/dsa-1408"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.debian.org/security/2008/dsa-1480"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.debian.org/security/2008/dsa-1509"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.debian.org/security/2008/dsa-1537"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.kde.org/info/security/advisory-20071107-1.txt"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:219"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:220"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:221"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:222"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:223"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:227"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:228"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.novell.com/linux/security/advisories/2007_60_pdf.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1021.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1023.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1024.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1025.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1026.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1028.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1029.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1031.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1051.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/archive/1/483372"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/bid/26367"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securitytracker.com/id?1018905"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.ubuntu.com/usn/usn-542-1"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.ubuntu.com/usn/usn-542-2"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2007/3774"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2007/3775"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2007/3776"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2007/3779"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2007/3786"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38304"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://issues.rpath.com/browse/RPL-1926"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9839"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26503"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27260"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27553"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27573"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27574"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27575"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27577"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27578"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27579"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27599"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27615"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27618"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27619"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27632"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27634"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27636"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27637"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27640"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27641"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27642"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27645"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27656"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27658"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27705"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27718"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27721"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27724"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27743"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27772"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27856"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/28043"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/28812"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29104"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29604"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30168"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2007-88/advisory/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200711-22.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.761882"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2007/dsa-1408"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1480"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1509"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1537"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.kde.org/info/security/advisory-20071107-1.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:219"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:220"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:221"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:222"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:223"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:227"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:228"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2007_60_pdf.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1021.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1023.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1024.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1025.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1026.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1028.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1029.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1031.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1051.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/483372"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/26367"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1018905"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-542-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-542-2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3774"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3775"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3776"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3779"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3786"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38304"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-1926"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9839"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html"
    }
  ],
  "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2007-11-08 02:46
Modified
2025-04-09 00:30
Severity ?
Summary
Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file.
References
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/26503
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27260Patch, Vendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27553
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27573
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27574
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27575
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27577
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27578
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27599
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27615
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27618
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27619
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27632
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27634
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27636
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27637
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27640
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27641
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27642
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27645
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27656
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27658
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27705
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27721
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27724
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27743
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27856
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/28043
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/28812
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/29104
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/29604
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/30168
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/secunia_research/2007-88/advisory/Vendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://security.gentoo.org/glsa/glsa-200711-22.xml
PSIRT-CNA@flexerasoftware.comhttp://security.gentoo.org/glsa/glsa-200711-34.xml
PSIRT-CNA@flexerasoftware.comhttp://security.gentoo.org/glsa/glsa-200805-13.xml
PSIRT-CNA@flexerasoftware.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882
PSIRT-CNA@flexerasoftware.comhttp://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html
PSIRT-CNA@flexerasoftware.comhttp://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html
PSIRT-CNA@flexerasoftware.comhttp://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html
PSIRT-CNA@flexerasoftware.comhttp://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html
PSIRT-CNA@flexerasoftware.comhttp://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html
PSIRT-CNA@flexerasoftware.comhttp://www.debian.org/security/2008/dsa-1480
PSIRT-CNA@flexerasoftware.comhttp://www.debian.org/security/2008/dsa-1509
PSIRT-CNA@flexerasoftware.comhttp://www.debian.org/security/2008/dsa-1537
PSIRT-CNA@flexerasoftware.comhttp://www.kde.org/info/security/advisory-20071107-1.txt
PSIRT-CNA@flexerasoftware.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:219
PSIRT-CNA@flexerasoftware.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:220
PSIRT-CNA@flexerasoftware.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:221
PSIRT-CNA@flexerasoftware.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:222
PSIRT-CNA@flexerasoftware.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:223
PSIRT-CNA@flexerasoftware.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:227
PSIRT-CNA@flexerasoftware.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:228
PSIRT-CNA@flexerasoftware.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:230
PSIRT-CNA@flexerasoftware.comhttp://www.novell.com/linux/security/advisories/2007_60_pdf.html
PSIRT-CNA@flexerasoftware.comhttp://www.redhat.com/support/errata/RHSA-2007-1021.html
PSIRT-CNA@flexerasoftware.comhttp://www.redhat.com/support/errata/RHSA-2007-1022.html
PSIRT-CNA@flexerasoftware.comhttp://www.redhat.com/support/errata/RHSA-2007-1024.html
PSIRT-CNA@flexerasoftware.comhttp://www.redhat.com/support/errata/RHSA-2007-1025.html
PSIRT-CNA@flexerasoftware.comhttp://www.redhat.com/support/errata/RHSA-2007-1026.html
PSIRT-CNA@flexerasoftware.comhttp://www.redhat.com/support/errata/RHSA-2007-1027.html
PSIRT-CNA@flexerasoftware.comhttp://www.redhat.com/support/errata/RHSA-2007-1029.html
PSIRT-CNA@flexerasoftware.comhttp://www.redhat.com/support/errata/RHSA-2007-1030.html
PSIRT-CNA@flexerasoftware.comhttp://www.securityfocus.com/archive/1/483372
PSIRT-CNA@flexerasoftware.comhttp://www.securityfocus.com/bid/26367
PSIRT-CNA@flexerasoftware.comhttp://www.securitytracker.com/id?1018905
PSIRT-CNA@flexerasoftware.comhttp://www.ubuntu.com/usn/usn-542-1
PSIRT-CNA@flexerasoftware.comhttp://www.ubuntu.com/usn/usn-542-2
PSIRT-CNA@flexerasoftware.comhttp://www.vupen.com/english/advisories/2007/3774
PSIRT-CNA@flexerasoftware.comhttp://www.vupen.com/english/advisories/2007/3775
PSIRT-CNA@flexerasoftware.comhttp://www.vupen.com/english/advisories/2007/3776
PSIRT-CNA@flexerasoftware.comhttp://www.vupen.com/english/advisories/2007/3779
PSIRT-CNA@flexerasoftware.comhttp://www.vupen.com/english/advisories/2007/3786
PSIRT-CNA@flexerasoftware.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/38306
PSIRT-CNA@flexerasoftware.comhttps://issues.rpath.com/browse/RPL-1926
PSIRT-CNA@flexerasoftware.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9979
PSIRT-CNA@flexerasoftware.comhttps://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html
PSIRT-CNA@flexerasoftware.comhttps://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html
PSIRT-CNA@flexerasoftware.comhttps://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html
PSIRT-CNA@flexerasoftware.comhttps://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html
PSIRT-CNA@flexerasoftware.comhttps://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html
PSIRT-CNA@flexerasoftware.comhttps://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/26503
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27260Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27553
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27573
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27574
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27575
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27577
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27578
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27599
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27615
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27618
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27619
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27632
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27634
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27636
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27637
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27640
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27641
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27642
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27645
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27656
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27658
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27705
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27721
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27724
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27743
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27856
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28043
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28812
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29104
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29604
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30168
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/secunia_research/2007-88/advisory/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200711-22.xml
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200711-34.xml
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200805-13.xml
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882
af854a3a-2127-422b-91ae-364da2661108http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html
af854a3a-2127-422b-91ae-364da2661108http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html
af854a3a-2127-422b-91ae-364da2661108http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html
af854a3a-2127-422b-91ae-364da2661108http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html
af854a3a-2127-422b-91ae-364da2661108http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1480
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1509
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1537
af854a3a-2127-422b-91ae-364da2661108http://www.kde.org/info/security/advisory-20071107-1.txt
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:219
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:220
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:221
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:222
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:223
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:227
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:228
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:230
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2007_60_pdf.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-1021.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-1022.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-1024.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-1025.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-1026.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-1027.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-1029.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-1030.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/483372
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/26367
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1018905
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-542-1
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-542-2
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/3774
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/3775
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/3776
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/3779
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/3786
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/38306
af854a3a-2127-422b-91ae-364da2661108https://issues.rpath.com/browse/RPL-1926
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9979
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html
Impacted products
Vendor Product Version
xpdf xpdf 3.0.1_pl1



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0.1_pl1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0A09900-C462-4E3D-9399-0271F91DC5BD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file."
    },
    {
      "lang": "es",
      "value": "Un error de \u00edndice de matriz en el m\u00e9todo DCTStream::readProgressiveDataUnit en el archivo xpdf/Stream.cc en Xpdf versi\u00f3n 3.02pl1, tal y como es usado en poppler, teTeX, KDE, KOffice, CUPS y otros productos, permite a atacantes remotos desencadenar corrupci\u00f3n de memoria y ejecutar c\u00f3digo arbitrario por medio de un archivo PDF dise\u00f1ado."
    }
  ],
  "id": "CVE-2007-4352",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.6,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2007-11-08T02:46:00.000",
  "references": [
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/26503"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27260"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27553"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27573"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27574"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27575"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27577"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27578"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27599"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27615"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27618"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27619"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27632"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27634"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27636"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27637"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27640"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27641"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27642"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27645"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27656"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27658"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27705"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27721"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27724"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27743"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27856"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/28043"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/28812"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/29104"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/29604"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/30168"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2007-88/advisory/"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://security.gentoo.org/glsa/glsa-200711-22.xml"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.761882"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.debian.org/security/2008/dsa-1480"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.debian.org/security/2008/dsa-1509"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.debian.org/security/2008/dsa-1537"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.kde.org/info/security/advisory-20071107-1.txt"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:219"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:220"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:221"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:222"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:223"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:227"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:228"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.novell.com/linux/security/advisories/2007_60_pdf.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1021.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1024.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1025.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1026.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1029.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/archive/1/483372"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/bid/26367"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securitytracker.com/id?1018905"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.ubuntu.com/usn/usn-542-1"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.ubuntu.com/usn/usn-542-2"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2007/3774"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2007/3775"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2007/3776"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2007/3779"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2007/3786"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38306"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://issues.rpath.com/browse/RPL-1926"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9979"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26503"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27260"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27553"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27573"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27574"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27575"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27577"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27578"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27599"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27615"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27618"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27619"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27632"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27634"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27636"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27637"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27640"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27641"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27642"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27645"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27656"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27658"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27705"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27721"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27724"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27743"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27856"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/28043"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/28812"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29104"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29604"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30168"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2007-88/advisory/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200711-22.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.761882"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1480"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1509"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1537"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.kde.org/info/security/advisory-20071107-1.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:219"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:220"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:221"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:222"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:223"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:227"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:228"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2007_60_pdf.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1021.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1024.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1025.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1026.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1029.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/483372"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/26367"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1018905"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-542-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-542-2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3774"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3775"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3776"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3779"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3786"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38306"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-1926"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9979"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html"
    }
  ],
  "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2007-01-09 00:28
Modified
2025-04-09 00:30
Severity ?
Summary
The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.
References
cve@mitre.orghttp://docs.info.apple.com/article.html?artnum=305214
cve@mitre.orghttp://projects.info-pull.com/moab/MOAB-06-01-2007.html
cve@mitre.orghttp://secunia.com/advisories/23791
cve@mitre.orghttp://secunia.com/advisories/23799Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/23808Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/23813Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/23815Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/23839Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/23844Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/23876Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/24204Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/24479Vendor Advisory
cve@mitre.orghttp://securitytracker.com/id?1017514
cve@mitre.orghttp://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html
cve@mitre.orghttp://www.kde.org/info/security/advisory-20070115-1.txt
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2007:018
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2007:019
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2007:020
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2007:021
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2007:022
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2007:024
cve@mitre.orghttp://www.novell.com/linux/security/advisories/2007_3_sr.html
cve@mitre.orghttp://www.securityfocus.com/archive/1/457055/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/21910Exploit
cve@mitre.orghttp://www.securitytracker.com/id?1017749
cve@mitre.orghttp://www.ubuntu.com/usn/usn-410-1
cve@mitre.orghttp://www.ubuntu.com/usn/usn-410-2
cve@mitre.orghttp://www.us-cert.gov/cas/techalerts/TA07-072A.htmlUS Government Resource
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/0203Vendor Advisory
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/0212Vendor Advisory
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/0244Vendor Advisory
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/0930Vendor Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/31364
cve@mitre.orghttps://issues.rpath.com/browse/RPL-964
af854a3a-2127-422b-91ae-364da2661108http://docs.info.apple.com/article.html?artnum=305214
af854a3a-2127-422b-91ae-364da2661108http://projects.info-pull.com/moab/MOAB-06-01-2007.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/23791
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/23799Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/23808Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/23813Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/23815Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/23839Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/23844Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/23876Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/24204Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/24479Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1017514
af854a3a-2127-422b-91ae-364da2661108http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html
af854a3a-2127-422b-91ae-364da2661108http://www.kde.org/info/security/advisory-20070115-1.txt
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:018
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:019
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:020
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:021
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:022
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:024
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2007_3_sr.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/457055/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/21910Exploit
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1017749
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-410-1
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-410-2
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA07-072A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/0203Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/0212Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/0244Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/0930Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/31364
af854a3a-2127-422b-91ae-364da2661108https://issues.rpath.com/browse/RPL-964
Impacted products
Vendor Product Version
xpdf xpdf 3.0
xpdf xpdf 3.0.1
xpdf xpdf 3.0.1_pl1
xpdf xpdf 3.0.1_pl2
xpdf xpdf 3.0_pl2
kde kde 3.2
kde kde 3.2.1
kde kde 3.2.2
kde kde 3.2.3
kde kde 3.3
kde kde 3.3.1
kde kde 3.3.2
kde kde 3.4
kde kde 3.4.1
kde kde 3.4.2
kde kde 3.4.3
kde kde 3.5



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B77866E-6818-4DE6-9457-39416871952C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0.1_pl1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0A09900-C462-4E3D-9399-0271F91DC5BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0.1_pl2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E99D1B2-0FDB-4E39-84FD-B354F808651E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0_pl2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6D23CF8-2B6C-4D2A-8E5E-6AACE99A7C19",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "82F69843-978D-4686-BC5B-1D09DA4A21BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "81E19472-47B4-4398-A188-CA5A5D3E7060",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F7180B3-03AC-427C-8CAD-FE06F81C4FF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "442021C9-BE4D-4BC9-8114-8BEFA9EC1232",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7036AE90-C7E0-48CE-805D-3F1E04852675",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D49AE92-BA00-4A8E-BBFE-1BE994CFA3CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "29911CA1-ECFD-476F-8C85-EA0C6C143DC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D17CEFEB-9166-4426-92E1-D8F61D5F5D4C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node."
    },
    {
      "lang": "es",
      "value": "La especificaci\u00f3n de Adobe PDF versi\u00f3n 1.3, implementada por (a) xpdf versi\u00f3n 3.0.1 parche 2, (b) kpdf en KDE anterior a versi\u00f3n 3.5.5, (c) poppler anterior a versi\u00f3n 0.5.4, y otros productos, permite a los atacantes remotos tener un impacto desconocido, posiblemente incluyendo la denegaci\u00f3n de servicio (bucle infinito), ejecuci\u00f3n de c\u00f3digo arbitraria, o corrupci\u00f3n de memoria , por medio de un archivo PDF con un (1) diccionario de cat\u00e1logo creado o (2) un atributo Pages creado que hace referencia a un nodo de \u00e1rbol de p\u00e1ginas no v\u00e1lido."
    }
  ],
  "id": "CVE-2007-0104",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-01-09T00:28:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://docs.info.apple.com/article.html?artnum=305214"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://projects.info-pull.com/moab/MOAB-06-01-2007.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/23791"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/23799"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/23808"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/23813"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/23815"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/23839"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/23844"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/23876"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24204"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24479"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1017514"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.kde.org/info/security/advisory-20070115-1.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:018"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:019"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:020"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:021"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:022"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:024"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/security/advisories/2007_3_sr.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/457055/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/21910"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1017749"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/usn-410-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/usn-410-2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/0203"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/0212"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/0244"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/0930"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31364"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://issues.rpath.com/browse/RPL-964"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://docs.info.apple.com/article.html?artnum=305214"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://projects.info-pull.com/moab/MOAB-06-01-2007.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/23791"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/23799"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/23808"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/23813"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/23815"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/23839"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/23844"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/23876"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24204"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24479"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1017514"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.kde.org/info/security/advisory-20070115-1.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:018"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:019"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:020"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:021"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:022"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:024"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2007_3_sr.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/457055/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/21910"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1017749"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-410-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-410-2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/0203"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/0212"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/0244"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/0930"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31364"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-964"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Not Vulnerable.  This flaw is the result of an infinite recursion flaw in xpdf, which cannot result in arbitrary code execution.",
      "lastModified": "2007-01-15T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-12-07 00:03
Modified
2025-04-03 01:03
Severity ?
Summary
Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and (5) libextractor allows user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with large size values that cause insufficient memory to be allocated.
References
cve@mitre.orgftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt
cve@mitre.orgftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt
cve@mitre.orgftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt
cve@mitre.orgftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
cve@mitre.orgftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
cve@mitre.orgftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
cve@mitre.orghttp://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html
cve@mitre.orghttp://rhn.redhat.com/errata/RHSA-2005-868.html
cve@mitre.orghttp://secunia.com/advisories/17897Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/17912Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/17916Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/17920Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/17926Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/17929Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/17940Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/17955
cve@mitre.orghttp://secunia.com/advisories/17956
cve@mitre.orghttp://secunia.com/advisories/17959
cve@mitre.orghttp://secunia.com/advisories/17976Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18009Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18055Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18061Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18147
cve@mitre.orghttp://secunia.com/advisories/18189Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18191Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18192Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18303
cve@mitre.orghttp://secunia.com/advisories/18313Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18336Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18349Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18380
cve@mitre.orghttp://secunia.com/advisories/18385Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18387Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18389Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18398Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18407
cve@mitre.orghttp://secunia.com/advisories/18416Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18448Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18517
cve@mitre.orghttp://secunia.com/advisories/18520
cve@mitre.orghttp://secunia.com/advisories/18534
cve@mitre.orghttp://secunia.com/advisories/18554
cve@mitre.orghttp://secunia.com/advisories/18582
cve@mitre.orghttp://secunia.com/advisories/18674
cve@mitre.orghttp://secunia.com/advisories/18675
cve@mitre.orghttp://secunia.com/advisories/18679
cve@mitre.orghttp://secunia.com/advisories/18908
cve@mitre.orghttp://secunia.com/advisories/18913
cve@mitre.orghttp://secunia.com/advisories/19125
cve@mitre.orghttp://secunia.com/advisories/19230
cve@mitre.orghttp://secunia.com/advisories/19377
cve@mitre.orghttp://secunia.com/advisories/19797
cve@mitre.orghttp://secunia.com/advisories/19798
cve@mitre.orghttp://secunia.com/advisories/25729
cve@mitre.orghttp://secunia.com/advisories/26413
cve@mitre.orghttp://securityreason.com/securityalert/236
cve@mitre.orghttp://securitytracker.com/id?1015309
cve@mitre.orghttp://securitytracker.com/id?1015324
cve@mitre.orghttp://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
cve@mitre.orghttp://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
cve@mitre.orghttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
cve@mitre.orghttp://www.debian.org/security/2005/dsa-931
cve@mitre.orghttp://www.debian.org/security/2005/dsa-932
cve@mitre.orghttp://www.debian.org/security/2005/dsa-937
cve@mitre.orghttp://www.debian.org/security/2005/dsa-938
cve@mitre.orghttp://www.debian.org/security/2005/dsa-940
cve@mitre.orghttp://www.debian.org/security/2006/dsa-936
cve@mitre.orghttp://www.debian.org/security/2006/dsa-950
cve@mitre.orghttp://www.debian.org/security/2006/dsa-961
cve@mitre.orghttp://www.debian.org/security/2006/dsa-962
cve@mitre.orghttp://www.gentoo.org/security/en/glsa/glsa-200512-08.xml
cve@mitre.orghttp://www.gentoo.org/security/en/glsa/glsa-200601-02.xml
cve@mitre.orghttp://www.gentoo.org/security/en/glsa/glsa-200603-02.xml
cve@mitre.orghttp://www.idefense.com/application/poi/display?id=345&type=vulnerabilities&flashstatus=truePatch, Vendor Advisory
cve@mitre.orghttp://www.kde.org/info/security/advisory-20051207-1.txt
cve@mitre.orghttp://www.kde.org/info/security/advisory-20051207-2.txt
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:003
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:004
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:005
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:006
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:008
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:010
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:011
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:012
cve@mitre.orghttp://www.novell.com/linux/security/advisories/2005_29_sr.html
cve@mitre.orghttp://www.redhat.com/archives/fedora-announce-list/2005-December/msg00014.html
cve@mitre.orghttp://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html
cve@mitre.orghttp://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html
cve@mitre.orghttp://www.redhat.com/archives/fedora-announce-list/2005-December/msg00022.html
cve@mitre.orghttp://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html
cve@mitre.orghttp://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html
cve@mitre.orghttp://www.redhat.com/archives/fedora-announce-list/2005-December/msg00073.html
cve@mitre.orghttp://www.redhat.com/archives/fedora-announce-list/2006-January/msg00043.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-840.htmlVendor Advisory
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-867.htmlVendor Advisory
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-878.htmlVendor Advisory
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2006-0160.htmlVendor Advisory
cve@mitre.orghttp://www.securityfocus.com/archive/1/418883/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/427053/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/427990/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/15721
cve@mitre.orghttp://www.trustix.org/errata/2005/0072/
cve@mitre.orghttp://www.ubuntulinux.org/usn/usn-227-1
cve@mitre.orghttp://www.vupen.com/english/advisories/2005/2787
cve@mitre.orghttp://www.vupen.com/english/advisories/2005/2789
cve@mitre.orghttp://www.vupen.com/english/advisories/2005/2790
cve@mitre.orghttp://www.vupen.com/english/advisories/2005/2856
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/2280
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/23441
cve@mitre.orghttps://issues.rpath.com/browse/RPL-1609
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11440
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
af854a3a-2127-422b-91ae-364da2661108http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2005-868.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17897Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17912Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17916Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17920Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17926Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17929Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17940Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17955
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17956
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17959
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17976Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18009Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18055Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18061Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18147
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18189Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18191Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18192Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18303
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18313Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18336Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18349Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18380
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18385Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18387Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18389Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18398Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18407
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18416Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18448Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18517
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18520
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18534
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18554
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18582
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18674
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18675
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18679
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18908
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18913
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19125
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19230
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19377
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19797
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19798
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/25729
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/26413
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/236
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1015309
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1015324
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-931
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-932
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-937
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-938
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-940
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-936
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-950
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-961
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-962
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200603-02.xml
af854a3a-2127-422b-91ae-364da2661108http://www.idefense.com/application/poi/display?id=345&type=vulnerabilities&flashstatus=truePatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.kde.org/info/security/advisory-20051207-1.txt
af854a3a-2127-422b-91ae-364da2661108http://www.kde.org/info/security/advisory-20051207-2.txt
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:003
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:004
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:005
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:006
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:008
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:010
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:011
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:012
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2005_29_sr.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00014.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00022.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00073.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00043.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-840.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-867.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-878.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0160.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/418883/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/427053/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/427990/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/15721
af854a3a-2127-422b-91ae-364da2661108http://www.trustix.org/errata/2005/0072/
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntulinux.org/usn/usn-227-1
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2005/2787
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2005/2789
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2005/2790
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2005/2856
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/2280
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/23441
af854a3a-2127-422b-91ae-364da2661108https://issues.rpath.com/browse/RPL-1609
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11440
Impacted products
Vendor Product Version
xpdf xpdf 0.90
xpdf xpdf 0.91
xpdf xpdf 0.92
xpdf xpdf 0.93
xpdf xpdf 1.0
xpdf xpdf 1.0a
xpdf xpdf 1.1
xpdf xpdf 2.0
xpdf xpdf 2.1
xpdf xpdf 2.2
xpdf xpdf 2.3
xpdf xpdf 3.0
xpdf xpdf 3.0.1
xpdf xpdf 3.0_pl2
xpdf xpdf 3.0_pl3



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CC6233-E207-40CC-81FF-A8670EEA4295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "64DD9B5C-3DB8-4E15-B4A6-541E4E221C1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.92:*:*:*:*:*:*:*",
              "matchCriteriaId": "0304E1E3-8766-40D0-8879-A652B4E9E72D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.93:*:*:*:*:*:*:*",
              "matchCriteriaId": "188F1343-8082-4B54-8DA4-E344818ABD52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B95DA7DE-B786-4EE7-A3F4-C077A7986D5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:1.0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5306C05-4A71-4175-8C22-F2DE0F2FE4C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B9DEF16-ECD5-4BBE-8986-52A6171B3D9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFDBEEC-B2C1-47F0-82D3-FC9147B590A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "354487CF-0086-4AE2-872B-0032E3EB89EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "96767060-505A-42D2-A68A-6AD810DE800A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1169B802-7279-437F-AF59-621A67DC92EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B77866E-6818-4DE6-9457-39416871952C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0_pl2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6D23CF8-2B6C-4D2A-8E5E-6AACE99A7C19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0_pl3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9107B531-7254-4908-97F0-3BF1EA0495AC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and (5) libextractor allows user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with large size values that cause insufficient memory to be allocated."
    }
  ],
  "id": "CVE-2005-3193",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2005-12-07T00:03:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://rhn.redhat.com/errata/RHSA-2005-868.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17897"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17912"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17916"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17920"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17926"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17929"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17940"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/17955"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/17956"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/17959"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17976"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18009"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18055"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18061"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18147"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18189"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18191"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18192"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18303"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18313"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18336"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18349"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18380"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18385"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18387"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18389"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18398"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18407"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18416"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18448"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18517"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18520"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18534"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18554"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18582"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18674"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18675"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18679"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18908"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18913"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/19125"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/19230"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/19377"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/19797"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/19798"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/25729"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/26413"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/236"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1015309"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1015324"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2005/dsa-931"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2005/dsa-932"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2005/dsa-937"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2005/dsa-938"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2005/dsa-940"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2006/dsa-936"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2006/dsa-950"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2006/dsa-961"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2006/dsa-962"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-02.xml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.idefense.com/application/poi/display?id=345\u0026type=vulnerabilities\u0026flashstatus=true"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.kde.org/info/security/advisory-20051207-1.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/security/advisories/2005_29_sr.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00014.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00022.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00073.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00043.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-840.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-867.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-878.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/418883/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/15721"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.trustix.org/errata/2005/0072/"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntulinux.org/usn/usn-227-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2005/2787"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2005/2789"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2005/2790"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2005/2856"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/2280"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23441"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://issues.rpath.com/browse/RPL-1609"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11440"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2005-868.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17897"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17912"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17916"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17920"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17926"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17929"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17940"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17955"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17956"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17959"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17976"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18009"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18055"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18061"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18147"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18189"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18191"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18192"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18303"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18313"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18336"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18349"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18380"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18385"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18387"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18389"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18398"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18407"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18416"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18448"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18517"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18520"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18534"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18554"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18582"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18674"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18675"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18679"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18908"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18913"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19125"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19230"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19377"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19797"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19798"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25729"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26413"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/236"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1015309"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1015324"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-931"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-932"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-937"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-938"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-940"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-936"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-950"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-961"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-962"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-02.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.idefense.com/application/poi/display?id=345\u0026type=vulnerabilities\u0026flashstatus=true"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.kde.org/info/security/advisory-20051207-1.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2005_29_sr.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00014.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00022.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00073.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00043.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-840.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-867.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-878.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/418883/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/15721"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.trustix.org/errata/2005/0072/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntulinux.org/usn/usn-227-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/2787"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/2789"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/2790"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/2856"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2280"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23441"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-1609"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11440"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
      "lastModified": "2007-03-14T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2006-01-30 22:03
Modified
2025-04-03 01:03
Severity ?
Summary
Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap.
References
secalert@redhat.comftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txtPatch, Vendor Advisory
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2006-0206.htmlPatch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18274Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18677Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18707Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18825Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18826Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18834Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18837Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18838Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18839Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18860Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18862Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18864Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18875Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18882Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18908Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18913Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18983Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19377Patch, Vendor Advisory
secalert@redhat.comhttp://securityreason.com/securityalert/470
secalert@redhat.comhttp://securitytracker.com/id?1015576Patch
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683Patch
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747Patch
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-971Patch, Vendor Advisory
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-972Patch, Vendor Advisory
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-974Patch, Vendor Advisory
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200602-04.xmlPatch, Vendor Advisory
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200602-05.xmlPatch, Vendor Advisory
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200602-12.xmlPatch, Vendor Advisory
secalert@redhat.comhttp://www.kde.org/info/security/advisory-20060202-1.txtPatch, Vendor Advisory
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:030
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:031
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:032
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-February/msg00039.htmlPatch, Vendor Advisory
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0201.htmlPatch, Vendor Advisory
secalert@redhat.comhttp://www.securityfocus.com/archive/1/423899/100/0/threadedPatch, Vendor Advisory
secalert@redhat.comhttp://www.securityfocus.com/archive/1/427990/100/0/threaded
secalert@redhat.comhttp://www.ubuntu.com/usn/usn-249-1Patch
secalert@redhat.comhttp://www.vupen.com/english/advisories/2006/0389Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2006/0422Vendor Advisory
secalert@redhat.comhttps://bugzilla.novell.com/show_bug.cgi?id=141242
secalert@redhat.comhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179046
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/24391
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10850
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txtPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2006-0206.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18274Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18677Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18707Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18825Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18826Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18834Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18837Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18838Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18839Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18860Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18862Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18864Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18875Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18882Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18908Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18913Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18983Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19377Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/470
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1015576Patch
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683Patch
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747Patch
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-971Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-972Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-974Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200602-04.xmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200602-05.xmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200602-12.xmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.kde.org/info/security/advisory-20060202-1.txtPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:030
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:031
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:032
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00039.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0201.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/423899/100/0/threadedPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/427990/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-249-1Patch
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/0389Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/0422Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.novell.com/show_bug.cgi?id=141242
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179046
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/24391
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10850
Impacted products
Vendor Product Version
xpdf xpdf *



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC1CAEC5-3851-4749-AF27-E090E3C52E35",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap."
    }
  ],
  "id": "CVE-2006-0301",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-01-30T22:03:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0206.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18274"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18677"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18707"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18825"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18826"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18834"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18837"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18838"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18839"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18860"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18862"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18864"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18875"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18882"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18908"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18913"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18983"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19377"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securityreason.com/securityalert/470"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1015576"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-971"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-972"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-974"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-04.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-05.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-12.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.kde.org/info/security/advisory-20060202-1.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:030"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:031"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:032"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00039.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0201.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/archive/1/423899/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.ubuntu.com/usn/usn-249-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/0389"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/0422"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.novell.com/show_bug.cgi?id=141242"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179046"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24391"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10850"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0206.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18274"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18677"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18707"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18825"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18826"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18834"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18837"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18838"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18839"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18860"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18862"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18864"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18875"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18882"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18908"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18913"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18983"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19377"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/470"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1015576"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-971"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-972"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-974"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-04.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-05.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-12.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.kde.org/info/security/advisory-20060202-1.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:030"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:031"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:032"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00039.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0201.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/archive/1/423899/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.ubuntu.com/usn/usn-249-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/0389"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/0422"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.novell.com/show_bug.cgi?id=141242"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179046"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24391"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10850"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via a DCTDecode stream with (1) a large "number of components" value that is not checked by DCTStream::readBaselineSOF or DCTStream::readProgressiveSOF, (2) a large "Huffman table index" value that is not checked by DCTStream::readHuffmanTables, and (3) certain uses of the scanInfo.numComps value by DCTStream::readScanInfo.
References
secalert@redhat.comftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt
secalert@redhat.comftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
secalert@redhat.comftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
secalert@redhat.comftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
secalert@redhat.comhttp://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.htmlPatch, Vendor Advisory
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2006-0177.htmlPatch, Vendor Advisory
secalert@redhat.comhttp://scary.beasts.org/security/CESA-2005-003.txtExploit, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18147
secalert@redhat.comhttp://secunia.com/advisories/18303Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18312Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18313Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18329Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18332Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18334Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18335Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18338Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18349Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18373
secalert@redhat.comhttp://secunia.com/advisories/18375Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18380
secalert@redhat.comhttp://secunia.com/advisories/18385Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18387Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18389Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18398Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18407Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18414
secalert@redhat.comhttp://secunia.com/advisories/18416Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18423Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18425
secalert@redhat.comhttp://secunia.com/advisories/18428
secalert@redhat.comhttp://secunia.com/advisories/18436
secalert@redhat.comhttp://secunia.com/advisories/18448Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18463
secalert@redhat.comhttp://secunia.com/advisories/18517Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18534Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18554Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18582Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18642Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18644Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18674Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18675Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18679Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18908Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18913
secalert@redhat.comhttp://secunia.com/advisories/19230
secalert@redhat.comhttp://secunia.com/advisories/19377
secalert@redhat.comhttp://secunia.com/advisories/25729
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-931
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-932
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-937
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-938
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-940
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-936Patch, Vendor Advisory
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-950Patch, Vendor Advisory
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-961Patch, Vendor Advisory
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-962
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200601-02.xmlPatch, Vendor Advisory
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200601-17.xml
secalert@redhat.comhttp://www.kde.org/info/security/advisory-20051207-2.txtPatch
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:003
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:004
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:005
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:006
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:008
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:010
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:011
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:012
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.htmlPatch
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.htmlPatch
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0160.htmlPatch, Vendor Advisory
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0163.html
secalert@redhat.comhttp://www.securityfocus.com/archive/1/427053/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/427990/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/16143Patch
secalert@redhat.comhttp://www.trustix.org/errata/2006/0002/
secalert@redhat.comhttp://www.vupen.com/english/advisories/2006/0047
secalert@redhat.comhttp://www.vupen.com/english/advisories/2007/2280
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/24024
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/24025
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10200
secalert@redhat.comhttps://usn.ubuntu.com/236-1/
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
af854a3a-2127-422b-91ae-364da2661108http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2006-0177.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://scary.beasts.org/security/CESA-2005-003.txtExploit, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18147
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18303Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18312Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18313Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18329Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18332Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18334Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18335Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18338Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18349Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18373
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18375Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18380
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18385Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18387Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18389Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18398Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18407Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18414
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18416Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18423Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18425
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18428
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18436
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18448Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18463
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18517Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18534Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18554Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18582Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18642Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18644Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18674Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18675Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18679Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18908Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18913
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19230
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19377
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/25729
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-931
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-932
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-937
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-938
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-940
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-936Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-950Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-961Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-962
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200601-02.xmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml
af854a3a-2127-422b-91ae-364da2661108http://www.kde.org/info/security/advisory-20051207-2.txtPatch
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:003
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:004
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:005
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:006
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:008
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:010
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:011
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:012
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0160.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0163.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/427053/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/427990/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/16143Patch
af854a3a-2127-422b-91ae-364da2661108http://www.trustix.org/errata/2006/0002/
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/0047
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/2280
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/24024
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/24025
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10200
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/236-1/
Impacted products
Vendor Product Version
xpdf xpdf *



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC1CAEC5-3851-4749-AF27-E090E3C52E35",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via a DCTDecode stream with (1) a large \"number of components\" value that is not checked by DCTStream::readBaselineSOF or DCTStream::readProgressiveSOF, (2) a large \"Huffman table index\" value that is not checked by DCTStream::readHuffmanTables, and (3) certain uses of the scanInfo.numComps value by DCTStream::readScanInfo."
    }
  ],
  "id": "CVE-2005-3627",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-12-31T05:00:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18147"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18303"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18312"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18313"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18329"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18332"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18334"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18335"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18338"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18349"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18373"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18375"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18380"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18385"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18387"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18389"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18398"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18407"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18414"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18416"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18423"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18425"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18428"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18436"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18448"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18463"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18517"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18534"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18554"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18582"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18642"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18644"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18674"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18675"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18679"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18908"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18913"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19230"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19377"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25729"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-931"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-932"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-937"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-938"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-940"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-936"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-950"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-961"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-962"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16143"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.trustix.org/errata/2006/0002/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2006/0047"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/2280"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24024"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24025"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10200"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/236-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18147"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18303"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18312"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18313"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18329"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18332"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18334"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18335"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18338"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18349"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18373"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18375"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18380"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18385"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18387"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18389"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18398"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18407"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18414"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18416"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18423"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18425"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18428"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18436"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18448"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18463"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18517"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18534"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18554"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18582"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18642"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18644"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18674"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18675"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18679"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18908"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18913"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19230"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19377"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25729"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-931"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-932"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-937"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-938"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-940"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-936"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-950"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-961"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-962"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16143"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.trustix.org/errata/2006/0002/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/0047"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2280"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24024"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24025"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10200"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/236-1/"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vendorComments": [
    {
      "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
      "lastModified": "2007-03-14T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        },
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-01-27 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.
Impacted products
Vendor Product Version
easy_software_products cups 1.0.4
easy_software_products cups 1.0.4_8
easy_software_products cups 1.1.1
easy_software_products cups 1.1.4
easy_software_products cups 1.1.4_2
easy_software_products cups 1.1.4_3
easy_software_products cups 1.1.4_5
easy_software_products cups 1.1.6
easy_software_products cups 1.1.7
easy_software_products cups 1.1.10
easy_software_products cups 1.1.12
easy_software_products cups 1.1.13
easy_software_products cups 1.1.14
easy_software_products cups 1.1.15
easy_software_products cups 1.1.16
easy_software_products cups 1.1.17
easy_software_products cups 1.1.18
easy_software_products cups 1.1.19
easy_software_products cups 1.1.19_rc5
easy_software_products cups 1.1.20
gnome gpdf 0.112
gnome gpdf 0.131
kde koffice 1.3
kde koffice 1.3.1
kde koffice 1.3.2
kde koffice 1.3.3
kde koffice 1.3_beta1
kde koffice 1.3_beta2
kde koffice 1.3_beta3
kde kpdf 3.2
pdftohtml pdftohtml 0.32a
pdftohtml pdftohtml 0.32b
pdftohtml pdftohtml 0.33
pdftohtml pdftohtml 0.33a
pdftohtml pdftohtml 0.34
pdftohtml pdftohtml 0.35
pdftohtml pdftohtml 0.36
tetex tetex 1.0.7
tetex tetex 2.0
tetex tetex 2.0.1
tetex tetex 2.0.2
xpdf xpdf 0.90
xpdf xpdf 0.91
xpdf xpdf 0.92
xpdf xpdf 0.93
xpdf xpdf 1.0
xpdf xpdf 1.0a
xpdf xpdf 1.1
xpdf xpdf 2.0
xpdf xpdf 2.1
xpdf xpdf 2.3
xpdf xpdf 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
gentoo linux *
kde kde 3.2
kde kde 3.2.1
kde kde 3.2.2
kde kde 3.2.3
kde kde 3.3
kde kde 3.3.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 3.0
redhat enterprise_linux 3.0
redhat enterprise_linux 3.0
redhat enterprise_linux_desktop 3.0
redhat fedora_core core_2.0
redhat linux_advanced_workstation 2.1
redhat linux_advanced_workstation 2.1
suse suse_linux 8.0
suse suse_linux 8.1
suse suse_linux 8.2
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.1
suse suse_linux 9.2
ubuntu ubuntu_linux 4.1
ubuntu ubuntu_linux 4.1



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "68BD578F-CCAD-4515-9205-EB4F297C6DB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4_8:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3182CA2-7375-43BC-A0E5-DE11D4B65EE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCF4C8D0-3030-4DD5-800B-76A582A4CD0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "734D0C2C-F71F-461A-87EE-202C6B706753",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F0F402D-5CD0-4477-8B59-C753CECB02BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_3:*:*:*:*:*:*:*",
              "matchCriteriaId": "959F7AFA-ED20-434C-993F-06C2A8574662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4F5A0A4-2884-46CA-A846-8B954EB80CFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1741CC9D-C4A8-48F9-86CF-EC20AE2A6BE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "35E65857-12C7-49DE-AD27-3CACD456231C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "47CEF035-57A6-470B-916A-E5562C28E866",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E26BB15-4CF8-4496-A7F7-EB34C444EF72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "D414984E-4F6B-4278-8346-968587E4B18E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "33C36DCB-2FDD-44E6-85E8-875575AAE69E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C4B7C23-0C54-4FBA-A774-9CC1E148376E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FA0EF14-33E6-4D44-B86E-F04014EA3C8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5428EE6-F90A-4BB6-9D8C-8B99E80AB6DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "A786A770-919E-4E23-949D-D836F316618A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "00A2249C-73DE-434E-A41F-4EDB0ADC0845",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19_rc5:*:*:*:*:*:*:*",
              "matchCriteriaId": "73AB4D3D-FF35-4A50-A144-3AD41F6F2E55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB7653F1-70E2-423F-A6A9-30333644B506",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnome:gpdf:0.112:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E70576E-C253-4F8B-A93E-14CC2EE7114D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnome:gpdf:0.131:*:*:*:*:*:*:*",
              "matchCriteriaId": "832C5512-B473-40E8-BF4F-EC6ABFE46749",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "053435DD-BFDF-4C39-9919-11C42D569085",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9BB1A3C-3348-4545-A513-E504B33F72AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD45E2C8-0B0E-484F-8050-94BF77798183",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EAA654E-9DD4-4614-92D7-EF4D676B3A18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3_beta1:*:*:*:*:*:*:*",
              "matchCriteriaId": "89C96FC9-40DB-467D-A701-49F97A1B887D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3_beta2:*:*:*:*:*:*:*",
              "matchCriteriaId": "76128BDC-2CA7-4AE7-8C4F-BCB3835CA938",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3_beta3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B2517C7-27EF-4961-91C3-CA33219AFF2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.32a:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE346726-71D6-438B-B600-A7E107332816",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.32b:*:*:*:*:*:*:*",
              "matchCriteriaId": "87E85020-B4DB-4011-BDD0-1C8967D45A84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8189A9AB-F685-40E2-944F-8BD3DD6FA0A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.33a:*:*:*:*:*:*:*",
              "matchCriteriaId": "C33B8585-FA5F-4210-A997-615BCEE1726F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4AE4C34-C497-426F-AC0D-1805A50582EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2989EFF-07B9-4EF2-B6C1-59E4F52FDC92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3970101-5E83-49FD-BCB6-D9176D46B5A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CC6233-E207-40CC-81FF-A8670EEA4295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "64DD9B5C-3DB8-4E15-B4A6-541E4E221C1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.92:*:*:*:*:*:*:*",
              "matchCriteriaId": "0304E1E3-8766-40D0-8879-A652B4E9E72D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.93:*:*:*:*:*:*:*",
              "matchCriteriaId": "188F1343-8082-4B54-8DA4-E344818ABD52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B95DA7DE-B786-4EE7-A3F4-C077A7986D5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:1.0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5306C05-4A71-4175-8C22-F2DE0F2FE4C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B9DEF16-ECD5-4BBE-8986-52A6171B3D9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFDBEEC-B2C1-47F0-82D3-FC9147B590A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "354487CF-0086-4AE2-872B-0032E3EB89EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1169B802-7279-437F-AF59-621A67DC92EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
              "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
              "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "82F69843-978D-4686-BC5B-1D09DA4A21BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "81E19472-47B4-4398-A188-CA5A5D3E7060",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
              "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
              "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
              "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888."
    }
  ],
  "id": "CVE-2004-0889",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-01-27T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/11501"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17819"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/11501"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17819"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2006-03-09 00:02
Modified
2025-04-03 01:03
Severity ?
Summary
Certain patches for kpdf do not include all relevant patches from xpdf that were associated with CVE-2005-3627, which allows context-dependent attackers to exploit vulnerabilities that were present in CVE-2005-3627.
References
secalert@redhat.comhttp://secunia.com/advisories/19189Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19190Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19264Vendor Advisory
secalert@redhat.comhttp://securityreason.com/securityalert/566
secalert@redhat.comhttp://securitytracker.com/id?1015751
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1008
secalert@redhat.comhttp://www.kde.org/info/security/advisory-20060202-1.txt
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:054
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0262.html
secalert@redhat.comhttp://www.securityfocus.com/archive/1/427299/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/17039
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/25146
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11441
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19189Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19190Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19264Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/566
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1015751
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1008
af854a3a-2127-422b-91ae-364da2661108http://www.kde.org/info/security/advisory-20060202-1.txt
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:054
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0262.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/427299/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/17039
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/25146
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11441
Impacted products
Vendor Product Version
xpdf xpdf *



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC1CAEC5-3851-4749-AF27-E090E3C52E35",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Certain patches for kpdf do not include all relevant patches from xpdf that were associated with CVE-2005-3627, which allows context-dependent attackers to exploit vulnerabilities that were present in CVE-2005-3627."
    }
  ],
  "id": "CVE-2006-0746",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-03-09T00:02:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19189"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19190"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19264"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securityreason.com/securityalert/566"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securitytracker.com/id?1015751"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-1008"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.kde.org/info/security/advisory-20060202-1.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:054"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0262.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/427299/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/17039"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25146"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11441"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19189"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19190"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19264"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/566"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1015751"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1008"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.kde.org/info/security/advisory-20060202-1.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:054"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0262.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/427299/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/17039"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25146"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11441"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-12-07 01:03
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KDE kpdf, (d) pdftohtml, (e) KOffice KWord, (f) CUPS, and (g) libextractor allow user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with an out-of-range number of components (numComps), which is used as an array index.
References
cve@mitre.orgftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt
cve@mitre.orgftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt
cve@mitre.orgftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt
cve@mitre.orgftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
cve@mitre.orgftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
cve@mitre.orgftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
cve@mitre.orghttp://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289
cve@mitre.orghttp://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html
cve@mitre.orghttp://rhn.redhat.com/errata/RHSA-2005-868.htmlVendor Advisory
cve@mitre.orghttp://secunia.com/advisories/17897Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/17908Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/17912Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/17916Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/17920Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/17921Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/17926Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/17929Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/17940Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/17955
cve@mitre.orghttp://secunia.com/advisories/17976Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18009Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18055Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18061Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18147
cve@mitre.orghttp://secunia.com/advisories/18189Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18191Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18192Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18303
cve@mitre.orghttp://secunia.com/advisories/18313Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18336Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18349Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18380
cve@mitre.orghttp://secunia.com/advisories/18385Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18387Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18389
cve@mitre.orghttp://secunia.com/advisories/18398
cve@mitre.orghttp://secunia.com/advisories/18407
cve@mitre.orghttp://secunia.com/advisories/18416Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18428
cve@mitre.orghttp://secunia.com/advisories/18436
cve@mitre.orghttp://secunia.com/advisories/18448
cve@mitre.orghttp://secunia.com/advisories/18503
cve@mitre.orghttp://secunia.com/advisories/18517
cve@mitre.orghttp://secunia.com/advisories/18534
cve@mitre.orghttp://secunia.com/advisories/18549
cve@mitre.orghttp://secunia.com/advisories/18554
cve@mitre.orghttp://secunia.com/advisories/18582
cve@mitre.orghttp://secunia.com/advisories/18674
cve@mitre.orghttp://secunia.com/advisories/18675
cve@mitre.orghttp://secunia.com/advisories/18679
cve@mitre.orghttp://secunia.com/advisories/18908
cve@mitre.orghttp://secunia.com/advisories/18913
cve@mitre.orghttp://secunia.com/advisories/19230
cve@mitre.orghttp://secunia.com/advisories/19377
cve@mitre.orghttp://secunia.com/advisories/19797
cve@mitre.orghttp://secunia.com/advisories/19798
cve@mitre.orghttp://secunia.com/advisories/25729
cve@mitre.orghttp://secunia.com/advisories/26413
cve@mitre.orghttp://securityreason.com/securityalert/233
cve@mitre.orghttp://securityreason.com/securityalert/234
cve@mitre.orghttp://securitytracker.com/id?1015309
cve@mitre.orghttp://securitytracker.com/id?1015324
cve@mitre.orghttp://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
cve@mitre.orghttp://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
cve@mitre.orghttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
cve@mitre.orghttp://www.debian.org/security/2005/dsa-931
cve@mitre.orghttp://www.debian.org/security/2005/dsa-932
cve@mitre.orghttp://www.debian.org/security/2005/dsa-937
cve@mitre.orghttp://www.debian.org/security/2005/dsa-938
cve@mitre.orghttp://www.debian.org/security/2005/dsa-940
cve@mitre.orghttp://www.debian.org/security/2006/dsa-936
cve@mitre.orghttp://www.debian.org/security/2006/dsa-950
cve@mitre.orghttp://www.debian.org/security/2006/dsa-961
cve@mitre.orghttp://www.debian.org/security/2006/dsa-962
cve@mitre.orghttp://www.gentoo.org/security/en/glsa/glsa-200512-08.xml
cve@mitre.orghttp://www.gentoo.org/security/en/glsa/glsa-200601-02.xml
cve@mitre.orghttp://www.idefense.com/application/poi/display?id=342&type=vulnerabilitiesPatch, Vendor Advisory
cve@mitre.orghttp://www.idefense.com/application/poi/display?id=343&type=vulnerabilitiesPatch, Vendor Advisory
cve@mitre.orghttp://www.kde.org/info/security/advisory-20051207-1.txt
cve@mitre.orghttp://www.kde.org/info/security/advisory-20051207-2.txt
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:003
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:004
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:005
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:006
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:008
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:010
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:011
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:012
cve@mitre.orghttp://www.novell.com/linux/security/advisories/2005_29_sr.html
cve@mitre.orghttp://www.novell.com/linux/security/advisories/2006_02_sr.html
cve@mitre.orghttp://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html
cve@mitre.orghttp://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html
cve@mitre.orghttp://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html
cve@mitre.orghttp://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-840.htmlVendor Advisory
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-867.htmlVendor Advisory
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-878.htmlVendor Advisory
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2006-0160.html
cve@mitre.orghttp://www.securityfocus.com/archive/1/418883/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/427053/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/427990/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/15726
cve@mitre.orghttp://www.securityfocus.com/bid/15727
cve@mitre.orghttp://www.trustix.org/errata/2005/0072/
cve@mitre.orghttp://www.ubuntulinux.org/usn/usn-227-1
cve@mitre.orghttp://www.vupen.com/english/advisories/2005/2786
cve@mitre.orghttp://www.vupen.com/english/advisories/2005/2787
cve@mitre.orghttp://www.vupen.com/english/advisories/2005/2788
cve@mitre.orghttp://www.vupen.com/english/advisories/2005/2789
cve@mitre.orghttp://www.vupen.com/english/advisories/2005/2790
cve@mitre.orghttp://www.vupen.com/english/advisories/2005/2856
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/2280
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/23443
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/23444
cve@mitre.orghttps://issues.rpath.com/browse/RPL-1609
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9760
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
af854a3a-2127-422b-91ae-364da2661108http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289
af854a3a-2127-422b-91ae-364da2661108http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2005-868.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17897Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17908Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17912Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17916Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17920Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17921Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17926Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17929Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17940Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17955
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17976Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18009Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18055Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18061Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18147
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18189Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18191Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18192Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18303
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18313Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18336Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18349Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18380
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18385Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18387Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18389
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18398
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18407
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18416Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18428
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18436
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18448
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18503
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18517
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18534
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18549
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18554
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18582
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18674
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18675
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18679
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18908
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18913
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19230
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19377
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19797
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19798
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/25729
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/26413
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/233
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/234
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1015309
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1015324
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-931
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-932
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-937
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-938
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-940
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-936
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-950
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-961
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-962
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml
af854a3a-2127-422b-91ae-364da2661108http://www.idefense.com/application/poi/display?id=342&type=vulnerabilitiesPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.idefense.com/application/poi/display?id=343&type=vulnerabilitiesPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.kde.org/info/security/advisory-20051207-1.txt
af854a3a-2127-422b-91ae-364da2661108http://www.kde.org/info/security/advisory-20051207-2.txt
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:003
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:004
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:005
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:006
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:008
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:010
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:011
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:012
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2005_29_sr.html
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2006_02_sr.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-840.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-867.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-878.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0160.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/418883/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/427053/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/427990/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/15726
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/15727
af854a3a-2127-422b-91ae-364da2661108http://www.trustix.org/errata/2005/0072/
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntulinux.org/usn/usn-227-1
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2005/2786
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2005/2787
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2005/2788
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2005/2789
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2005/2790
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2005/2856
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/2280
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/23443
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/23444
af854a3a-2127-422b-91ae-364da2661108https://issues.rpath.com/browse/RPL-1609
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9760
Impacted products
Vendor Product Version
xpdf xpdf 0.90
xpdf xpdf 0.91
xpdf xpdf 0.92
xpdf xpdf 0.93
xpdf xpdf 1.0
xpdf xpdf 1.0a
xpdf xpdf 1.1
xpdf xpdf 2.0
xpdf xpdf 2.1
xpdf xpdf 2.2
xpdf xpdf 2.3
xpdf xpdf 3.0
xpdf xpdf 3.0.1
xpdf xpdf 3.0_pl2
xpdf xpdf 3.0_pl3



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CC6233-E207-40CC-81FF-A8670EEA4295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "64DD9B5C-3DB8-4E15-B4A6-541E4E221C1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.92:*:*:*:*:*:*:*",
              "matchCriteriaId": "0304E1E3-8766-40D0-8879-A652B4E9E72D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.93:*:*:*:*:*:*:*",
              "matchCriteriaId": "188F1343-8082-4B54-8DA4-E344818ABD52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B95DA7DE-B786-4EE7-A3F4-C077A7986D5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:1.0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5306C05-4A71-4175-8C22-F2DE0F2FE4C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B9DEF16-ECD5-4BBE-8986-52A6171B3D9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFDBEEC-B2C1-47F0-82D3-FC9147B590A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "354487CF-0086-4AE2-872B-0032E3EB89EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "96767060-505A-42D2-A68A-6AD810DE800A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1169B802-7279-437F-AF59-621A67DC92EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B77866E-6818-4DE6-9457-39416871952C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0_pl2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6D23CF8-2B6C-4D2A-8E5E-6AACE99A7C19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0_pl3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9107B531-7254-4908-97F0-3BF1EA0495AC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KDE kpdf, (d) pdftohtml, (e) KOffice KWord, (f) CUPS, and (g) libextractor allow user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with an out-of-range number of components (numComps), which is used as an array index."
    }
  ],
  "id": "CVE-2005-3191",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2005-12-07T01:03:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2005-868.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17897"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17908"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17912"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17916"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17920"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17921"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17926"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17929"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17940"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/17955"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17976"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18009"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18055"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18061"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18147"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18189"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18191"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18192"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18303"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18313"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18336"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18349"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18380"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18385"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18387"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18389"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18398"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18407"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18416"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18428"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18436"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18448"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18503"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18517"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18534"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18549"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18554"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18582"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18674"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18675"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18679"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18908"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18913"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/19230"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/19377"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/19797"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/19798"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/25729"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/26413"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/233"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/234"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1015309"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1015324"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2005/dsa-931"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2005/dsa-932"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2005/dsa-937"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2005/dsa-938"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2005/dsa-940"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2006/dsa-936"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2006/dsa-950"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2006/dsa-961"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2006/dsa-962"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.idefense.com/application/poi/display?id=342\u0026type=vulnerabilities"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.idefense.com/application/poi/display?id=343\u0026type=vulnerabilities"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.kde.org/info/security/advisory-20051207-1.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/security/advisories/2005_29_sr.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/security/advisories/2006_02_sr.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-840.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-867.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-878.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/418883/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/15726"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/15727"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.trustix.org/errata/2005/0072/"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntulinux.org/usn/usn-227-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2005/2786"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2005/2787"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2005/2788"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2005/2789"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2005/2790"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2005/2856"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/2280"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23443"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23444"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://issues.rpath.com/browse/RPL-1609"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9760"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2005-868.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17897"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17908"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17912"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17916"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17920"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17921"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17926"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17929"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17940"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17955"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17976"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18009"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18055"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18061"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18147"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18189"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18191"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18192"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18303"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18313"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18336"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18349"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18380"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18385"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18387"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18389"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18398"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18407"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18416"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18428"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18436"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18448"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18503"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18517"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18534"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18549"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18554"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18582"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18674"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18675"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18679"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18908"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18913"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19230"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19377"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19797"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19798"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25729"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26413"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/233"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/234"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1015309"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1015324"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-931"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-932"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-937"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-938"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-940"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-936"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-950"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-961"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-962"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.idefense.com/application/poi/display?id=342\u0026type=vulnerabilities"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.idefense.com/application/poi/display?id=343\u0026type=vulnerabilities"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.kde.org/info/security/advisory-20051207-1.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2005_29_sr.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2006_02_sr.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-840.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-867.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-878.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/418883/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/15726"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/15727"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.trustix.org/errata/2005/0072/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntulinux.org/usn/usn-227-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/2786"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/2787"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/2788"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/2789"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/2790"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/2856"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2280"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23443"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23444"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-1609"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9760"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
      "lastModified": "2007-03-14T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value.
References
cve@mitre.orgftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patchPatch
cve@mitre.orgftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt
cve@mitre.orghttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000921Patch, Vendor Advisory
cve@mitre.orghttp://marc.info/?l=bugtraq&m=110625368019554&w=2
cve@mitre.orghttp://secunia.com/advisories/17277
cve@mitre.orghttp://www.debian.org/security/2005/dsa-645Patch, Vendor Advisory
cve@mitre.orghttp://www.debian.org/security/2005/dsa-648Patch, Vendor Advisory
cve@mitre.orghttp://www.idefense.com/application/poi/display?id=186&type=vulnerabilitiesExploit, Patch, Vendor Advisory
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2005:016
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2005:017
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2005:018
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2005:019
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2005:020
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2005:021
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-026.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-034.htmlPatch, Vendor Advisory
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-053.htmlPatch, Vendor Advisory
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-057.htmlPatch, Vendor Advisory
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-059.htmlPatch, Vendor Advisory
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-066.htmlPatch, Vendor Advisory
cve@mitre.orghttp://www.trustix.org/errata/2005/0003/Patch, Vendor Advisory
cve@mitre.orghttps://bugzilla.fedora.us/show_bug.cgi?id=2352Patch, Vendor Advisory
cve@mitre.orghttps://bugzilla.fedora.us/show_bug.cgi?id=2353Patch, Vendor Advisory
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11781
cve@mitre.orghttps://security.gentoo.org/glsa/200501-28
cve@mitre.orghttps://security.gentoo.org/glsa/200502-10
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patchPatch
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt
af854a3a-2127-422b-91ae-364da2661108http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000921Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=110625368019554&w=2
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17277
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-645Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-648Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.idefense.com/application/poi/display?id=186&type=vulnerabilitiesExploit, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2005:016
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2005:017
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2005:018
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2005:019
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2005:020
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2005:021
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-026.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-034.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-053.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-057.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-059.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-066.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.trustix.org/errata/2005/0003/Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.fedora.us/show_bug.cgi?id=2352Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.fedora.us/show_bug.cgi?id=2353Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11781
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/200501-28
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/200502-10
Impacted products
Vendor Product Version
xpdf xpdf 0.2
xpdf xpdf 0.3
xpdf xpdf 0.4
xpdf xpdf 0.5
xpdf xpdf 0.5a
xpdf xpdf 0.6
xpdf xpdf 0.7
xpdf xpdf 0.7a
xpdf xpdf 0.80
xpdf xpdf 0.90
xpdf xpdf 0.91
xpdf xpdf 0.91a
xpdf xpdf 0.91b
xpdf xpdf 0.91c
xpdf xpdf 0.92
xpdf xpdf 0.92a
xpdf xpdf 0.92b
xpdf xpdf 0.92c
xpdf xpdf 0.92d
xpdf xpdf 0.92e
xpdf xpdf 0.93
xpdf xpdf 0.93a
xpdf xpdf 0.93b
xpdf xpdf 0.93c
xpdf xpdf 1.0
xpdf xpdf 1.0a
xpdf xpdf 1.1
xpdf xpdf 2.0
xpdf xpdf 2.1
xpdf xpdf 2.2
xpdf xpdf 2.3
xpdf xpdf 3.0



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4D33C2A-E803-4575-B4CF-D5E484A22D80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2A7B432-CDA1-472C-8FA4-30952A5A542D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "82DFDA2C-4518-4491-A8B5-DFD08997D2F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFB22C0B-E48E-4AD7-92BC-6DFB2D1F121C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.5a:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A668276-7AE1-4395-90EE-E5A7B84657C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5D90CF9-30BC-4F64-9A90-3B8160BB1737",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "172B87AF-5263-46CA-A9C2-AC08CCBC2960",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.7a:*:*:*:*:*:*:*",
              "matchCriteriaId": "48F57D8D-E95C-4E80-B99C-475CB4D866F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.80:*:*:*:*:*:*:*",
              "matchCriteriaId": "756DDE44-2E0C-4209-ABBF-B9F73E4308C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CC6233-E207-40CC-81FF-A8670EEA4295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "64DD9B5C-3DB8-4E15-B4A6-541E4E221C1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.91a:*:*:*:*:*:*:*",
              "matchCriteriaId": "57BB7E29-D56E-4B1B-ACFF-012B9B1E3187",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.91b:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E9AA00B-7910-426C-BA4F-56476C101E31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.91c:*:*:*:*:*:*:*",
              "matchCriteriaId": "25102E75-6D76-4DBF-B559-3C514B79D710",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.92:*:*:*:*:*:*:*",
              "matchCriteriaId": "0304E1E3-8766-40D0-8879-A652B4E9E72D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.92a:*:*:*:*:*:*:*",
              "matchCriteriaId": "00D8F3B8-255A-41BF-9A6D-8D44796FFC12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.92b:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F432DC7-26C9-4645-B297-625F2D4C6F01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.92c:*:*:*:*:*:*:*",
              "matchCriteriaId": "49D5BC8E-8877-4277-BF7F-2021E9F20146",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.92d:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D7DBEC5-478B-4AF5-ADC5-F95650DB90BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.92e:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBC1A6C4-145B-49A4-A6B7-5DB9C8C5DF3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.93:*:*:*:*:*:*:*",
              "matchCriteriaId": "188F1343-8082-4B54-8DA4-E344818ABD52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.93a:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4377ECA-92FE-4E39-B9F3-4220262CB989",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.93b:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC3D4DA0-C4B0-4727-AADF-522A7C4ECA55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.93c:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAC59A29-3F4E-4667-9966-E94F5FC3036D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B95DA7DE-B786-4EE7-A3F4-C077A7986D5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:1.0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5306C05-4A71-4175-8C22-F2DE0F2FE4C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B9DEF16-ECD5-4BBE-8986-52A6171B3D9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFDBEEC-B2C1-47F0-82D3-FC9147B590A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "354487CF-0086-4AE2-872B-0032E3EB89EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "96767060-505A-42D2-A68A-6AD810DE800A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1169B802-7279-437F-AF59-621A67DC92EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value."
    }
  ],
  "id": "CVE-2005-0064",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-05-02T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000921"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=110625368019554\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/17277"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-645"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-648"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.idefense.com/application/poi/display?id=186\u0026type=vulnerabilities"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:016"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:017"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:018"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:019"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:020"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:021"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-026.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-059.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-066.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.trustix.org/errata/2005/0003/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2352"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11781"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://security.gentoo.org/glsa/200501-28"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://security.gentoo.org/glsa/200502-10"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000921"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=110625368019554\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17277"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-645"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-648"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.idefense.com/application/poi/display?id=186\u0026type=vulnerabilities"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:016"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:017"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:018"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:019"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:020"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:021"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-026.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-059.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-066.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.trustix.org/errata/2005/0003/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2352"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11781"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.gentoo.org/glsa/200501-28"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.gentoo.org/glsa/200502-10"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
References
secalert@redhat.comftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt
secalert@redhat.comftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
secalert@redhat.comftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
secalert@redhat.comftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
secalert@redhat.comhttp://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.htmlPatch
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2006-0177.htmlPatch, Vendor Advisory
secalert@redhat.comhttp://scary.beasts.org/security/CESA-2005-003.txtExploit, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18147
secalert@redhat.comhttp://secunia.com/advisories/18303Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18312Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18313Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18329Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18332Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18334
secalert@redhat.comhttp://secunia.com/advisories/18338Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18349Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18373
secalert@redhat.comhttp://secunia.com/advisories/18375Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18380
secalert@redhat.comhttp://secunia.com/advisories/18385Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18387Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18389Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18398Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18407Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18414
secalert@redhat.comhttp://secunia.com/advisories/18416Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18423Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18425
secalert@redhat.comhttp://secunia.com/advisories/18428
secalert@redhat.comhttp://secunia.com/advisories/18436
secalert@redhat.comhttp://secunia.com/advisories/18448Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18463
secalert@redhat.comhttp://secunia.com/advisories/18517Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18534Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18554Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18582Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18642Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18644Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18674Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18675Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18679Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18908
secalert@redhat.comhttp://secunia.com/advisories/18913Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/19230
secalert@redhat.comhttp://secunia.com/advisories/19377
secalert@redhat.comhttp://secunia.com/advisories/25729
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-931
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-932
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-937
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-938
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-940
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-936Patch, Vendor Advisory
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-950Patch, Vendor Advisory
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-961Patch, Vendor Advisory
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-962Patch, Vendor Advisory
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200601-02.xmlPatch, Vendor Advisory
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200601-17.xmlPatch, Vendor Advisory
secalert@redhat.comhttp://www.kde.org/info/security/advisory-20051207-2.txtPatch, Vendor Advisory
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:003
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:004
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:005
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:006
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:008
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:010
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:011
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:012
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0160.htmlPatch, Vendor Advisory
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0163.html
secalert@redhat.comhttp://www.securityfocus.com/archive/1/427053/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/427990/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/16143Patch
secalert@redhat.comhttp://www.trustix.org/errata/2006/0002/
secalert@redhat.comhttp://www.vupen.com/english/advisories/2006/0047
secalert@redhat.comhttp://www.vupen.com/english/advisories/2007/2280
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/24022
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437
secalert@redhat.comhttps://usn.ubuntu.com/236-1/
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
af854a3a-2127-422b-91ae-364da2661108http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2006-0177.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://scary.beasts.org/security/CESA-2005-003.txtExploit, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18147
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18303Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18312Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18313Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18329Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18332Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18334
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18338Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18349Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18373
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18375Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18380
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18385Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18387Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18389Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18398Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18407Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18414
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18416Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18423Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18425
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18428
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18436
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18448Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18463
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18517Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18534Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18554Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18582Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18642Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18644Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18674Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18675Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18679Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18908
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18913Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19230
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19377
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/25729
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-931
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-932
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-937
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-938
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-940
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-936Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-950Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-961Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-962Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200601-02.xmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200601-17.xmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.kde.org/info/security/advisory-20051207-2.txtPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:003
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:004
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:005
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:006
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:008
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:010
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:011
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:012
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0160.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0163.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/427053/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/427990/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/16143Patch
af854a3a-2127-422b-91ae-364da2661108http://www.trustix.org/errata/2006/0002/
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/0047
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/2280
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/24022
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/236-1/
Impacted products
Vendor Product Version
easy_software_products cups 1.1.22
easy_software_products cups 1.1.22_rc1
easy_software_products cups 1.1.23
easy_software_products cups 1.1.23_rc1
kde kdegraphics 3.2
kde kdegraphics 3.4.3
kde koffice 1.4
kde koffice 1.4.1
kde koffice 1.4.2
kde kpdf 3.2
kde kpdf 3.4.3
kde kword 1.4.2
libextractor libextractor *
poppler poppler 0.4.2
sgi propack 3.0
tetex tetex 1.0.7
tetex tetex 2.0
tetex tetex 2.0.1
tetex tetex 2.0.2
tetex tetex 3.0
xpdf xpdf 3.0
conectiva linux 10.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
gentoo linux *
mandrakesoft mandrake_linux 10.1
mandrakesoft mandrake_linux 10.1
mandrakesoft mandrake_linux 10.2
mandrakesoft mandrake_linux 10.2
mandrakesoft mandrake_linux 2006
mandrakesoft mandrake_linux 2006
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux_corporate_server 3.0
mandrakesoft mandrake_linux_corporate_server 3.0
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 3.0
redhat enterprise_linux 3.0
redhat enterprise_linux 3.0
redhat enterprise_linux 4.0
redhat enterprise_linux 4.0
redhat enterprise_linux 4.0
redhat enterprise_linux_desktop 3.0
redhat enterprise_linux_desktop 4.0
redhat fedora_core core_1.0
redhat fedora_core core_2.0
redhat fedora_core core_3.0
redhat fedora_core core_4.0
redhat linux 7.3
redhat linux 9.0
redhat linux_advanced_workstation 2.1
redhat linux_advanced_workstation 2.1
sco openserver 5.0.7
sco openserver 6.0
slackware slackware_linux 9.0
slackware slackware_linux 9.1
slackware slackware_linux 10.0
slackware slackware_linux 10.1
slackware slackware_linux 10.2
suse suse_linux 1.0
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.1
suse suse_linux 9.1
suse suse_linux 9.1
suse suse_linux 9.2
suse suse_linux 9.2
suse suse_linux 9.2
suse suse_linux 9.3
suse suse_linux 9.3
suse suse_linux 9.3
suse suse_linux 10.0
suse suse_linux 10.0
trustix secure_linux 2.0
trustix secure_linux 2.2
trustix secure_linux 3.0
turbolinux turbolinux 10
turbolinux turbolinux fuji
turbolinux turbolinux_appliance_server 1.0_hosting_edition
turbolinux turbolinux_appliance_server 1.0_workgroup_edition
turbolinux turbolinux_desktop 10.0
turbolinux turbolinux_home *
turbolinux turbolinux_multimedia *
turbolinux turbolinux_personal *
turbolinux turbolinux_server 8.0
turbolinux turbolinux_server 10.0
turbolinux turbolinux_server 10.0_x86
turbolinux turbolinux_workstation 8.0
ubuntu ubuntu_linux 4.1
ubuntu ubuntu_linux 4.1
ubuntu ubuntu_linux 5.04
ubuntu ubuntu_linux 5.04
ubuntu ubuntu_linux 5.04
ubuntu ubuntu_linux 5.10
ubuntu ubuntu_linux 5.10
ubuntu ubuntu_linux 5.10



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1512A96-B8E7-4DB7-A4CB-8FD3773BFC97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "787B918D-9CCC-44FE-92AF-E8DF1E91A3C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "C116493B-2837-4531-9291-A9FF03099A97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "525BD04B-387F-4713-BC89-472D0D0BCFD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kdegraphics:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF92649-90CE-4E75-A938-61D0916B5A7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kdegraphics:3.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CA505B4-0C17-49C8-9533-CA8CE3AA77D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "37C08E0A-651F-458B-BCEC-A30DCD527E47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6000D6AF-C056-4BC0-A54C-72E23E52AB92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D036E4-FA49-417D-968B-9D73B16A09BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kpdf:3.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC2AB9CB-DEAB-45AB-A7CA-D19E069907EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kword:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAC32BAA-99B3-4B40-83A3-ED9E1B12B295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libextractor:libextractor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "679D9520-DE8E-4D06-A227-3B1C1D05977D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sgi:propack:3.0:sp6:*:*:*:*:*:*",
              "matchCriteriaId": "EF8ABD90-AD2B-4FA0-A355-9D7CD6D3C486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9178B36F-41D5-4AE7-B9C8-56BDEADE76EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
              "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
              "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "5BF84240-1881-4EFB-BB2F-F9CE8AD09C7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "AF8AE8C4-810F-41AB-A251-5A2D4DD6884D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*",
              "matchCriteriaId": "5EACF214-FA27-44FF-A431-927AB79377A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "E2B58895-0E2A-4466-9CB2-0083349A83B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "03F8220A-9B1C-40AA-AEAB-F9A93225FBD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "2311919C-7864-469D-B0F6-9B11D8D0A1C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "19876495-4C1A-487C-955A-C5AA46362A1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*",
              "matchCriteriaId": "D75286DD-50BC-4B72-8AC8-E20730124DC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "1998C972-497E-4916-B50E-FB32303EEA8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "A6CD3DD9-3A8A-4716-A2D1-136A790AFF94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "6CE2020A-4FB2-4FCD-8561-7BD147CD95EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "08E90AFA-C262-46D0-B60E-26B67C9602D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:*",
              "matchCriteriaId": "0315FB43-D199-4734-B724-50ED031C0020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "11D69B83-4EF3-407B-8E8C-DE623F099C17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:x86-64:*:*:*:*:*",
              "matchCriteriaId": "7D221688-18A0-453D-8D13-6B68011FCA13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*",
              "matchCriteriaId": "597094EC-D23F-4EC4-A140-96F287679124",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86-64:*:*:*:*:*",
              "matchCriteriaId": "C4FCF0D3-A6CB-448E-B0D3-DA82BE02DEC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
              "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
              "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C720DACC-CF4B-4A00-818C-8303A7D7DED6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*",
              "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*",
              "matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sco:openserver:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7458BA31-812E-40C9-BB92-8688A3BCBA56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29C5A03-A7C9-4780-BB63-CF1E874D018D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B85EF0EE-3E61-4CA3-9F00-610AB2E1CFCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "70440F49-AEE9-41BE-8E1A-43AB657C8E09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:personal:*:*:*:*:*",
              "matchCriteriaId": "F239BA8A-6B41-4B08-8C7C-25D235812C50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:professional:*:*:*:*:*",
              "matchCriteriaId": "89BA858B-9466-4640-84AE-DC5BDC65D6B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:s_390:*:*:*:*:*",
              "matchCriteriaId": "85F2D904-E830-4034-9CCB-0FF65019622C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:personal:*:*:*:*:*",
              "matchCriteriaId": "3EA56868-ACA1-4C65-9FFB-A68129D2428A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:professional:*:*:*:*:*",
              "matchCriteriaId": "1BA2E629-58C6-4BA0-A447-F8F570B35E74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:personal:*:*:*:*:*",
              "matchCriteriaId": "3BEE15E9-9194-4E37-AB3B-66ECD5AC9E11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:professional:*:*:*:*:*",
              "matchCriteriaId": "C89BA3B6-370B-4911-A363-935A9C9EACF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:personal:*:*:*:*:*",
              "matchCriteriaId": "4F1B4D15-0562-44D6-B80B-35A8F432BD41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:professional:*:*:*:*:*",
              "matchCriteriaId": "D84ABF78-0D85-4E15-907E-B5ACE86EB8C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "9C7018E7-F90C-435D-A07A-05A294EA2827",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*",
              "matchCriteriaId": "16915004-1006-41D6-9E42-D1A5041E442D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:professional:*:*:*:*:*",
              "matchCriteriaId": "994ABCE2-3B9E-4E4E-83F7-CE2A79C70F64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "100A2456-BF20-4461-8DC9-C61889322B29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux:10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C7D4F57-E186-497A-B390-92E5D2C7E894",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEC3F6F3-9A6E-4A98-A967-6776C872475C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_hosting_edition:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC3218DD-A565-4AB8-86FE-E7F59AC0535F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_workgroup_edition:*:*:*:*:*:*:*",
              "matchCriteriaId": "97AEDB57-202F-4B53-8815-21836F177060",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_home:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "065FF0F1-7FAC-4584-92EA-EAA87DC76FA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_multimedia:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E27180A1-9767-4CD3-978C-7538155B162D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_personal:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAAA9376-A060-49AE-86A7-6B28E26ED5D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B484D091-62DE-4EF2-AC54-26896CA8B315",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0_x86:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC5AC26E-3F3F-4D14-BE65-82B4432AB382",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "3BD12488-1ED8-4751-ABF5-3578D54750A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*",
              "matchCriteriaId": "AE3733CF-4C88-443C-9B90-6477C9C500D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*",
              "matchCriteriaId": "9C500A75-D75E-45B4-B582-0F0DF27C3C04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "86FD134D-A5C5-4B08-962D-70CF07C74923",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*",
              "matchCriteriaId": "FA84692E-F99D-4207-B4F2-799A6ADB88AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*",
              "matchCriteriaId": "8B0F1091-4B76-44F5-B896-6D37E2F909A2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows."
    }
  ],
  "id": "CVE-2005-3624",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-12-31T05:00:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18147"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18303"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18312"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18313"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18329"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18332"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18334"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18338"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18349"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18373"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18375"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18380"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18385"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18387"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18389"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18398"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18407"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18414"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18416"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18423"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18425"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18428"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18436"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18448"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18463"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18517"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18534"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18554"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18582"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18642"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18644"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18674"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18675"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18679"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18908"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18913"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19230"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19377"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25729"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-931"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-932"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-937"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-938"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-940"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-936"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-950"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-961"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-962"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16143"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.trustix.org/errata/2006/0002/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2006/0047"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/2280"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/236-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18147"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18303"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18312"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18313"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18329"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18332"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18334"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18338"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18349"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18373"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18375"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18380"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18385"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18387"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18389"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18398"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18407"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18414"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18416"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18423"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18425"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18428"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18436"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18448"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18463"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18517"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18534"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18554"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18582"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18642"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18644"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18674"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18675"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18679"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18908"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18913"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19230"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19377"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25729"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-931"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-932"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-937"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-938"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-940"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-936"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-950"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-961"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-962"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16143"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.trustix.org/errata/2006/0002/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/0047"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2280"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/236-1/"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vendorComments": [
    {
      "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
      "lastModified": "2007-03-14T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2000-10-20 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
xpdf PDF viewer client earlier than 0.91 allows local users to overwrite arbitrary files via a symlink attack.
Impacted products
Vendor Product Version
xpdf xpdf 0.90



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CC6233-E207-40CC-81FF-A8670EEA4295",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "xpdf PDF viewer client earlier than 0.91 allows local users to overwrite arbitrary files via a symlink attack."
    }
  ],
  "id": "CVE-2000-0728",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2000-10-20T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=96766355023239\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=96886599829687\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-031.0.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2000-060.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/1624"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=96766355023239\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=96886599829687\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-031.0.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2000-060.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/1624"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
References
secalert@redhat.comftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt
secalert@redhat.comftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
secalert@redhat.comftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
secalert@redhat.comftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
secalert@redhat.comhttp://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.htmlPatch, Vendor Advisory
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2006-0177.htmlPatch, Vendor Advisory
secalert@redhat.comhttp://scary.beasts.org/security/CESA-2005-003.txtExploit
secalert@redhat.comhttp://secunia.com/advisories/18147
secalert@redhat.comhttp://secunia.com/advisories/18303Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18312Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18313Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18329Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18332Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18334Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18335Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18338Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18349Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18373
secalert@redhat.comhttp://secunia.com/advisories/18375Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18380
secalert@redhat.comhttp://secunia.com/advisories/18385Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18387Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18389Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18398Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18407Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18414
secalert@redhat.comhttp://secunia.com/advisories/18416Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18423Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18425
secalert@redhat.comhttp://secunia.com/advisories/18428
secalert@redhat.comhttp://secunia.com/advisories/18436
secalert@redhat.comhttp://secunia.com/advisories/18448Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18463
secalert@redhat.comhttp://secunia.com/advisories/18517Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18534Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18554Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18582Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18642Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18644Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18674Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18675Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18679Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18908
secalert@redhat.comhttp://secunia.com/advisories/18913
secalert@redhat.comhttp://secunia.com/advisories/19230
secalert@redhat.comhttp://secunia.com/advisories/19377
secalert@redhat.comhttp://secunia.com/advisories/25729
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-931
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-932
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-937
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-938
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-940
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-936Patch, Vendor Advisory
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-950Patch, Vendor Advisory
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-961Patch, Vendor Advisory
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-962
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200601-02.xmlPatch, Vendor Advisory
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200601-17.xml
secalert@redhat.comhttp://www.kde.org/info/security/advisory-20051207-2.txtPatch, Vendor Advisory
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:003
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:004
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:005
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:006
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:008
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:010
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:011
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:012
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.htmlPatch
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.htmlPatch
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0160.htmlPatch, Vendor Advisory
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0163.html
secalert@redhat.comhttp://www.securityfocus.com/archive/1/427053/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/427990/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/16143Patch
secalert@redhat.comhttp://www.trustix.org/errata/2006/0002/
secalert@redhat.comhttp://www.vupen.com/english/advisories/2006/0047
secalert@redhat.comhttp://www.vupen.com/english/advisories/2007/2280
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/24026
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992
secalert@redhat.comhttps://usn.ubuntu.com/236-1/
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
af854a3a-2127-422b-91ae-364da2661108http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2006-0177.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://scary.beasts.org/security/CESA-2005-003.txtExploit
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18147
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18303Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18312Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18313Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18329Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18332Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18334Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18335Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18338Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18349Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18373
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18375Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18380
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18385Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18387Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18389Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18398Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18407Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18414
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18416Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18423Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18425
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18428
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18436
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18448Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18463
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18517Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18534Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18554Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18582Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18642Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18644Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18674Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18675Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18679Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18908
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18913
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19230
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19377
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/25729
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-931
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-932
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-937
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-938
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-940
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-936Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-950Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-961Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-962
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200601-02.xmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml
af854a3a-2127-422b-91ae-364da2661108http://www.kde.org/info/security/advisory-20051207-2.txtPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:003
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:004
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:005
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:006
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:008
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:010
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:011
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:012
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0160.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0163.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/427053/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/427990/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/16143Patch
af854a3a-2127-422b-91ae-364da2661108http://www.trustix.org/errata/2006/0002/
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/0047
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/2280
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/24026
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/236-1/
Impacted products
Vendor Product Version
easy_software_products cups 1.1.22
easy_software_products cups 1.1.22_rc1
easy_software_products cups 1.1.23
easy_software_products cups 1.1.23_rc1
kde kdegraphics 3.2
kde kdegraphics 3.4.3
kde koffice 1.4
kde koffice 1.4.1
kde koffice 1.4.2
kde kpdf 3.2
kde kpdf 3.4.3
kde kword 1.4.2
libextractor libextractor *
poppler poppler 0.4.2
sgi propack 3.0
tetex tetex 1.0.7
tetex tetex 2.0
tetex tetex 2.0.1
tetex tetex 2.0.2
tetex tetex 3.0
xpdf xpdf 3.0
conectiva linux 10.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
gentoo linux *
mandrakesoft mandrake_linux 10.1
mandrakesoft mandrake_linux 10.1
mandrakesoft mandrake_linux 10.2
mandrakesoft mandrake_linux 10.2
mandrakesoft mandrake_linux 2006
mandrakesoft mandrake_linux 2006
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux_corporate_server 3.0
mandrakesoft mandrake_linux_corporate_server 3.0
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 3.0
redhat enterprise_linux 3.0
redhat enterprise_linux 3.0
redhat enterprise_linux 4.0
redhat enterprise_linux 4.0
redhat enterprise_linux 4.0
redhat enterprise_linux_desktop 3.0
redhat enterprise_linux_desktop 4.0
redhat fedora_core core_1.0
redhat fedora_core core_2.0
redhat fedora_core core_3.0
redhat fedora_core core_4.0
redhat linux 7.3
redhat linux 9.0
redhat linux_advanced_workstation 2.1
redhat linux_advanced_workstation 2.1
sco openserver 5.0.7
sco openserver 6.0
slackware slackware_linux 9.0
slackware slackware_linux 9.1
slackware slackware_linux 10.0
slackware slackware_linux 10.1
slackware slackware_linux 10.2
suse suse_linux 1.0
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.1
suse suse_linux 9.1
suse suse_linux 9.1
suse suse_linux 9.2
suse suse_linux 9.2
suse suse_linux 9.2
suse suse_linux 9.3
suse suse_linux 9.3
suse suse_linux 9.3
suse suse_linux 10.0
suse suse_linux 10.0
trustix secure_linux 2.0
trustix secure_linux 2.2
trustix secure_linux 3.0
turbolinux turbolinux 10
turbolinux turbolinux fuji
turbolinux turbolinux_appliance_server 1.0_hosting_edition
turbolinux turbolinux_appliance_server 1.0_workgroup_edition
turbolinux turbolinux_desktop 10.0
turbolinux turbolinux_home *
turbolinux turbolinux_multimedia *
turbolinux turbolinux_personal *
turbolinux turbolinux_server 8.0
turbolinux turbolinux_server 10.0
turbolinux turbolinux_server 10.0_x86
turbolinux turbolinux_workstation 8.0
ubuntu ubuntu_linux 4.1
ubuntu ubuntu_linux 4.1
ubuntu ubuntu_linux 5.04
ubuntu ubuntu_linux 5.04
ubuntu ubuntu_linux 5.04
ubuntu ubuntu_linux 5.10
ubuntu ubuntu_linux 5.10
ubuntu ubuntu_linux 5.10



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1512A96-B8E7-4DB7-A4CB-8FD3773BFC97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "787B918D-9CCC-44FE-92AF-E8DF1E91A3C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "C116493B-2837-4531-9291-A9FF03099A97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "525BD04B-387F-4713-BC89-472D0D0BCFD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kdegraphics:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF92649-90CE-4E75-A938-61D0916B5A7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kdegraphics:3.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CA505B4-0C17-49C8-9533-CA8CE3AA77D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "37C08E0A-651F-458B-BCEC-A30DCD527E47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6000D6AF-C056-4BC0-A54C-72E23E52AB92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D036E4-FA49-417D-968B-9D73B16A09BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kpdf:3.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC2AB9CB-DEAB-45AB-A7CA-D19E069907EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kword:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAC32BAA-99B3-4B40-83A3-ED9E1B12B295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libextractor:libextractor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "679D9520-DE8E-4D06-A227-3B1C1D05977D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sgi:propack:3.0:sp6:*:*:*:*:*:*",
              "matchCriteriaId": "EF8ABD90-AD2B-4FA0-A355-9D7CD6D3C486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9178B36F-41D5-4AE7-B9C8-56BDEADE76EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
              "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
              "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "5BF84240-1881-4EFB-BB2F-F9CE8AD09C7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "AF8AE8C4-810F-41AB-A251-5A2D4DD6884D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*",
              "matchCriteriaId": "5EACF214-FA27-44FF-A431-927AB79377A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "E2B58895-0E2A-4466-9CB2-0083349A83B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "03F8220A-9B1C-40AA-AEAB-F9A93225FBD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "2311919C-7864-469D-B0F6-9B11D8D0A1C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "19876495-4C1A-487C-955A-C5AA46362A1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*",
              "matchCriteriaId": "D75286DD-50BC-4B72-8AC8-E20730124DC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "1998C972-497E-4916-B50E-FB32303EEA8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "A6CD3DD9-3A8A-4716-A2D1-136A790AFF94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "6CE2020A-4FB2-4FCD-8561-7BD147CD95EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "08E90AFA-C262-46D0-B60E-26B67C9602D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:*",
              "matchCriteriaId": "0315FB43-D199-4734-B724-50ED031C0020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "11D69B83-4EF3-407B-8E8C-DE623F099C17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:x86-64:*:*:*:*:*",
              "matchCriteriaId": "7D221688-18A0-453D-8D13-6B68011FCA13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*",
              "matchCriteriaId": "597094EC-D23F-4EC4-A140-96F287679124",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86-64:*:*:*:*:*",
              "matchCriteriaId": "C4FCF0D3-A6CB-448E-B0D3-DA82BE02DEC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
              "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
              "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C720DACC-CF4B-4A00-818C-8303A7D7DED6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*",
              "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*",
              "matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sco:openserver:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7458BA31-812E-40C9-BB92-8688A3BCBA56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29C5A03-A7C9-4780-BB63-CF1E874D018D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B85EF0EE-3E61-4CA3-9F00-610AB2E1CFCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "70440F49-AEE9-41BE-8E1A-43AB657C8E09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:personal:*:*:*:*:*",
              "matchCriteriaId": "F239BA8A-6B41-4B08-8C7C-25D235812C50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:professional:*:*:*:*:*",
              "matchCriteriaId": "89BA858B-9466-4640-84AE-DC5BDC65D6B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:s_390:*:*:*:*:*",
              "matchCriteriaId": "85F2D904-E830-4034-9CCB-0FF65019622C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:personal:*:*:*:*:*",
              "matchCriteriaId": "3EA56868-ACA1-4C65-9FFB-A68129D2428A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:professional:*:*:*:*:*",
              "matchCriteriaId": "1BA2E629-58C6-4BA0-A447-F8F570B35E74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:personal:*:*:*:*:*",
              "matchCriteriaId": "3BEE15E9-9194-4E37-AB3B-66ECD5AC9E11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:professional:*:*:*:*:*",
              "matchCriteriaId": "C89BA3B6-370B-4911-A363-935A9C9EACF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:personal:*:*:*:*:*",
              "matchCriteriaId": "4F1B4D15-0562-44D6-B80B-35A8F432BD41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:professional:*:*:*:*:*",
              "matchCriteriaId": "D84ABF78-0D85-4E15-907E-B5ACE86EB8C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "9C7018E7-F90C-435D-A07A-05A294EA2827",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*",
              "matchCriteriaId": "16915004-1006-41D6-9E42-D1A5041E442D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:professional:*:*:*:*:*",
              "matchCriteriaId": "994ABCE2-3B9E-4E4E-83F7-CE2A79C70F64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "100A2456-BF20-4461-8DC9-C61889322B29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux:10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C7D4F57-E186-497A-B390-92E5D2C7E894",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEC3F6F3-9A6E-4A98-A967-6776C872475C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_hosting_edition:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC3218DD-A565-4AB8-86FE-E7F59AC0535F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_workgroup_edition:*:*:*:*:*:*:*",
              "matchCriteriaId": "97AEDB57-202F-4B53-8815-21836F177060",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_home:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "065FF0F1-7FAC-4584-92EA-EAA87DC76FA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_multimedia:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E27180A1-9767-4CD3-978C-7538155B162D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_personal:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAAA9376-A060-49AE-86A7-6B28E26ED5D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B484D091-62DE-4EF2-AC54-26896CA8B315",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0_x86:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC5AC26E-3F3F-4D14-BE65-82B4432AB382",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "3BD12488-1ED8-4751-ABF5-3578D54750A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*",
              "matchCriteriaId": "AE3733CF-4C88-443C-9B90-6477C9C500D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*",
              "matchCriteriaId": "9C500A75-D75E-45B4-B582-0F0DF27C3C04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "86FD134D-A5C5-4B08-962D-70CF07C74923",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*",
              "matchCriteriaId": "FA84692E-F99D-4207-B4F2-799A6ADB88AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*",
              "matchCriteriaId": "8B0F1091-4B76-44F5-B896-6D37E2F909A2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference."
    }
  ],
  "id": "CVE-2005-3626",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-12-31T05:00:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit"
      ],
      "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18147"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18303"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18312"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18313"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18329"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18332"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18334"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18335"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18338"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18349"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18373"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18375"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18380"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18385"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18387"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18389"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18398"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18407"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18414"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18416"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18423"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18425"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18428"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18436"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18448"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18463"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18517"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18534"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18554"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18582"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18642"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18644"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18674"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18675"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18679"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18908"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18913"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19230"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19377"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25729"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-931"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-932"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-937"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-938"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-940"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-936"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-950"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-961"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-962"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16143"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.trustix.org/errata/2006/0002/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2006/0047"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/2280"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/236-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18147"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18303"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18312"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18313"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18329"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18332"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18334"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18335"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18338"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18349"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18373"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18375"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18380"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18385"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18387"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18389"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18398"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18407"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18414"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18416"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18423"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18425"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18428"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18436"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18448"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18463"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18517"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18534"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18554"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18582"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18642"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18644"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18674"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18675"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18679"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18908"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18913"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19230"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19377"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25729"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-931"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-932"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-937"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-938"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-940"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-936"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-950"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-961"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-962"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16143"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.trustix.org/errata/2006/0002/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/0047"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2280"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/236-1/"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vendorComments": [
    {
      "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
      "lastModified": "2007-03-14T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-12-21 21:30
Modified
2025-04-09 00:30
Severity ?
Summary
The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers to execute arbitrary code via a PDF file with a crafted Type 1 font that can produce a negative value, leading to a signed-to-unsigned integer conversion error and a buffer overflow.
References
secalert@redhat.comhttp://cgit.freedesktop.org/poppler/poppler/diff/fofi/FoFiType1.cc?id=4b4fc5c0
secalert@redhat.comhttp://cgit.freedesktop.org/poppler/poppler/tree/fofi/FoFiType1.cc?id=4b4fc5c017bf147c9069bbce32fc14467bd2a81a
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2010-02/msg00003.html
secalert@redhat.comhttp://secunia.com/advisories/37641Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37781Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37787Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/37793Vendor Advisory
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-1680.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-1681.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-1682.html
secalert@redhat.comhttp://www.securityfocus.com/bid/37350
secalert@redhat.comhttp://www.securitytracker.com/id?1023356
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/3555Vendor Advisory
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=541614
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/54831
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10996
af854a3a-2127-422b-91ae-364da2661108http://cgit.freedesktop.org/poppler/poppler/diff/fofi/FoFiType1.cc?id=4b4fc5c0
af854a3a-2127-422b-91ae-364da2661108http://cgit.freedesktop.org/poppler/poppler/tree/fofi/FoFiType1.cc?id=4b4fc5c017bf147c9069bbce32fc14467bd2a81a
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00003.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37641Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37781Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37787Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37793Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-1680.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-1681.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2009-1682.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/37350
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1023356
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/3555Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=541614
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/54831
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10996
Impacted products
Vendor Product Version
gnome gpdf 2.8.2
kde kdegraphics 3.3.1
kde kpdf 3.3.1
xpdf xpdf 3.0.0



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:gnome:gpdf:2.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "06B06279-EFB2-4EC1-95F2-166DC5B1BB71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kdegraphics:3.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D90D14-63D3-446D-A24D-A2466AB91FAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kpdf:3.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "24BA4DB2-7822-49A1-AC10-F6502E93E6D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "73F1D25C-854F-4CDC-A50D-601B39672390",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers to execute arbitrary code via a PDF file with a crafted Type 1 font that can produce a negative value, leading to a signed-to-unsigned integer conversion error and a buffer overflow."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n FoFiType1::parse en fofi/FoFiType1.cc en Xpdf v3.0.0, en gpdf v2.8.2, en kpdf en kdegraphics v3.3.1, y posiblemente otras liber\u00edas y versiones, no verifica el valor de retorno de la funci\u00f3n getNextLine, permite a los atacantes dependientes del contexto ejecutar c\u00f3digo de su elecci\u00f3n mediante un fichero PDF con una fuente Type 1 modificada que puede producir un valor negativo, conduciendo a un error de conversi\u00f3n de entero signed-to-unsigned y un desbordamiento de b\u00fafer."
    }
  ],
  "id": "CVE-2009-4035",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-12-21T21:30:00.217",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://cgit.freedesktop.org/poppler/poppler/diff/fofi/FoFiType1.cc?id=4b4fc5c0"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://cgit.freedesktop.org/poppler/poppler/tree/fofi/FoFiType1.cc?id=4b4fc5c017bf147c9069bbce32fc14467bd2a81a"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00003.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37641"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37781"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37787"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37793"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-1680.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-1681.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-1682.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/37350"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1023356"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/3555"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=541614"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54831"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10996"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://cgit.freedesktop.org/poppler/poppler/diff/fofi/FoFiType1.cc?id=4b4fc5c0"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://cgit.freedesktop.org/poppler/poppler/tree/fofi/FoFiType1.cc?id=4b4fc5c017bf147c9069bbce32fc14467bd2a81a"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37641"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37781"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37787"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37793"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-1680.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-1681.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-1682.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/37350"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1023356"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/3555"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=541614"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54831"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10996"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via unknown attack vectors.
References
secalert@redhat.comftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
secalert@redhat.comhttp://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.htmlPatch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18147
secalert@redhat.comhttp://secunia.com/advisories/18380
secalert@redhat.comhttp://secunia.com/advisories/18385Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18387Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18389Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18398Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18407Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18416Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18428
secalert@redhat.comhttp://secunia.com/advisories/18436
secalert@redhat.comhttp://secunia.com/advisories/18534Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18582Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18674
secalert@redhat.comhttp://secunia.com/advisories/18675
secalert@redhat.comhttp://secunia.com/advisories/18679
secalert@redhat.comhttp://secunia.com/advisories/18908
secalert@redhat.comhttp://secunia.com/advisories/18913
secalert@redhat.comhttp://secunia.com/advisories/19230
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-931
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-932
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-937
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-938
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-940
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-936Patch, Vendor Advisory
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-950Patch, Vendor Advisory
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-961
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-962
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:010
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:011
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:012
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0160.htmlPatch, Vendor Advisory
secalert@redhat.comhttp://www.securityfocus.com/archive/1/427053/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/427990/100/0/threaded
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10287
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
af854a3a-2127-422b-91ae-364da2661108http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18147
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18380
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18385Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18387Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18389Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18398Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18407Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18416Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18428
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18436
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18534Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18582Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18674
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18675
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18679
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18908
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18913
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19230
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-931
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-932
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-937
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-938
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-940
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-936Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-950Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-961
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-962
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:010
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:011
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:012
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0160.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/427053/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/427990/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10287
Impacted products
Vendor Product Version
xpdf xpdf *



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC1CAEC5-3851-4749-AF27-E090E3C52E35",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via unknown attack vectors."
    }
  ],
  "id": "CVE-2005-3628",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-12-31T05:00:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18147"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18380"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18385"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18387"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18389"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18398"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18407"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18416"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18428"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18436"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18534"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18582"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18674"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18675"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18679"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18908"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18913"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19230"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-931"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-932"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-937"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-938"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-940"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-936"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-950"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-961"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-962"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10287"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18147"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18380"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18385"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18387"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18389"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18398"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18407"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18416"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18428"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18436"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18534"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18582"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18674"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18675"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18679"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18908"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18913"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19230"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-931"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-932"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-937"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-938"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-940"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-936"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-950"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-961"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-962"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10287"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vendorComments": [
    {
      "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
      "lastModified": "2007-03-14T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2007-11-08 02:46
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow.
References
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/26503Vendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27260Patch, Vendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27553Vendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27573Vendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27574Vendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27575Vendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27577Vendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27578Vendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27599Vendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27615Vendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27618Vendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27619Vendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27632
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27634
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27636
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27637Vendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27640Vendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27641
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27642
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27645
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27656
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27658
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27705
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27721
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27724
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27743
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/27856
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/28043
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/28812
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/29104
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/29604
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/30168
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/secunia_research/2007-88/advisory/Vendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://security.gentoo.org/glsa/glsa-200711-22.xml
PSIRT-CNA@flexerasoftware.comhttp://security.gentoo.org/glsa/glsa-200711-34.xml
PSIRT-CNA@flexerasoftware.comhttp://security.gentoo.org/glsa/glsa-200805-13.xml
PSIRT-CNA@flexerasoftware.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882
PSIRT-CNA@flexerasoftware.comhttp://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html
PSIRT-CNA@flexerasoftware.comhttp://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html
PSIRT-CNA@flexerasoftware.comhttp://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html
PSIRT-CNA@flexerasoftware.comhttp://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html
PSIRT-CNA@flexerasoftware.comhttp://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html
PSIRT-CNA@flexerasoftware.comhttp://www.debian.org/security/2008/dsa-1480
PSIRT-CNA@flexerasoftware.comhttp://www.debian.org/security/2008/dsa-1509
PSIRT-CNA@flexerasoftware.comhttp://www.debian.org/security/2008/dsa-1537
PSIRT-CNA@flexerasoftware.comhttp://www.kde.org/info/security/advisory-20071107-1.txt
PSIRT-CNA@flexerasoftware.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:219
PSIRT-CNA@flexerasoftware.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:220
PSIRT-CNA@flexerasoftware.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:221
PSIRT-CNA@flexerasoftware.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:222
PSIRT-CNA@flexerasoftware.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:223
PSIRT-CNA@flexerasoftware.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:227
PSIRT-CNA@flexerasoftware.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:228
PSIRT-CNA@flexerasoftware.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:230
PSIRT-CNA@flexerasoftware.comhttp://www.novell.com/linux/security/advisories/2007_60_pdf.html
PSIRT-CNA@flexerasoftware.comhttp://www.redhat.com/support/errata/RHSA-2007-1021.htmlVendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://www.redhat.com/support/errata/RHSA-2007-1022.htmlVendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://www.redhat.com/support/errata/RHSA-2007-1024.htmlVendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://www.redhat.com/support/errata/RHSA-2007-1025.html
PSIRT-CNA@flexerasoftware.comhttp://www.redhat.com/support/errata/RHSA-2007-1026.htmlVendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://www.redhat.com/support/errata/RHSA-2007-1027.htmlVendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://www.redhat.com/support/errata/RHSA-2007-1029.htmlVendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://www.redhat.com/support/errata/RHSA-2007-1030.htmlVendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://www.securityfocus.com/archive/1/483372
PSIRT-CNA@flexerasoftware.comhttp://www.securityfocus.com/bid/26367
PSIRT-CNA@flexerasoftware.comhttp://www.securitytracker.com/id?1018905
PSIRT-CNA@flexerasoftware.comhttp://www.ubuntu.com/usn/usn-542-1
PSIRT-CNA@flexerasoftware.comhttp://www.ubuntu.com/usn/usn-542-2
PSIRT-CNA@flexerasoftware.comhttp://www.vupen.com/english/advisories/2007/3774
PSIRT-CNA@flexerasoftware.comhttp://www.vupen.com/english/advisories/2007/3775
PSIRT-CNA@flexerasoftware.comhttp://www.vupen.com/english/advisories/2007/3776
PSIRT-CNA@flexerasoftware.comhttp://www.vupen.com/english/advisories/2007/3779
PSIRT-CNA@flexerasoftware.comhttp://www.vupen.com/english/advisories/2007/3786
PSIRT-CNA@flexerasoftware.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/38303
PSIRT-CNA@flexerasoftware.comhttps://issues.rpath.com/browse/RPL-1926
PSIRT-CNA@flexerasoftware.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10036
PSIRT-CNA@flexerasoftware.comhttps://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html
PSIRT-CNA@flexerasoftware.comhttps://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html
PSIRT-CNA@flexerasoftware.comhttps://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html
PSIRT-CNA@flexerasoftware.comhttps://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html
PSIRT-CNA@flexerasoftware.comhttps://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html
PSIRT-CNA@flexerasoftware.comhttps://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/26503Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27260Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27553Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27573Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27574Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27575Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27577Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27578Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27599Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27615Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27618Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27619Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27632
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27634
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27636
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27637Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27640Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27641
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27642
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27645
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27656
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27658
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27705
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27721
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27724
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27743
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27856
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28043
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28812
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29104
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29604
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30168
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/secunia_research/2007-88/advisory/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200711-22.xml
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200711-34.xml
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200805-13.xml
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882
af854a3a-2127-422b-91ae-364da2661108http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html
af854a3a-2127-422b-91ae-364da2661108http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html
af854a3a-2127-422b-91ae-364da2661108http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html
af854a3a-2127-422b-91ae-364da2661108http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html
af854a3a-2127-422b-91ae-364da2661108http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1480
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1509
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1537
af854a3a-2127-422b-91ae-364da2661108http://www.kde.org/info/security/advisory-20071107-1.txt
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:219
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:220
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:221
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:222
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:223
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:227
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:228
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:230
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2007_60_pdf.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-1021.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-1022.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-1024.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-1025.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-1026.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-1027.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-1029.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-1030.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/483372
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/26367
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1018905
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-542-1
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-542-2
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/3774
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/3775
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/3776
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/3779
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/3786
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/38303
af854a3a-2127-422b-91ae-364da2661108https://issues.rpath.com/browse/RPL-1926
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10036
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html
Impacted products
Vendor Product Version
xpdf xpdf 3.0.1_pl1



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0.1_pl1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0A09900-C462-4E3D-9399-0271F91DC5BD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento de enteros en el m\u00e9todo DCTStream::reset en el archivo xpdf/Stream.cc en Xpdf versi\u00f3n 3.02p11, permite a atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo PDF dise\u00f1ado, resultando en un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria."
    }
  ],
  "id": "CVE-2007-5392",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2007-11-08T02:46:00.000",
  "references": [
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26503"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27260"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27553"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27573"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27574"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27575"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27577"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27578"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27599"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27615"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27618"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27619"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27632"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27634"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27636"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27637"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27640"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27641"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27642"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27645"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27656"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27658"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27705"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27721"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27724"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27743"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/27856"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/28043"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/28812"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/29104"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/29604"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/30168"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2007-88/advisory/"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://security.gentoo.org/glsa/glsa-200711-22.xml"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.761882"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.debian.org/security/2008/dsa-1480"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.debian.org/security/2008/dsa-1509"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.debian.org/security/2008/dsa-1537"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.kde.org/info/security/advisory-20071107-1.txt"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:219"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:220"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:221"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:222"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:223"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:227"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:228"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.novell.com/linux/security/advisories/2007_60_pdf.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1021.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1024.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1025.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1026.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1029.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/archive/1/483372"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/bid/26367"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securitytracker.com/id?1018905"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.ubuntu.com/usn/usn-542-1"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.ubuntu.com/usn/usn-542-2"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2007/3774"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2007/3775"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2007/3776"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2007/3779"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2007/3786"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38303"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://issues.rpath.com/browse/RPL-1926"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10036"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26503"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27260"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27553"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27573"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27574"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27575"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27577"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27578"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27599"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27615"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27618"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27619"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27632"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27634"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27636"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27637"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27640"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27641"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27642"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27645"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27656"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27658"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27705"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27721"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27724"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27743"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27856"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/28043"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/28812"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29104"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29604"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30168"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2007-88/advisory/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200711-22.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.761882"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1480"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1509"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1537"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.kde.org/info/security/advisory-20071107-1.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:219"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:220"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:221"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:222"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:223"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:227"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:228"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2007_60_pdf.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1021.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1024.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1025.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1026.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1029.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/483372"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/26367"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1018905"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-542-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-542-2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3774"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3775"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3776"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3779"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3786"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38303"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-1926"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10036"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html"
    }
  ],
  "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-01-10 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded.
References
cve@mitre.orgftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch
cve@mitre.orgftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt
cve@mitre.orghttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000921
cve@mitre.orghttp://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030241.html
cve@mitre.orghttp://marc.info/?t=110378596500001&r=1&w=2
cve@mitre.orghttp://secunia.com/advisories/17277
cve@mitre.orghttp://securitytracker.com/id?1012646
cve@mitre.orghttp://www.gentoo.org/security/en/glsa/glsa-200412-25.xml
cve@mitre.orghttp://www.gentoo.org/security/en/glsa/glsa-200501-13.xml
cve@mitre.orghttp://www.gentoo.org/security/en/glsa/glsa-200501-17.xml
cve@mitre.orghttp://www.idefense.com/application/poi/display?id=172&type=vulnerabilities
cve@mitre.orghttp://www.kde.org/info/security/advisory-20041223-1.txt
cve@mitre.orghttp://www.novell.com/linux/security/advisories/2005_01_sr.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-013.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-018.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-026.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-034.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-053.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-057.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-066.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-354.html
cve@mitre.orghttp://www.securityfocus.com/bid/12070Patch, Vendor Advisory
cve@mitre.orghttps://bugzilla.fedora.us/show_bug.cgi?id=2352
cve@mitre.orghttps://bugzilla.fedora.us/show_bug.cgi?id=2353
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/18641
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10830
cve@mitre.orghttps://usn.ubuntu.com/50-1/
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt
af854a3a-2127-422b-91ae-364da2661108http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000921
af854a3a-2127-422b-91ae-364da2661108http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030241.html
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?t=110378596500001&r=1&w=2
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17277
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1012646
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200501-13.xml
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200501-17.xml
af854a3a-2127-422b-91ae-364da2661108http://www.idefense.com/application/poi/display?id=172&type=vulnerabilities
af854a3a-2127-422b-91ae-364da2661108http://www.kde.org/info/security/advisory-20041223-1.txt
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2005_01_sr.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-013.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-018.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-026.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-034.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-053.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-057.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-066.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-354.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/12070Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.fedora.us/show_bug.cgi?id=2352
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.fedora.us/show_bug.cgi?id=2353
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/18641
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10830
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/50-1/
Impacted products
Vendor Product Version
easy_software_products cups 1.1.20
xpdf xpdf 3.0
kde kde 3.2.3
kde kde 3.3.2



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB7653F1-70E2-423F-A6A9-30333644B506",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F7180B3-03AC-427C-8CAD-FE06F81C4FF1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded."
    }
  ],
  "id": "CVE-2004-1125",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2005-01-10T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000921"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030241.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?t=110378596500001\u0026r=1\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/17277"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1012646"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-13.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-17.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.idefense.com/application/poi/display?id=172\u0026type=vulnerabilities"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.kde.org/info/security/advisory-20041223-1.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-013.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-018.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-026.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-066.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/12070"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2352"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18641"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10830"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://usn.ubuntu.com/50-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000921"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030241.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?t=110378596500001\u0026r=1\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17277"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1012646"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-13.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-17.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.idefense.com/application/poi/display?id=172\u0026type=vulnerabilities"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.kde.org/info/security/advisory-20041223-1.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-013.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-018.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-026.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-066.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/12070"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2352"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18641"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10830"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/50-1/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2003-07-24 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.
References
cve@mitre.orghttp://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html
cve@mitre.orghttp://marc.info/?l=bugtraq&m=105777963019186&w=2
cve@mitre.orghttp://secunia.com/advisories/9037
cve@mitre.orghttp://secunia.com/advisories/9038
cve@mitre.orghttp://www.kb.cert.org/vuls/id/200132US Government Resource
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2003:071
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2003-196.htmlPatch, Vendor Advisory
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2003-197.htmlPatch, Vendor Advisory
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A664
af854a3a-2127-422b-91ae-364da2661108http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=105777963019186&w=2
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/9037
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/9038
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/200132US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2003:071
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2003-196.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2003-197.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A664



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B453FA1D-0FE9-4324-9644-E167561926C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B9DEF16-ECD5-4BBE-8986-52A6171B3D9F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33F6F859-B7B8-4072-B073-6CC8291D642E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4AD30B9-8FBA-48B3-B2B2-014C950B9BAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E66F7BF0-EF7C-4695-9D67-7C1A01C6F9B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*",
              "matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink."
    },
    {
      "lang": "es",
      "value": "Varios visores de PDF, incluidos Adobe Acrobat 5.06 y Xpdf 1.01 permiten a atacantes remotos la ejecuci\u00f3n arbitraria de comandos mediante metacaracteres de shell en un hiperv\u00ednculo embebido."
    }
  ],
  "id": "CVE-2003-0434",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2003-07-24T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=105777963019186\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/9037"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/9038"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/200132"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:071"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2003-196.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2003-197.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A664"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=105777963019186\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/9037"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/9038"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/200132"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:071"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2003-196.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2003-197.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A664"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-01-27 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889.
References
cve@mitre.orghttp://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000886
cve@mitre.orghttp://marc.info/?l=bugtraq&m=109880927526773&w=2
cve@mitre.orghttp://marc.info/?l=bugtraq&m=110815379627883&w=2
cve@mitre.orghttp://www.debian.org/security/2004/dsa-573
cve@mitre.orghttp://www.debian.org/security/2004/dsa-581
cve@mitre.orghttp://www.debian.org/security/2004/dsa-599
cve@mitre.orghttp://www.gentoo.org/security/en/glsa/glsa-200410-20.xml
cve@mitre.orghttp://www.gentoo.org/security/en/glsa/glsa-200410-30.xml
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2004:113
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2004:114
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2004:115
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2004:116
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2004-543.htmlPatch, Vendor Advisory
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2004-592.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-066.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-354.html
cve@mitre.orghttp://www.securityfocus.com/bid/11501Patch, Vendor Advisory
cve@mitre.orghttps://bugzilla.fedora.us/show_bug.cgi?id=2353
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/17818
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9714
cve@mitre.orghttps://www.ubuntu.com/usn/usn-9-1/
af854a3a-2127-422b-91ae-364da2661108http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000886
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=109880927526773&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=110815379627883&w=2
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2004/dsa-573
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2004/dsa-581
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2004/dsa-599
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2004:113
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2004:114
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2004:115
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2004:116
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2004-543.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2004-592.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-066.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-354.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/11501Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.fedora.us/show_bug.cgi?id=2353
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/17818
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9714
af854a3a-2127-422b-91ae-364da2661108https://www.ubuntu.com/usn/usn-9-1/
Impacted products
Vendor Product Version
easy_software_products cups 1.0.4
easy_software_products cups 1.0.4_8
easy_software_products cups 1.1.1
easy_software_products cups 1.1.4
easy_software_products cups 1.1.4_2
easy_software_products cups 1.1.4_3
easy_software_products cups 1.1.4_5
easy_software_products cups 1.1.6
easy_software_products cups 1.1.7
easy_software_products cups 1.1.10
easy_software_products cups 1.1.12
easy_software_products cups 1.1.13
easy_software_products cups 1.1.14
easy_software_products cups 1.1.15
easy_software_products cups 1.1.16
easy_software_products cups 1.1.17
easy_software_products cups 1.1.18
easy_software_products cups 1.1.19
easy_software_products cups 1.1.19_rc5
easy_software_products cups 1.1.20
gnome gpdf 0.112
gnome gpdf 0.131
kde koffice 1.3
kde koffice 1.3.1
kde koffice 1.3.2
kde koffice 1.3.3
kde koffice 1.3_beta1
kde koffice 1.3_beta2
kde koffice 1.3_beta3
kde kpdf 3.2
pdftohtml pdftohtml 0.32a
pdftohtml pdftohtml 0.32b
pdftohtml pdftohtml 0.33
pdftohtml pdftohtml 0.33a
pdftohtml pdftohtml 0.34
pdftohtml pdftohtml 0.35
pdftohtml pdftohtml 0.36
tetex tetex 1.0.7
tetex tetex 2.0
tetex tetex 2.0.1
tetex tetex 2.0.2
xpdf xpdf 0.90
xpdf xpdf 0.91
xpdf xpdf 0.92
xpdf xpdf 0.93
xpdf xpdf 1.0
xpdf xpdf 1.0a
xpdf xpdf 1.1
xpdf xpdf 2.0
xpdf xpdf 2.1
xpdf xpdf 2.3
xpdf xpdf 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
gentoo linux *
kde kde 3.2
kde kde 3.2.1
kde kde 3.2.2
kde kde 3.2.3
kde kde 3.3
kde kde 3.3.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 3.0
redhat enterprise_linux 3.0
redhat enterprise_linux 3.0
redhat enterprise_linux_desktop 3.0
redhat fedora_core core_2.0
redhat linux_advanced_workstation 2.1
redhat linux_advanced_workstation 2.1
suse suse_linux 8.0
suse suse_linux 8.1
suse suse_linux 8.2
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.1
suse suse_linux 9.2
ubuntu ubuntu_linux 4.1
ubuntu ubuntu_linux 4.1



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "68BD578F-CCAD-4515-9205-EB4F297C6DB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4_8:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3182CA2-7375-43BC-A0E5-DE11D4B65EE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCF4C8D0-3030-4DD5-800B-76A582A4CD0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "734D0C2C-F71F-461A-87EE-202C6B706753",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F0F402D-5CD0-4477-8B59-C753CECB02BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_3:*:*:*:*:*:*:*",
              "matchCriteriaId": "959F7AFA-ED20-434C-993F-06C2A8574662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4F5A0A4-2884-46CA-A846-8B954EB80CFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1741CC9D-C4A8-48F9-86CF-EC20AE2A6BE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "35E65857-12C7-49DE-AD27-3CACD456231C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "47CEF035-57A6-470B-916A-E5562C28E866",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E26BB15-4CF8-4496-A7F7-EB34C444EF72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "D414984E-4F6B-4278-8346-968587E4B18E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "33C36DCB-2FDD-44E6-85E8-875575AAE69E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C4B7C23-0C54-4FBA-A774-9CC1E148376E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FA0EF14-33E6-4D44-B86E-F04014EA3C8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5428EE6-F90A-4BB6-9D8C-8B99E80AB6DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "A786A770-919E-4E23-949D-D836F316618A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "00A2249C-73DE-434E-A41F-4EDB0ADC0845",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19_rc5:*:*:*:*:*:*:*",
              "matchCriteriaId": "73AB4D3D-FF35-4A50-A144-3AD41F6F2E55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB7653F1-70E2-423F-A6A9-30333644B506",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnome:gpdf:0.112:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E70576E-C253-4F8B-A93E-14CC2EE7114D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnome:gpdf:0.131:*:*:*:*:*:*:*",
              "matchCriteriaId": "832C5512-B473-40E8-BF4F-EC6ABFE46749",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "053435DD-BFDF-4C39-9919-11C42D569085",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9BB1A3C-3348-4545-A513-E504B33F72AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD45E2C8-0B0E-484F-8050-94BF77798183",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EAA654E-9DD4-4614-92D7-EF4D676B3A18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3_beta1:*:*:*:*:*:*:*",
              "matchCriteriaId": "89C96FC9-40DB-467D-A701-49F97A1B887D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3_beta2:*:*:*:*:*:*:*",
              "matchCriteriaId": "76128BDC-2CA7-4AE7-8C4F-BCB3835CA938",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3_beta3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B2517C7-27EF-4961-91C3-CA33219AFF2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.32a:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE346726-71D6-438B-B600-A7E107332816",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.32b:*:*:*:*:*:*:*",
              "matchCriteriaId": "87E85020-B4DB-4011-BDD0-1C8967D45A84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8189A9AB-F685-40E2-944F-8BD3DD6FA0A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.33a:*:*:*:*:*:*:*",
              "matchCriteriaId": "C33B8585-FA5F-4210-A997-615BCEE1726F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4AE4C34-C497-426F-AC0D-1805A50582EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2989EFF-07B9-4EF2-B6C1-59E4F52FDC92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3970101-5E83-49FD-BCB6-D9176D46B5A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CC6233-E207-40CC-81FF-A8670EEA4295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "64DD9B5C-3DB8-4E15-B4A6-541E4E221C1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.92:*:*:*:*:*:*:*",
              "matchCriteriaId": "0304E1E3-8766-40D0-8879-A652B4E9E72D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.93:*:*:*:*:*:*:*",
              "matchCriteriaId": "188F1343-8082-4B54-8DA4-E344818ABD52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B95DA7DE-B786-4EE7-A3F4-C077A7986D5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:1.0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5306C05-4A71-4175-8C22-F2DE0F2FE4C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B9DEF16-ECD5-4BBE-8986-52A6171B3D9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFDBEEC-B2C1-47F0-82D3-FC9147B590A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "354487CF-0086-4AE2-872B-0032E3EB89EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1169B802-7279-437F-AF59-621A67DC92EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
              "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
              "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "82F69843-978D-4686-BC5B-1D09DA4A21BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "81E19472-47B4-4398-A188-CA5A5D3E7060",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
              "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
              "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
              "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889."
    }
  ],
  "id": "CVE-2004-0888",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-01-27T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000886"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=110815379627883\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2004/dsa-573"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2004/dsa-581"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2004/dsa-599"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:114"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:115"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:116"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2004-543.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2004-592.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-066.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/11501"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9714"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.ubuntu.com/usn/usn-9-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000886"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=110815379627883\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2004/dsa-573"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2004/dsa-581"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2004/dsa-599"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:114"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:115"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:116"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2004-543.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2004-592.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-066.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/11501"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9714"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.ubuntu.com/usn/usn-9-1/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2006-03-15 19:06
Modified
2025-04-03 01:03
Severity ?
Summary
Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed. Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature.
References
cve@mitre.orghttp://secunia.com/advisories/18948Patch, Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/19021Patch, Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/19065Patch, Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/19091Patch, Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/19164Patch, Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/19364Patch, Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/19644Patch, Vendor Advisory
cve@mitre.orghttp://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3.diff.gzPatch
cve@mitre.orghttp://www.debian.org/security/2006/dsa-1019Patch, Vendor Advisory
cve@mitre.orghttp://www.debian.org/security/2006/dsa-979Patch, Vendor Advisory
cve@mitre.orghttp://www.debian.org/security/2006/dsa-982Patch, Vendor Advisory
cve@mitre.orghttp://www.debian.org/security/2006/dsa-983Patch, Vendor Advisory
cve@mitre.orghttp://www.debian.org/security/2006/dsa-984Patch, Vendor Advisory
cve@mitre.orghttp://www.debian.org/security/2006/dsa-998Patch, Vendor Advisory
cve@mitre.orghttp://www.osvdb.org/23834
cve@mitre.orghttp://www.securityfocus.com/bid/16748
cve@mitre.orghttps://usn.ubuntu.com/270-1/
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18948Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19021Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19065Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19091Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19164Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19364Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19644Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3.diff.gzPatch
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1019Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-979Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-982Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-983Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-984Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-998Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/23834
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/16748
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/270-1/



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:gnome:gpdf:2.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "06B06279-EFB2-4EC1-95F2-166DC5B1BB71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libextractor:libextractor:0.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "D93638AD-2023-4216-89A3-DF417EA940AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libextractor:libextractor:0.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D411F34-B792-4B41-9FBE-0F0222D4F099",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libextractor:libextractor:0.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "54B9A148-A52E-4B77-A854-7BF3C03AD490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libextractor:libextractor:0.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAEA984E-A346-42B8-ACA3-CE03D546EB3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libextractor:libextractor:0.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "146D08C1-C651-4B6E-9997-474A81948764",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libextractor:libextractor:0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FAB7C4B-8017-42C4-AD3C-2A9846105D2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libextractor:libextractor:0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B025EF7-1B61-40F0-9E03-C219C54E8E72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libextractor:libextractor:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BF9CF5E-A531-4D75-B47E-6C81A7679BBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libextractor:libextractor:0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F68AC7F5-371B-4F02-85E4-829C2B012FE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CC6233-E207-40CC-81FF-A8670EEA4295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "64DD9B5C-3DB8-4E15-B4A6-541E4E221C1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.92:*:*:*:*:*:*:*",
              "matchCriteriaId": "0304E1E3-8766-40D0-8879-A652B4E9E72D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.93:*:*:*:*:*:*:*",
              "matchCriteriaId": "188F1343-8082-4B54-8DA4-E344818ABD52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B95DA7DE-B786-4EE7-A3F4-C077A7986D5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:1.0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5306C05-4A71-4175-8C22-F2DE0F2FE4C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B9DEF16-ECD5-4BBE-8986-52A6171B3D9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFDBEEC-B2C1-47F0-82D3-FC9147B590A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "354487CF-0086-4AE2-872B-0032E3EB89EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "96767060-505A-42D2-A68A-6AD810DE800A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1169B802-7279-437F-AF59-621A67DC92EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B77866E-6818-4DE6-9457-39416871952C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0.1_pl1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0A09900-C462-4E3D-9399-0271F91DC5BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0_pl2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6D23CF8-2B6C-4D2A-8E5E-6AACE99A7C19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0_pl3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9107B531-7254-4908-97F0-3BF1EA0495AC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "5BF84240-1881-4EFB-BB2F-F9CE8AD09C7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "AF8AE8C4-810F-41AB-A251-5A2D4DD6884D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*",
              "matchCriteriaId": "5EACF214-FA27-44FF-A431-927AB79377A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "E2B58895-0E2A-4466-9CB2-0083349A83B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "03F8220A-9B1C-40AA-AEAB-F9A93225FBD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "2311919C-7864-469D-B0F6-9B11D8D0A1C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "19876495-4C1A-487C-955A-C5AA46362A1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*",
              "matchCriteriaId": "D75286DD-50BC-4B72-8AC8-E20730124DC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "1998C972-497E-4916-B50E-FB32303EEA8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "A6CD3DD9-3A8A-4716-A2D1-136A790AFF94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "6CE2020A-4FB2-4FCD-8561-7BD147CD95EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "08E90AFA-C262-46D0-B60E-26B67C9602D5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc.  NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed.  Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature."
    }
  ],
  "id": "CVE-2006-1244",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.6,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2006-03-15T19:06:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18948"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19021"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19065"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19091"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19164"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19364"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19644"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3.diff.gz"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-1019"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-979"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-982"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-983"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-984"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-998"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/23834"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/16748"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://usn.ubuntu.com/270-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18948"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19021"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19065"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19091"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19164"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19364"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19644"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3.diff.gz"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-1019"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-979"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-982"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-983"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-984"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-998"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/23834"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/16748"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/270-1/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-08-16 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temporary file to be created when xpdf attempts to reconstruct the information.
References
secalert@redhat.comftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt
secalert@redhat.comhttp://secunia.com/advisories/17277Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18398Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18407Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/21339
secalert@redhat.comhttp://secunia.com/advisories/25729
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-780
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1136
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-936Vendor Advisory
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:138
secalert@redhat.comhttp://www.novell.com/linux/security/advisories/2005_19_sr.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2005-670.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2005-671.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2005-706.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2005-708.html
secalert@redhat.comhttp://www.securityfocus.com/archive/1/427053/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/427990/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/14529
secalert@redhat.comhttp://www.vupen.com/english/advisories/2007/2280
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10280
secalert@redhat.comhttps://usn.ubuntu.com/163-1/
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17277Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18398Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18407Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21339
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/25729
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-780
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1136
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-936Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2005:138
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2005_19_sr.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-670.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-671.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-706.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-708.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/427053/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/427990/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/14529
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/2280
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10280
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/163-1/
Impacted products
Vendor Product Version
kde kpdf *
xpdf xpdf 3.0
xpdf xpdf 3.0_pl2
xpdf xpdf 3.0_pl3



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:kde:kpdf:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "41EF2714-DEC9-407F-9D1B-EF2A4D8B4DC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0_pl2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6D23CF8-2B6C-4D2A-8E5E-6AACE99A7C19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0_pl3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9107B531-7254-4908-97F0-3BF1EA0495AC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "xpdf and kpdf do not properly validate the \"loca\" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a \"broken\" loca table, which causes a large temporary file to be created when xpdf attempts to reconstruct the information."
    }
  ],
  "id": "CVE-2005-2097",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 2.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-08-16T04:00:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17277"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18398"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18407"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/21339"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25729"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-780"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-1136"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-936"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:138"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-670.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-671.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-706.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-708.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/14529"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/2280"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10280"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/163-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17277"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18398"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18407"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21339"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25729"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-780"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1136"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-936"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:138"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-670.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-671.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-706.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-708.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/14529"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2280"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10280"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/163-1/"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2003-01-02 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf.
References
cve@mitre.orghttp://marc.info/?l=bugtraq&m=104152282309980&w=2
cve@mitre.orghttp://www.debian.org/security/2003/dsa-222
cve@mitre.orghttp://www.debian.org/security/2003/dsa-226
cve@mitre.orghttp://www.debian.org/security/2003/dsa-232
cve@mitre.orghttp://www.idefense.com/advisory/12.23.02.txtExploit, Patch, Vendor Advisory
cve@mitre.orghttp://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001
cve@mitre.orghttp://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:002
cve@mitre.orghttp://www.novell.com/linux/security/advisories/2003_002_cups.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2002-295.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2002-307.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2003-037.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2003-216.html
cve@mitre.orghttp://www.securityfocus.com/bid/6475
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/10937
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=104152282309980&w=2
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2003/dsa-222
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2003/dsa-226
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2003/dsa-232
af854a3a-2127-422b-91ae-364da2661108http://www.idefense.com/advisory/12.23.02.txtExploit, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001
af854a3a-2127-422b-91ae-364da2661108http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:002
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2003_002_cups.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2002-295.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2002-307.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2003-037.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2003-216.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/6475
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/10937



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "68BD578F-CCAD-4515-9205-EB4F297C6DB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4_8:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3182CA2-7375-43BC-A0E5-DE11D4B65EE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCF4C8D0-3030-4DD5-800B-76A582A4CD0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "734D0C2C-F71F-461A-87EE-202C6B706753",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F0F402D-5CD0-4477-8B59-C753CECB02BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_3:*:*:*:*:*:*:*",
              "matchCriteriaId": "959F7AFA-ED20-434C-993F-06C2A8574662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4F5A0A4-2884-46CA-A846-8B954EB80CFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1741CC9D-C4A8-48F9-86CF-EC20AE2A6BE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "35E65857-12C7-49DE-AD27-3CACD456231C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "47CEF035-57A6-470B-916A-E5562C28E866",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "D414984E-4F6B-4278-8346-968587E4B18E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "33C36DCB-2FDD-44E6-85E8-875575AAE69E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5428EE6-F90A-4BB6-9D8C-8B99E80AB6DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CC6233-E207-40CC-81FF-A8670EEA4295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "64DD9B5C-3DB8-4E15-B4A6-541E4E221C1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B95DA7DE-B786-4EE7-A3F4-C077A7986D5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:1.0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5306C05-4A71-4175-8C22-F2DE0F2FE4C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B9DEF16-ECD5-4BBE-8986-52A6171B3D9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFDBEEC-B2C1-47F0-82D3-FC9147B590A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "354487CF-0086-4AE2-872B-0032E3EB89EE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de enteros en pdftops, usado en Xpdf 2.01 y anteriores, y CUPS antes de 1.1.18, permite a usuarios locales ejecutar c\u00f3digo arbitrario mediante una entrada ColorSpace con un n\u00famero de elementos largo, como ha sido demostrado por cups-pdf."
    }
  ],
  "id": "CVE-2002-1384",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2003-01-02T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=104152282309980\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2003/dsa-222"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2003/dsa-226"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2003/dsa-232"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.idefense.com/advisory/12.23.02.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:002"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/security/advisories/2003_002_cups.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2002-295.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2002-307.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2003-037.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2003-216.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/6475"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10937"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=104152282309980\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2003/dsa-222"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2003/dsa-226"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2003/dsa-232"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.idefense.com/advisory/12.23.02.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:002"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2003_002_cups.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2002-295.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2002-307.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2003-037.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2003-216.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/6475"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10937"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-12-08 01:03
Modified
2025-04-03 01:03
Severity ?
Summary
Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitrary code via a PDF file with an out-of-range numComps (number of components) field.
References
cve@mitre.orgftp://ftp.foolabs.com/pub/xpdf/xpdf-3.01pl1.patchPatch
cve@mitre.orgftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt
cve@mitre.orgftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt
cve@mitre.orgftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt
cve@mitre.orgftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
cve@mitre.orgftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
cve@mitre.orgftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
cve@mitre.orghttp://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289
cve@mitre.orghttp://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html
cve@mitre.orghttp://rhn.redhat.com/errata/RHSA-2005-868.htmlVendor Advisory
cve@mitre.orghttp://scary.beasts.org/security/CESA-2005-003.txt
cve@mitre.orghttp://secunia.com/advisories/17897/Patch, Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/17908Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/17912Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/17916Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/17920Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/17921Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/17926Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/17929Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/17940Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/17955
cve@mitre.orghttp://secunia.com/advisories/17976Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18009Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18055Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18061Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18189Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18191Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18192Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18303
cve@mitre.orghttp://secunia.com/advisories/18313Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18336Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18349Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18380
cve@mitre.orghttp://secunia.com/advisories/18385
cve@mitre.orghttp://secunia.com/advisories/18387Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18389Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18398
cve@mitre.orghttp://secunia.com/advisories/18407
cve@mitre.orghttp://secunia.com/advisories/18416Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18428
cve@mitre.orghttp://secunia.com/advisories/18436
cve@mitre.orghttp://secunia.com/advisories/18448Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/18503
cve@mitre.orghttp://secunia.com/advisories/18517
cve@mitre.orghttp://secunia.com/advisories/18534
cve@mitre.orghttp://secunia.com/advisories/18549
cve@mitre.orghttp://secunia.com/advisories/18554
cve@mitre.orghttp://secunia.com/advisories/18582
cve@mitre.orghttp://secunia.com/advisories/18674
cve@mitre.orghttp://secunia.com/advisories/18675
cve@mitre.orghttp://secunia.com/advisories/18679
cve@mitre.orghttp://secunia.com/advisories/18908
cve@mitre.orghttp://secunia.com/advisories/18913
cve@mitre.orghttp://secunia.com/advisories/19230
cve@mitre.orghttp://secunia.com/advisories/19377
cve@mitre.orghttp://secunia.com/advisories/19797
cve@mitre.orghttp://secunia.com/advisories/19798
cve@mitre.orghttp://secunia.com/advisories/25729
cve@mitre.orghttp://secunia.com/advisories/26413
cve@mitre.orghttp://securityreason.com/securityalert/235
cve@mitre.orghttp://securityreason.com/securityalert/240
cve@mitre.orghttp://securitytracker.com/id?1015309
cve@mitre.orghttp://securitytracker.com/id?1015324
cve@mitre.orghttp://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
cve@mitre.orghttp://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
cve@mitre.orghttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
cve@mitre.orghttp://www.debian.org/security/2005/dsa-931
cve@mitre.orghttp://www.debian.org/security/2005/dsa-932
cve@mitre.orghttp://www.debian.org/security/2006/dsa-936
cve@mitre.orghttp://www.debian.org/security/2006/dsa-937
cve@mitre.orghttp://www.debian.org/security/2006/dsa-950
cve@mitre.orghttp://www.debian.org/security/2006/dsa-961
cve@mitre.orghttp://www.debian.org/security/2006/dsa-962
cve@mitre.orghttp://www.gentoo.org/security/en/glsa/glsa-200512-08.xml
cve@mitre.orghttp://www.gentoo.org/security/en/glsa/glsa-200601-02.xml
cve@mitre.orghttp://www.idefense.com/application/poi/display?id=344&type=vulnerabilitiesPatch, Vendor Advisory
cve@mitre.orghttp://www.kde.org/info/security/advisory-20051207-1.txt
cve@mitre.orghttp://www.kde.org/info/security/advisory-20051207-2.txt
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:003
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:004
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:005
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:006
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:008
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:010
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:011
cve@mitre.orghttp://www.novell.com/linux/security/advisories/2005_29_sr.html
cve@mitre.orghttp://www.novell.com/linux/security/advisories/2006_02_sr.html
cve@mitre.orghttp://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html
cve@mitre.orghttp://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html
cve@mitre.orghttp://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html
cve@mitre.orghttp://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-840.htmlPatch, Vendor Advisory
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-867.htmlVendor Advisory
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-878.htmlVendor Advisory
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2006-0160.html
cve@mitre.orghttp://www.securityfocus.com/archive/1/418883/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/427053/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/427990/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/15725Patch
cve@mitre.orghttp://www.trustix.org/errata/2005/0072/
cve@mitre.orghttp://www.ubuntulinux.org/usn/usn-227-1
cve@mitre.orghttp://www.vupen.com/english/advisories/2005/2755
cve@mitre.orghttp://www.vupen.com/english/advisories/2005/2786
cve@mitre.orghttp://www.vupen.com/english/advisories/2005/2787
cve@mitre.orghttp://www.vupen.com/english/advisories/2005/2788
cve@mitre.orghttp://www.vupen.com/english/advisories/2005/2789
cve@mitre.orghttp://www.vupen.com/english/advisories/2005/2790
cve@mitre.orghttp://www.vupen.com/english/advisories/2005/2856
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/2280
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/23442
cve@mitre.orghttps://issues.rpath.com/browse/RPL-1609
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10914
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.01pl1.patchPatch
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
af854a3a-2127-422b-91ae-364da2661108http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289
af854a3a-2127-422b-91ae-364da2661108http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2005-868.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://scary.beasts.org/security/CESA-2005-003.txt
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17897/Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17908Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17912Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17916Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17920Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17921Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17926Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17929Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17940Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17955
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17976Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18009Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18055Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18061Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18189Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18191Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18192Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18303
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18313Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18336Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18349Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18380
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18385
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18387Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18389Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18398
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18407
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18416Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18428
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18436
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18448Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18503
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18517
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18534
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18549
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18554
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18582
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18674
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18675
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18679
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18908
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18913
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19230
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19377
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19797
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19798
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/25729
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/26413
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/235
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/240
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1015309
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1015324
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-931
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-932
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-936
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-937
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-950
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-961
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-962
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml
af854a3a-2127-422b-91ae-364da2661108http://www.idefense.com/application/poi/display?id=344&type=vulnerabilitiesPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.kde.org/info/security/advisory-20051207-1.txt
af854a3a-2127-422b-91ae-364da2661108http://www.kde.org/info/security/advisory-20051207-2.txt
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:003
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:004
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:005
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:006
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:008
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:010
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:011
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2005_29_sr.html
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2006_02_sr.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-840.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-867.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-878.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0160.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/418883/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/427053/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/427990/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/15725Patch
af854a3a-2127-422b-91ae-364da2661108http://www.trustix.org/errata/2005/0072/
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntulinux.org/usn/usn-227-1
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2005/2755
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2005/2786
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2005/2787
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2005/2788
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2005/2789
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2005/2790
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2005/2856
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/2280
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/23442
af854a3a-2127-422b-91ae-364da2661108https://issues.rpath.com/browse/RPL-1609
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10914
Impacted products
Vendor Product Version
xpdf xpdf 3.0.1



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B77866E-6818-4DE6-9457-39416871952C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitrary code via a PDF file with an out-of-range numComps (number of components) field."
    }
  ],
  "id": "CVE-2005-3192",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-12-08T01:03:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.01pl1.patch"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2005-868.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17897/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17908"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17912"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17916"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17920"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17921"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17926"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17929"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17940"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/17955"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17976"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18009"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18055"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18061"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18189"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18191"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18192"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18303"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18313"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18336"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18349"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18380"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18385"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18387"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18389"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18398"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18407"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18416"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18428"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18436"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18448"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18503"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18517"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18534"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18549"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18554"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18582"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18674"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18675"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18679"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18908"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18913"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/19230"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/19377"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/19797"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/19798"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/25729"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/26413"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/235"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/240"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1015309"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1015324"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2005/dsa-931"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2005/dsa-932"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2006/dsa-936"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2006/dsa-937"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2006/dsa-950"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2006/dsa-961"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2006/dsa-962"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.idefense.com/application/poi/display?id=344\u0026type=vulnerabilities"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.kde.org/info/security/advisory-20051207-1.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/security/advisories/2005_29_sr.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/security/advisories/2006_02_sr.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-840.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-867.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-878.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/418883/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/15725"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.trustix.org/errata/2005/0072/"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntulinux.org/usn/usn-227-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2005/2755"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2005/2786"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2005/2787"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2005/2788"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2005/2789"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2005/2790"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2005/2856"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/2280"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23442"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://issues.rpath.com/browse/RPL-1609"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10914"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.01pl1.patch"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2005-868.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17897/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17908"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17912"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17916"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17920"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17921"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17926"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17929"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17940"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17955"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17976"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18009"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18055"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18061"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18189"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18191"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18192"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18303"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18313"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18336"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18349"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18380"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18385"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18387"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18389"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18398"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18407"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18416"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18428"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18436"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18448"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18503"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18517"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18534"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18549"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18554"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18582"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18674"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18675"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18679"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18908"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18913"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19230"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19377"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19797"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19798"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25729"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26413"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/235"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/240"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1015309"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1015324"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-931"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-932"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-936"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-937"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-950"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-961"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-962"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.idefense.com/application/poi/display?id=344\u0026type=vulnerabilities"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.kde.org/info/security/advisory-20051207-1.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2005_29_sr.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2006_02_sr.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-840.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-867.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-878.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/418883/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/15725"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.trustix.org/errata/2005/0072/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntulinux.org/usn/usn-227-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/2755"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/2786"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/2787"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/2788"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/2789"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/2790"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/2856"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2280"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23442"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-1609"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10914"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
      "lastModified": "2007-03-14T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2000-10-20 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
xpdf PDF viewer client earlier than 0.91 does not properly launch a web browser for embedded URL's, which allows an attacker to execute arbitrary commands via a URL that contains shell metacharacters.
Impacted products
Vendor Product Version
xpdf xpdf 0.90



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CC6233-E207-40CC-81FF-A8670EEA4295",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "xpdf PDF viewer client earlier than 0.91 does not properly launch a web browser for embedded URL\u0027s, which allows an attacker to execute arbitrary commands via a URL that contains shell metacharacters."
    }
  ],
  "id": "CVE-2000-0727",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.6,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2000-10-20T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=96766355023239\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=96886599829687\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-031.0.txt"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2000/20000910a"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2000-060.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/1624"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=96766355023239\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=96886599829687\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-031.0.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2000/20000910a"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2000-060.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/1624"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."
References
secalert@redhat.comftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt
secalert@redhat.comftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
secalert@redhat.comftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
secalert@redhat.comftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
secalert@redhat.comhttp://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.htmlPatch
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2006-0177.htmlPatch, Vendor Advisory
secalert@redhat.comhttp://scary.beasts.org/security/CESA-2005-003.txtExploit
secalert@redhat.comhttp://secunia.com/advisories/18147
secalert@redhat.comhttp://secunia.com/advisories/18303Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18312Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18313Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18329Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18332Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18334Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18335Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18338Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18349Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18373
secalert@redhat.comhttp://secunia.com/advisories/18375Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18380
secalert@redhat.comhttp://secunia.com/advisories/18385Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18387Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18389Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18398Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18407Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18414
secalert@redhat.comhttp://secunia.com/advisories/18416Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18423Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18425
secalert@redhat.comhttp://secunia.com/advisories/18428
secalert@redhat.comhttp://secunia.com/advisories/18436
secalert@redhat.comhttp://secunia.com/advisories/18448Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18463
secalert@redhat.comhttp://secunia.com/advisories/18517Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18534Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18554Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18582Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18642Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18644Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18674Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18675Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18679Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18908Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18913
secalert@redhat.comhttp://secunia.com/advisories/19230
secalert@redhat.comhttp://secunia.com/advisories/19377
secalert@redhat.comhttp://secunia.com/advisories/25729
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-931
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-932
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-937
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-938
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-940
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-936Patch, Vendor Advisory
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-950Patch, Vendor Advisory
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-961Patch, Vendor Advisory
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-962
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200601-02.xmlPatch, Vendor Advisory
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200601-17.xml
secalert@redhat.comhttp://www.kde.org/info/security/advisory-20051207-2.txtPatch, Vendor Advisory
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:003
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:004
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:005
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:006
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:008
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:010
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:011
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:012
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.htmlPatch
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.htmlPatch
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html
secalert@redhat.comhttp://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0160.htmlPatch, Vendor Advisory
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0163.html
secalert@redhat.comhttp://www.securityfocus.com/archive/1/427053/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/427990/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/16143Patch
secalert@redhat.comhttp://www.trustix.org/errata/2006/0002/
secalert@redhat.comhttp://www.vupen.com/english/advisories/2006/0047
secalert@redhat.comhttp://www.vupen.com/english/advisories/2007/2280
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/24023
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575
secalert@redhat.comhttps://usn.ubuntu.com/236-1/
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
af854a3a-2127-422b-91ae-364da2661108http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2006-0177.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://scary.beasts.org/security/CESA-2005-003.txtExploit
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18147
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18303Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18312Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18313Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18329Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18332Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18334Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18335Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18338Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18349Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18373
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18375Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18380
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18385Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18387Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18389Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18398Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18407Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18414
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18416Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18423Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18425
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18428
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18436
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18448Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18463
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18517Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18534Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18554Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18582Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18642Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18644Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18674Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18675Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18679Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18908Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18913
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19230
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19377
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/25729
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-931
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-932
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-937
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-938
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-940
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-936Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-950Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-961Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-962
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200601-02.xmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml
af854a3a-2127-422b-91ae-364da2661108http://www.kde.org/info/security/advisory-20051207-2.txtPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:003
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:004
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:005
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:006
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:008
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:010
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:011
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:012
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0160.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0163.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/427053/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/427990/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/16143Patch
af854a3a-2127-422b-91ae-364da2661108http://www.trustix.org/errata/2006/0002/
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/0047
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/2280
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/24023
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/236-1/
Impacted products
Vendor Product Version
easy_software_products cups 1.1.22
easy_software_products cups 1.1.22_rc1
easy_software_products cups 1.1.23
easy_software_products cups 1.1.23_rc1
kde kdegraphics 3.2
kde kdegraphics 3.4.3
kde koffice 1.4
kde koffice 1.4.1
kde koffice 1.4.2
kde kpdf 3.2
kde kpdf 3.4.3
kde kword 1.4.2
libextractor libextractor *
poppler poppler 0.4.2
sgi propack 3.0
tetex tetex 1.0.7
tetex tetex 2.0
tetex tetex 2.0.1
tetex tetex 2.0.2
tetex tetex 3.0
xpdf xpdf 3.0
conectiva linux 10.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
debian debian_linux 3.1
gentoo linux *
mandrakesoft mandrake_linux 10.1
mandrakesoft mandrake_linux 10.1
mandrakesoft mandrake_linux 10.2
mandrakesoft mandrake_linux 10.2
mandrakesoft mandrake_linux 2006
mandrakesoft mandrake_linux 2006
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux_corporate_server 3.0
mandrakesoft mandrake_linux_corporate_server 3.0
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 3.0
redhat enterprise_linux 3.0
redhat enterprise_linux 3.0
redhat enterprise_linux 4.0
redhat enterprise_linux 4.0
redhat enterprise_linux 4.0
redhat enterprise_linux_desktop 3.0
redhat enterprise_linux_desktop 4.0
redhat fedora_core core_1.0
redhat fedora_core core_2.0
redhat fedora_core core_3.0
redhat fedora_core core_4.0
redhat linux 7.3
redhat linux 9.0
redhat linux_advanced_workstation 2.1
redhat linux_advanced_workstation 2.1
sco openserver 5.0.7
sco openserver 6.0
slackware slackware_linux 9.0
slackware slackware_linux 9.1
slackware slackware_linux 10.0
slackware slackware_linux 10.1
slackware slackware_linux 10.2
suse suse_linux 1.0
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.1
suse suse_linux 9.1
suse suse_linux 9.1
suse suse_linux 9.2
suse suse_linux 9.2
suse suse_linux 9.2
suse suse_linux 9.3
suse suse_linux 9.3
suse suse_linux 9.3
suse suse_linux 10.0
suse suse_linux 10.0
trustix secure_linux 2.0
trustix secure_linux 2.2
trustix secure_linux 3.0
turbolinux turbolinux 10
turbolinux turbolinux fuji
turbolinux turbolinux_appliance_server 1.0_hosting_edition
turbolinux turbolinux_appliance_server 1.0_workgroup_edition
turbolinux turbolinux_desktop 10.0
turbolinux turbolinux_home *
turbolinux turbolinux_multimedia *
turbolinux turbolinux_personal *
turbolinux turbolinux_server 8.0
turbolinux turbolinux_server 10.0
turbolinux turbolinux_server 10.0_x86
turbolinux turbolinux_workstation 8.0
ubuntu ubuntu_linux 4.1
ubuntu ubuntu_linux 4.1
ubuntu ubuntu_linux 5.04
ubuntu ubuntu_linux 5.04
ubuntu ubuntu_linux 5.04
ubuntu ubuntu_linux 5.10
ubuntu ubuntu_linux 5.10
ubuntu ubuntu_linux 5.10



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1512A96-B8E7-4DB7-A4CB-8FD3773BFC97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "787B918D-9CCC-44FE-92AF-E8DF1E91A3C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "C116493B-2837-4531-9291-A9FF03099A97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "525BD04B-387F-4713-BC89-472D0D0BCFD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kdegraphics:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF92649-90CE-4E75-A938-61D0916B5A7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kdegraphics:3.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CA505B4-0C17-49C8-9533-CA8CE3AA77D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "37C08E0A-651F-458B-BCEC-A30DCD527E47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6000D6AF-C056-4BC0-A54C-72E23E52AB92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D036E4-FA49-417D-968B-9D73B16A09BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kpdf:3.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC2AB9CB-DEAB-45AB-A7CA-D19E069907EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kword:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAC32BAA-99B3-4B40-83A3-ED9E1B12B295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libextractor:libextractor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "679D9520-DE8E-4D06-A227-3B1C1D05977D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sgi:propack:3.0:sp6:*:*:*:*:*:*",
              "matchCriteriaId": "EF8ABD90-AD2B-4FA0-A355-9D7CD6D3C486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9178B36F-41D5-4AE7-B9C8-56BDEADE76EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
              "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
              "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "5BF84240-1881-4EFB-BB2F-F9CE8AD09C7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "AF8AE8C4-810F-41AB-A251-5A2D4DD6884D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*",
              "matchCriteriaId": "5EACF214-FA27-44FF-A431-927AB79377A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "E2B58895-0E2A-4466-9CB2-0083349A83B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "03F8220A-9B1C-40AA-AEAB-F9A93225FBD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "2311919C-7864-469D-B0F6-9B11D8D0A1C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "19876495-4C1A-487C-955A-C5AA46362A1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*",
              "matchCriteriaId": "D75286DD-50BC-4B72-8AC8-E20730124DC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "1998C972-497E-4916-B50E-FB32303EEA8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "A6CD3DD9-3A8A-4716-A2D1-136A790AFF94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "6CE2020A-4FB2-4FCD-8561-7BD147CD95EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "08E90AFA-C262-46D0-B60E-26B67C9602D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:*",
              "matchCriteriaId": "0315FB43-D199-4734-B724-50ED031C0020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "11D69B83-4EF3-407B-8E8C-DE623F099C17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:x86-64:*:*:*:*:*",
              "matchCriteriaId": "7D221688-18A0-453D-8D13-6B68011FCA13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*",
              "matchCriteriaId": "597094EC-D23F-4EC4-A140-96F287679124",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86-64:*:*:*:*:*",
              "matchCriteriaId": "C4FCF0D3-A6CB-448E-B0D3-DA82BE02DEC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
              "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
              "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C720DACC-CF4B-4A00-818C-8303A7D7DED6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*",
              "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*",
              "matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sco:openserver:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7458BA31-812E-40C9-BB92-8688A3BCBA56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29C5A03-A7C9-4780-BB63-CF1E874D018D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B85EF0EE-3E61-4CA3-9F00-610AB2E1CFCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "70440F49-AEE9-41BE-8E1A-43AB657C8E09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:personal:*:*:*:*:*",
              "matchCriteriaId": "F239BA8A-6B41-4B08-8C7C-25D235812C50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:professional:*:*:*:*:*",
              "matchCriteriaId": "89BA858B-9466-4640-84AE-DC5BDC65D6B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:s_390:*:*:*:*:*",
              "matchCriteriaId": "85F2D904-E830-4034-9CCB-0FF65019622C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:personal:*:*:*:*:*",
              "matchCriteriaId": "3EA56868-ACA1-4C65-9FFB-A68129D2428A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:professional:*:*:*:*:*",
              "matchCriteriaId": "1BA2E629-58C6-4BA0-A447-F8F570B35E74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:personal:*:*:*:*:*",
              "matchCriteriaId": "3BEE15E9-9194-4E37-AB3B-66ECD5AC9E11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:professional:*:*:*:*:*",
              "matchCriteriaId": "C89BA3B6-370B-4911-A363-935A9C9EACF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:personal:*:*:*:*:*",
              "matchCriteriaId": "4F1B4D15-0562-44D6-B80B-35A8F432BD41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:professional:*:*:*:*:*",
              "matchCriteriaId": "D84ABF78-0D85-4E15-907E-B5ACE86EB8C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "9C7018E7-F90C-435D-A07A-05A294EA2827",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*",
              "matchCriteriaId": "16915004-1006-41D6-9E42-D1A5041E442D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:professional:*:*:*:*:*",
              "matchCriteriaId": "994ABCE2-3B9E-4E4E-83F7-CE2A79C70F64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "100A2456-BF20-4461-8DC9-C61889322B29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux:10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C7D4F57-E186-497A-B390-92E5D2C7E894",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEC3F6F3-9A6E-4A98-A967-6776C872475C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_hosting_edition:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC3218DD-A565-4AB8-86FE-E7F59AC0535F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_workgroup_edition:*:*:*:*:*:*:*",
              "matchCriteriaId": "97AEDB57-202F-4B53-8815-21836F177060",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_home:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "065FF0F1-7FAC-4584-92EA-EAA87DC76FA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_multimedia:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E27180A1-9767-4CD3-978C-7538155B162D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_personal:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAAA9376-A060-49AE-86A7-6B28E26ED5D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B484D091-62DE-4EF2-AC54-26896CA8B315",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0_x86:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC5AC26E-3F3F-4D14-BE65-82B4432AB382",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "3BD12488-1ED8-4751-ABF5-3578D54750A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*",
              "matchCriteriaId": "AE3733CF-4C88-443C-9B90-6477C9C500D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*",
              "matchCriteriaId": "9C500A75-D75E-45B4-B582-0F0DF27C3C04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "86FD134D-A5C5-4B08-962D-70CF07C74923",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*",
              "matchCriteriaId": "FA84692E-F99D-4207-B4F2-799A6ADB88AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*",
              "matchCriteriaId": "8B0F1091-4B76-44F5-B896-6D37E2F909A2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka \"Infinite CPU spins.\""
    }
  ],
  "id": "CVE-2005-3625",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-12-31T05:00:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit"
      ],
      "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18147"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18303"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18312"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18313"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18329"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18332"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18334"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18335"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18338"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18349"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18373"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18375"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18380"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18385"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18387"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18389"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18398"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18407"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18414"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18416"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18423"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18425"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18428"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18436"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18448"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18463"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18517"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18534"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18554"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18582"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18642"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18644"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18674"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18675"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18679"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18908"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18913"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19230"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19377"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25729"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-931"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-932"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-937"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-938"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-940"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-936"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-950"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-961"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-962"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16143"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.trustix.org/errata/2006/0002/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2006/0047"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/2280"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/236-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18147"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18303"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18312"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18313"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18329"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18332"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18334"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18335"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18338"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18349"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18373"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18375"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18380"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18385"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18387"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18389"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18398"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18407"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18414"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18416"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18423"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18425"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18428"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18436"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18448"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18463"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18517"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18534"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18554"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18582"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18642"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18644"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18674"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18675"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18679"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18908"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18913"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19230"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19377"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25729"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-931"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-932"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-937"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-938"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-940"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-936"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-950"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-961"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-962"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16143"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.trustix.org/errata/2006/0002/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/0047"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2280"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/236-1/"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vendorComments": [
    {
      "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
      "lastModified": "2007-03-14T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}