Vulnerabilites related to xpdf - xpdf
CVE-2006-0746 (GCVE-0-2006-0746)
Vulnerability from cvelistv5
Published
2006-03-09 00:00
Modified
2024-08-07 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Certain patches for kpdf do not include all relevant patches from xpdf that were associated with CVE-2005-3627, which allows context-dependent attackers to exploit vulnerabilities that were present in CVE-2005-3627.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T16:48:55.648Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2006:0262", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0262.html" }, { "name": "DSA-1008", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1008" }, { "name": "MDKSA-2006:054", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:054" }, { "name": "20060310 [KDE Security Advisory] kpdf of KDE 3.3.x heap based buffer overflow", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427299/100/0/threaded" }, { "name": "19190", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19190" }, { "name": "19264", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19264" }, { "name": "19189", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19189" }, { "name": "17039", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/17039" }, { "name": "kde-kpdf-patch-bo(25146)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25146" }, { "name": "oval:org.mitre.oval:def:11441", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11441" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.kde.org/info/security/advisory-20060202-1.txt" }, { "name": "566", "tags": [ "third-party-advisory", "x_refsource_SREASON", "x_transferred" ], "url": "http://securityreason.com/securityalert/566" }, { "name": "1015751", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1015751" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-03-08T00:00:00", "descriptions": [ { "lang": "en", "value": "Certain patches for kpdf do not include all relevant patches from xpdf that were associated with CVE-2005-3627, which allows context-dependent attackers to exploit vulnerabilities that were present in CVE-2005-3627." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-19T14:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2006:0262", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0262.html" }, { "name": "DSA-1008", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1008" }, { "name": "MDKSA-2006:054", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:054" }, { "name": "20060310 [KDE Security Advisory] kpdf of KDE 3.3.x heap based buffer overflow", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/427299/100/0/threaded" }, { "name": "19190", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19190" }, { "name": "19264", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19264" }, { "name": "19189", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19189" }, { "name": "17039", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/17039" }, { "name": "kde-kpdf-patch-bo(25146)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25146" }, { "name": "oval:org.mitre.oval:def:11441", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11441" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.kde.org/info/security/advisory-20060202-1.txt" }, { "name": "566", "tags": [ "third-party-advisory", "x_refsource_SREASON" ], "url": "http://securityreason.com/securityalert/566" }, { "name": "1015751", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1015751" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2006-0746", "datePublished": "2006-03-09T00:00:00", "dateReserved": "2006-02-17T00:00:00", "dateUpdated": "2024-08-07T16:48:55.648Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-7867 (GCVE-0-2024-7867)
Vulnerability from cvelistv5
Published
2024-08-15 20:06
Modified
2024-08-16 17:12
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In Xpdf 4.05 (and earlier), very large coordinates in a page box can cause an integer overflow and divide-by-zero.
References
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:xpdfreader:xpdf:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "xpdf", "vendor": "xpdfreader", "versions": [ { "lessThanOrEqual": "4.05", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-7867", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-16T17:08:56.250411Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-16T17:12:21.754Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "all" ], "product": "Xpdf", "vendor": "Xpdf", "versions": [ { "lessThanOrEqual": "4.05", "status": "affected", "version": "0", "versionType": "Version" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "xiaobaozidi" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "In Xpdf 4.05 (and earlier), very large coordinates in a page box can cause an integer overflow and divide-by-zero.\u003cbr\u003e" } ], "value": "In Xpdf 4.05 (and earlier), very large coordinates in a page box can cause an integer overflow and divide-by-zero." } ], "metrics": [ { "cvssV4_0": { "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 2.1, "baseSeverity": "LOW", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-369", "description": "CWE-369 Divide By Zero", "lang": "en", "type": "CWE" } ] }, { "descriptions": [ { "cweId": "CWE-190", "description": "CWE-190 Integer Overflow or Wraparound", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-15T20:06:47.966Z", "orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "shortName": "GandC" }, "references": [ { "url": "https://www.xpdfreader.com/security-bug/CVE-2024-7867.html" } ], "source": { "discovery": "UNKNOWN" }, "title": "Integer overflow and divide-by-zero in Xpdf 4.05 due to bogus page box coordinates", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "assignerShortName": "GandC", "cveId": "CVE-2024-7867", "datePublished": "2024-08-15T20:06:47.966Z", "dateReserved": "2024-08-15T20:00:13.850Z", "dateUpdated": "2024-08-16T17:12:21.754Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-4568 (GCVE-0-2024-4568)
Vulnerability from cvelistv5
Published
2024-05-06 19:56
Modified
2024-08-01 20:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-674 - Uncontrolled Recursion
Summary
In Xpdf 4.05 (and earlier), a PDF object loop in the PDF resources leads to infinite recursion and a stack overflow.
References
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:glyphandcog:xpdf:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "xpdf", "vendor": "glyphandcog", "versions": [ { "lessThanOrEqual": "4.05", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-4568", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-07T18:03:05.708589Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:55:13.783Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T20:47:40.665Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.xpdfreader.com/security-bug/object-loops.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "all" ], "product": "Xpdf", "vendor": "Xpdf", "versions": [ { "lessThanOrEqual": "4.05", "status": "affected", "version": "0", "versionType": "version" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Ximing Fan, from School of Cyber Science and Engineering, Sichuan University, China" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "In Xpdf 4.05 (and earlier), a PDF object loop in the PDF resources leads to infinite recursion and a stack overflow." } ], "value": "In Xpdf 4.05 (and earlier), a PDF object loop in the PDF resources leads to infinite recursion and a stack overflow." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 2.9, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-674", "description": "CWE-674 Uncontrolled Recursion", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-06T19:56:15.633Z", "orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "shortName": "GandC" }, "references": [ { "url": "https://www.xpdfreader.com/security-bug/object-loops.html" } ], "source": { "discovery": "UNKNOWN" }, "title": "Stack overflow in Xpdf 4.05 due to object loop in PDF resources", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "assignerShortName": "GandC", "cveId": "CVE-2024-4568", "datePublished": "2024-05-06T19:56:15.633Z", "dateReserved": "2024-05-06T19:48:33.775Z", "dateUpdated": "2024-08-01T20:47:40.665Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2007-0104 (GCVE-0-2007-0104)
Vulnerability from cvelistv5
Published
2007-01-09 00:00
Modified
2024-08-07 12:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T12:03:37.070Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "23815", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/23815" }, { "name": "MDKSA-2007:022", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:022" }, { "name": "MDKSA-2007:020", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:020" }, { "name": "TA07-072A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html" }, { "name": "MDKSA-2007:021", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:021" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.kde.org/info/security/advisory-20070115-1.txt" }, { "name": "MDKSA-2007:019", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:019" }, { "name": "23799", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/23799" }, { "name": "23839", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/23839" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://docs.info.apple.com/article.html?artnum=305214" }, { "name": "multiple-vendor-pdf-code-execution(31364)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31364" }, { "name": "USN-410-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-410-2" }, { "name": "MDKSA-2007:018", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:018" }, { "name": "1017514", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1017514" }, { "name": "23791", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/23791" }, { "name": "SUSE-SR:2007:003", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2007_3_sr.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html" }, { "name": "21910", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/21910" }, { "name": "MDKSA-2007:024", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:024" }, { "name": "1017749", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id?1017749" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://projects.info-pull.com/moab/MOAB-06-01-2007.html" }, { "name": "23844", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/23844" }, { "name": "USN-410-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-410-1" }, { "name": "ADV-2007-0203", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/0203" }, { "name": "23876", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/23876" }, { "name": "20070116 [KDE Security Advisory] kpdf/kword/xpdf denial of service vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/457055/100/0/threaded" }, { "name": "ADV-2007-0244", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/0244" }, { "name": "ADV-2007-0212", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/0212" }, { "name": "ADV-2007-0930", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/0930" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-964" }, { "name": "23813", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/23813" }, { "name": "24204", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/24204" }, { "name": "23808", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/23808" }, { "name": "24479", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/24479" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2007-01-06T00:00:00", "descriptions": [ { "lang": "en", "value": "The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "23815", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/23815" }, { "name": "MDKSA-2007:022", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:022" }, { "name": "MDKSA-2007:020", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:020" }, { "name": "TA07-072A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html" }, { "name": "MDKSA-2007:021", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:021" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.kde.org/info/security/advisory-20070115-1.txt" }, { "name": "MDKSA-2007:019", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:019" }, { "name": "23799", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/23799" }, { "name": "23839", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/23839" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://docs.info.apple.com/article.html?artnum=305214" }, { "name": "multiple-vendor-pdf-code-execution(31364)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31364" }, { "name": "USN-410-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-410-2" }, { "name": "MDKSA-2007:018", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:018" }, { "name": "1017514", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1017514" }, { "name": "23791", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/23791" }, { "name": "SUSE-SR:2007:003", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2007_3_sr.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html" }, { "name": "21910", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/21910" }, { "name": "MDKSA-2007:024", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:024" }, { "name": "1017749", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id?1017749" }, { "tags": [ "x_refsource_MISC" ], "url": "http://projects.info-pull.com/moab/MOAB-06-01-2007.html" }, { "name": "23844", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/23844" }, { "name": "USN-410-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-410-1" }, { "name": "ADV-2007-0203", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/0203" }, { "name": "23876", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/23876" }, { "name": "20070116 [KDE Security Advisory] kpdf/kword/xpdf denial of service vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/457055/100/0/threaded" }, { "name": "ADV-2007-0244", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/0244" }, { "name": "ADV-2007-0212", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/0212" }, { "name": "ADV-2007-0930", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/0930" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-964" }, { "name": "23813", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/23813" }, { "name": "24204", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/24204" }, { "name": "23808", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/23808" }, { "name": "24479", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/24479" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-0104", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "23815", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23815" }, { "name": "MDKSA-2007:022", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:022" }, { "name": "MDKSA-2007:020", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:020" }, { "name": "TA07-072A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html" }, { "name": "MDKSA-2007:021", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:021" }, { "name": "http://www.kde.org/info/security/advisory-20070115-1.txt", "refsource": "CONFIRM", "url": "http://www.kde.org/info/security/advisory-20070115-1.txt" }, { "name": "MDKSA-2007:019", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:019" }, { "name": "23799", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23799" }, { "name": "23839", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23839" }, { "name": "http://docs.info.apple.com/article.html?artnum=305214", "refsource": "CONFIRM", "url": "http://docs.info.apple.com/article.html?artnum=305214" }, { "name": "multiple-vendor-pdf-code-execution(31364)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31364" }, { "name": "USN-410-2", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-410-2" }, { "name": "MDKSA-2007:018", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:018" }, { "name": "1017514", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1017514" }, { "name": "23791", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23791" }, { "name": "SUSE-SR:2007:003", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2007_3_sr.html" }, { "name": "http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html", "refsource": "CONFIRM", "url": "http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html" }, { "name": "21910", "refsource": "BID", "url": "http://www.securityfocus.com/bid/21910" }, { "name": "MDKSA-2007:024", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:024" }, { "name": "1017749", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1017749" }, { "name": "http://projects.info-pull.com/moab/MOAB-06-01-2007.html", "refsource": "MISC", "url": "http://projects.info-pull.com/moab/MOAB-06-01-2007.html" }, { "name": "23844", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23844" }, { "name": "USN-410-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-410-1" }, { "name": "ADV-2007-0203", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/0203" }, { "name": "23876", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23876" }, { "name": "20070116 [KDE Security Advisory] kpdf/kword/xpdf denial of service vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/457055/100/0/threaded" }, { "name": "ADV-2007-0244", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/0244" }, { "name": "ADV-2007-0212", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/0212" }, { "name": "ADV-2007-0930", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/0930" }, { "name": "https://issues.rpath.com/browse/RPL-964", "refsource": "CONFIRM", "url": "https://issues.rpath.com/browse/RPL-964" }, { "name": "23813", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23813" }, { "name": "24204", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24204" }, { "name": "23808", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23808" }, { "name": "24479", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24479" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-0104", "datePublished": "2007-01-09T00:00:00", "dateReserved": "2007-01-08T00:00:00", "dateUpdated": "2024-08-07T12:03:37.070Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2023-2663 (GCVE-0-2023-2663)
Vulnerability from cvelistv5
Published
2023-05-11 20:16
Modified
2025-01-24 16:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-674 - Uncontrolled Recursion
Summary
In Xpdf 4.04 (and earlier), a PDF object loop in the page label tree leads to infinite recursion and a stack overflow.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T06:26:10.030Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://forum.xpdfreader.com/viewtopic.php?t=42421" } ], "title": "CVE Program Container" }, { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-2663", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-01-24T16:02:53.792174Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-674", "description": "CWE-674 Uncontrolled Recursion", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-01-24T16:04:05.434Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "all" ], "product": "Xpdf", "vendor": "Xpdf", "versions": [ { "status": "affected", "version": "4.04" } ] } ], "credits": [ { "lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "BabyBus" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cdiv\u003e\u0026nbsp;In Xpdf 4.04 (and earlier), a PDF object loop in the page label tree leads to infinite recursion and a stack overflow.\u003cbr\u003e\u003c/div\u003e" } ], "value": "\u00a0In Xpdf 4.04 (and earlier), a PDF object loop in the page label tree leads to infinite recursion and a stack overflow.\n\n\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 2.9, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-674", "description": "CWE-674 Uncontrolled Recursion", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-11T20:19:20.402Z", "orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "shortName": "GandC" }, "references": [ { "url": "https://forum.xpdfreader.com/viewtopic.php?t=42421" } ], "source": { "discovery": "UNKNOWN" }, "title": "Stack overflow in Xpdf 4.04 due to object loop in PDF page label tree", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "assignerShortName": "GandC", "cveId": "CVE-2023-2663", "datePublished": "2023-05-11T20:16:59.111Z", "dateReserved": "2023-05-11T20:10:12.645Z", "dateUpdated": "2025-01-24T16:04:05.434Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2003-0434 (GCVE-0-2003-0434)
Vulnerability from cvelistv5
Published
2003-06-18 04:00
Modified
2024-08-08 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.
References
► | URL | Tags | |||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T01:50:48.159Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "9038", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/9038" }, { "name": "MDKSA-2003:071", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:071" }, { "name": "VU#200132", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/200132" }, { "name": "20030613 -10Day CERT Advisory on PDF Files", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html" }, { "name": "RHSA-2003:196", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-196.html" }, { "name": "9037", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/9037" }, { "name": "RHSA-2003:197", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-197.html" }, { "name": "20030709 xpdf vulnerability - CAN-2003-0434", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=105777963019186\u0026w=2" }, { "name": "oval:org.mitre.oval:def:664", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A664" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2003-06-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "9038", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/9038" }, { "name": "MDKSA-2003:071", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:071" }, { "name": "VU#200132", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/200132" }, { "name": "20030613 -10Day CERT Advisory on PDF Files", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html" }, { "name": "RHSA-2003:196", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-196.html" }, { "name": "9037", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/9037" }, { "name": "RHSA-2003:197", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-197.html" }, { "name": "20030709 xpdf vulnerability - CAN-2003-0434", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=105777963019186\u0026w=2" }, { "name": "oval:org.mitre.oval:def:664", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A664" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0434", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "9038", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/9038" }, { "name": "MDKSA-2003:071", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:071" }, { "name": "VU#200132", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/200132" }, { "name": "20030613 -10Day CERT Advisory on PDF Files", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html" }, { "name": "RHSA-2003:196", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-196.html" }, { "name": "9037", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/9037" }, { "name": "RHSA-2003:197", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-197.html" }, { "name": "20030709 xpdf vulnerability - CAN-2003-0434", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=105777963019186\u0026w=2" }, { "name": "oval:org.mitre.oval:def:664", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A664" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0434", "datePublished": "2003-06-18T04:00:00", "dateReserved": "2003-06-16T00:00:00", "dateUpdated": "2024-08-08T01:50:48.159Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2005-3193 (GCVE-0-2005-3193)
Vulnerability from cvelistv5
Published
2005-12-07 00:00
Modified
2024-08-07 23:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and (5) libextractor allows user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with large size values that cause insufficient memory to be allocated.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T23:01:59.055Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "17959", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17959" }, { "name": "17929", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17929" }, { "name": "19797", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19797" }, { "name": "SCOSA-2006.20", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt" }, { "name": "DSA-932", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18349" }, { "name": "18147", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18147" }, { "name": "SCOSA-2006.15", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "name": "18055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18055" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.kde.org/info/security/advisory-20051207-1.txt" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18679" }, { "name": "18189", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18189" }, { "name": "26413", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/26413" }, { "name": "17940", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17940" }, { "name": "18303", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "name": "19230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "MDKSA-2006:012", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "name": "DSA-962", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "name": "FEDORA-2005-1171", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00073.html" }, { "name": "1015309", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1015309" }, { "name": "DSA-937", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-937" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "15721", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/15721" }, { "name": "SUSE-SA:2006:001", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "17916", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17916" }, { "name": "236", "tags": [ "third-party-advisory", "x_refsource_SREASON", "x_transferred" ], "url": "http://securityreason.com/securityalert/236" }, { "name": "GLSA-200603-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-02.xml" }, { "name": "RHSA-2005:840", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-840.html" }, { "name": "ADV-2005-2789", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2005/2789" }, { "name": "RHSA-2005:867", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-867.html" }, { "name": "18674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18313" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-1609" }, { "name": "RHSA-2005:868", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2005-868.html" }, { "name": "20051201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18448" }, { "name": "18380", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18380" }, { "name": "GLSA-200512-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml" }, { "name": "FEDORA-2005-1126", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html" }, { "name": "18416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18416" }, { "name": "FEDORA-2005-1132", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00022.html" }, { "name": "ADV-2007-2280", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "GLSA-200601-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "19125", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19125" }, { "name": "xpdf-jpx-stream-bo(23441)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23441" }, { "name": "FEDORA-2005-1142", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html" }, { "name": "18336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18336" }, { "name": "18061", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18061" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18407" }, { "name": "18009", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18009" }, { "name": "USN-227-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntulinux.org/usn/usn-227-1" }, { "name": "17897", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17897" }, { "name": "18517", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18582" }, { "name": "18534", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18534" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "TSLSA-2005-0072", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred" ], "url": "http://www.trustix.org/errata/2005/0072/" }, { "name": "18520", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18520" }, { "name": "FEDORA-2005-1127", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html" }, { "name": "20051207 [KDE Security Advisory] multiple buffer overflows in kpdf/koffice", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/418883/100/0/threaded" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18908" }, { "name": "25729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/25729" }, { "name": "MDKSA-2006:006", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "17956", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17956" }, { "name": "17926", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17926" }, { "name": "19798", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19798" }, { "name": "MDKSA-2006:008", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "18191", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18191" }, { "name": "20060201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "17912", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17912" }, { "name": "MDKSA-2006:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "DSA-940", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-940" }, { "name": "MDKSA-2006:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "oval:org.mitre.oval:def:11440", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11440" }, { "name": "ADV-2005-2790", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2005/2790" }, { "name": "20051205 Multiple Vendor xpdf JPX Stream Reader Heap Overflow Vulnerability", "tags": [ "third-party-advisory", "x_refsource_IDEFENSE", "x_transferred" ], "url": "http://www.idefense.com/application/poi/display?id=345\u0026type=vulnerabilities\u0026flashstatus=true" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00043.html" }, { "name": "18389", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18389" }, { "name": "18192", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18192" }, { "name": "ADV-2005-2856", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2005/2856" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19377" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "SCOSA-2006.21", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt" }, { "name": "18675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18675" }, { "name": "1015324", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1015324" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18913" }, { "name": "DSA-938", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-938" }, { "name": "SUSE-SR:2005:029", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2005_29_sr.html" }, { "name": "ADV-2005-2787", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2005/2787" }, { "name": "RHSA-2005:878", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-878.html" }, { "name": "FEDORA-2005-1141", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html" }, { "name": "17920", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17920" }, { "name": "DSA-950", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "17955", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17955" }, { "name": "17976", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17976" }, { "name": "18387", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18387" }, { "name": "FEDORA-2005-1125", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00014.html" }, { "name": "MDKSA-2006:011", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18385" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2005-12-05T00:00:00", "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and (5) libextractor allows user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with large size values that cause insufficient memory to be allocated." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-19T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "17959", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17959" }, { "name": "17929", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17929" }, { "name": "19797", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19797" }, { "name": "SCOSA-2006.20", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt" }, { "name": "DSA-932", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18349" }, { "name": "18147", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18147" }, { "name": "SCOSA-2006.15", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "name": "18055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18055" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.kde.org/info/security/advisory-20051207-1.txt" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18679" }, { "name": "18189", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18189" }, { "name": "26413", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/26413" }, { "name": "17940", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17940" }, { "name": "18303", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "name": "19230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "MDKSA-2006:012", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "name": "DSA-962", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "name": "FEDORA-2005-1171", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00073.html" }, { "name": "1015309", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1015309" }, { "name": "DSA-937", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-937" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "15721", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/15721" }, { "name": "SUSE-SA:2006:001", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "17916", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17916" }, { "name": "236", "tags": [ "third-party-advisory", "x_refsource_SREASON" ], "url": "http://securityreason.com/securityalert/236" }, { "name": "GLSA-200603-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-02.xml" }, { "name": "RHSA-2005:840", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-840.html" }, { "name": "ADV-2005-2789", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2005/2789" }, { "name": "RHSA-2005:867", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-867.html" }, { "name": "18674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18313" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-1609" }, { "name": "RHSA-2005:868", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2005-868.html" }, { "name": "20051201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18448" }, { "name": "18380", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18380" }, { "name": "GLSA-200512-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml" }, { "name": "FEDORA-2005-1126", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html" }, { "name": "18416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18416" }, { "name": "FEDORA-2005-1132", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00022.html" }, { "name": "ADV-2007-2280", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "GLSA-200601-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "19125", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19125" }, { "name": "xpdf-jpx-stream-bo(23441)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23441" }, { "name": "FEDORA-2005-1142", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html" }, { "name": "18336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18336" }, { "name": "18061", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18061" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18407" }, { "name": "18009", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18009" }, { "name": "USN-227-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntulinux.org/usn/usn-227-1" }, { "name": "17897", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17897" }, { "name": "18517", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18582" }, { "name": "18534", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18534" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "TSLSA-2005-0072", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX" ], "url": "http://www.trustix.org/errata/2005/0072/" }, { "name": "18520", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18520" }, { "name": "FEDORA-2005-1127", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html" }, { "name": "20051207 [KDE Security Advisory] multiple buffer overflows in kpdf/koffice", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/418883/100/0/threaded" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18908" }, { "name": "25729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/25729" }, { "name": "MDKSA-2006:006", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "17956", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17956" }, { "name": "17926", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17926" }, { "name": "19798", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19798" }, { "name": "MDKSA-2006:008", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "18191", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18191" }, { "name": "20060201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "17912", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17912" }, { "name": "MDKSA-2006:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "DSA-940", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-940" }, { "name": "MDKSA-2006:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "oval:org.mitre.oval:def:11440", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11440" }, { "name": "ADV-2005-2790", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2005/2790" }, { "name": "20051205 Multiple Vendor xpdf JPX Stream Reader Heap Overflow Vulnerability", "tags": [ "third-party-advisory", "x_refsource_IDEFENSE" ], "url": "http://www.idefense.com/application/poi/display?id=345\u0026type=vulnerabilities\u0026flashstatus=true" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00043.html" }, { "name": "18389", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18389" }, { "name": "18192", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18192" }, { "name": "ADV-2005-2856", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2005/2856" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19377" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "SCOSA-2006.21", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt" }, { "name": "18675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18675" }, { "name": "1015324", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1015324" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18913" }, { "name": "DSA-938", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-938" }, { "name": "SUSE-SR:2005:029", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2005_29_sr.html" }, { "name": "ADV-2005-2787", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2005/2787" }, { "name": "RHSA-2005:878", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-878.html" }, { "name": "FEDORA-2005-1141", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html" }, { "name": "17920", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17920" }, { "name": "DSA-950", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "17955", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17955" }, { "name": "17976", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17976" }, { "name": "18387", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18387" }, { "name": "FEDORA-2005-1125", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00014.html" }, { "name": "MDKSA-2006:011", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18385" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-3193", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and (5) libextractor allows user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with large size values that cause insufficient memory to be allocated." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "17959", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17959" }, { "name": "17929", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17929" }, { "name": "19797", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19797" }, { "name": "SCOSA-2006.20", "refsource": "SCO", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt" }, { "name": "DSA-932", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18349" }, { "name": "18147", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18147" }, { "name": "SCOSA-2006.15", "refsource": "SCO", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "name": "18055", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18055" }, { "name": "http://www.kde.org/info/security/advisory-20051207-1.txt", "refsource": "CONFIRM", "url": "http://www.kde.org/info/security/advisory-20051207-1.txt" }, { "name": "http://www.kde.org/info/security/advisory-20051207-2.txt", "refsource": "CONFIRM", "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18679" }, { "name": "18189", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18189" }, { "name": "26413", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26413" }, { "name": "17940", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17940" }, { "name": "18303", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "name": "19230", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "MDKSA-2006:012", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "name": "DSA-962", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-962" }, { "name": "FEDORA-2005-1171", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00073.html" }, { "name": "1015309", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1015309" }, { "name": "DSA-937", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2005/dsa-937" }, { "name": "18398", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "refsource": "FEDORA", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "15721", "refsource": "BID", "url": "http://www.securityfocus.com/bid/15721" }, { "name": "SUSE-SA:2006:001", "refsource": "SUSE", "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "17916", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17916" }, { "name": "236", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/236" }, { "name": "GLSA-200603-02", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-02.xml" }, { "name": "RHSA-2005:840", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-840.html" }, { "name": "ADV-2005-2789", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2005/2789" }, { "name": "RHSA-2005:867", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-867.html" }, { "name": "18674", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18313" }, { "name": "https://issues.rpath.com/browse/RPL-1609", "refsource": "CONFIRM", "url": "https://issues.rpath.com/browse/RPL-1609" }, { "name": "RHSA-2005:868", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2005-868.html" }, { "name": "20051201-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18448" }, { "name": "18380", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18380" }, { "name": "GLSA-200512-08", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml" }, { "name": "FEDORA-2005-1126", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html" }, { "name": "18416", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18416" }, { "name": "FEDORA-2005-1132", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00022.html" }, { "name": "ADV-2007-2280", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "GLSA-200601-02", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "19125", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19125" }, { "name": "xpdf-jpx-stream-bo(23441)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23441" }, { "name": "FEDORA-2005-1142", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html" }, { "name": "18336", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18336" }, { "name": "18061", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18061" }, { "name": "18407", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18407" }, { "name": "18009", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18009" }, { "name": "USN-227-1", "refsource": "UBUNTU", "url": "http://www.ubuntulinux.org/usn/usn-227-1" }, { "name": "17897", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17897" }, { "name": "18517", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18582" }, { "name": "18534", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18534" }, { "name": "SSA:2006-045-09", "refsource": "SLACKWARE", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "TSLSA-2005-0072", "refsource": "TRUSTIX", "url": "http://www.trustix.org/errata/2005/0072/" }, { "name": "18520", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18520" }, { "name": "FEDORA-2005-1127", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html" }, { "name": "20051207 [KDE Security Advisory] multiple buffer overflows in kpdf/koffice", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/418883/100/0/threaded" }, { "name": "18908", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18908" }, { "name": "25729", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25729" }, { "name": "MDKSA-2006:006", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "17956", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17956" }, { "name": "17926", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17926" }, { "name": "19798", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19798" }, { "name": "MDKSA-2006:008", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "18191", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18191" }, { "name": "20060201-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "17912", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17912" }, { "name": "MDKSA-2006:010", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "DSA-940", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2005/dsa-940" }, { "name": "MDKSA-2006:004", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "oval:org.mitre.oval:def:11440", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11440" }, { "name": "ADV-2005-2790", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2005/2790" }, { "name": "20051205 Multiple Vendor xpdf JPX Stream Reader Heap Overflow Vulnerability", "refsource": "IDEFENSE", "url": "http://www.idefense.com/application/poi/display?id=345\u0026type=vulnerabilities\u0026flashstatus=true" }, { "name": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00043.html", "refsource": "CONFIRM", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00043.html" }, { "name": "18389", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18389" }, { "name": "18192", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18192" }, { "name": "ADV-2005-2856", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2005/2856" }, { "name": "SSA:2006-045-04", "refsource": "SLACKWARE", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19377" }, { "name": "FLSA:175404", "refsource": "FEDORA", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "SCOSA-2006.21", "refsource": "SCO", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt" }, { "name": "18675", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18675" }, { "name": "1015324", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1015324" }, { "name": "18913", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18913" }, { "name": "DSA-938", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2005/dsa-938" }, { "name": "SUSE-SR:2005:029", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2005_29_sr.html" }, { "name": "ADV-2005-2787", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2005/2787" }, { "name": "RHSA-2005:878", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-878.html" }, { "name": "FEDORA-2005-1141", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html" }, { "name": "17920", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17920" }, { "name": "DSA-950", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "17955", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17955" }, { "name": "17976", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17976" }, { "name": "18387", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18387" }, { "name": "FEDORA-2005-1125", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00014.html" }, { "name": "MDKSA-2006:011", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18385" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-3193", "datePublished": "2005-12-07T00:00:00", "dateReserved": "2005-10-14T00:00:00", "dateUpdated": "2024-08-07T23:01:59.055Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2005-3192 (GCVE-0-2005-3192)
Vulnerability from cvelistv5
Published
2005-12-08 01:00
Modified
2024-08-07 23:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitrary code via a PDF file with an out-of-range numComps (number of components) field.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T23:01:59.286Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "17929", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17929" }, { "name": "19797", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19797" }, { "name": "xpdf-streampredictor-bo(23442)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23442" }, { "name": "SCOSA-2006.20", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt" }, { "name": "DSA-932", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18349" }, { "name": "SCOSA-2006.15", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "name": "18055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18055" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.kde.org/info/security/advisory-20051207-1.txt" }, { "name": "18503", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18503" }, { "name": "oval:org.mitre.oval:def:10914", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10914" }, { "name": "18549", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18549" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18679" }, { "name": "18189", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18189" }, { "name": "26413", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/26413" }, { "name": "17940", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17940" }, { "name": "18303", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289" }, { "name": "19230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "DSA-962", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "name": "1015309", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1015309" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "SUSE-SA:2006:001", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "17916", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17916" }, { "name": "RHSA-2005:840", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-840.html" }, { "name": "ADV-2005-2789", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2005/2789" }, { "name": "RHSA-2005:867", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-867.html" }, { "name": "18674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18313" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-1609" }, { "name": "RHSA-2005:868", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2005-868.html" }, { "name": "20051201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18448" }, { "name": "18436", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18436" }, { "name": "18428", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18428" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.01pl1.patch" }, { "name": "18380", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18380" }, { "name": "GLSA-200512-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml" }, { "name": "FEDORA-2005-1126", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html" }, { "name": "18416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18416" }, { "name": "ADV-2007-2280", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "GLSA-200601-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "FEDORA-2005-1142", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html" }, { "name": "18336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18336" }, { "name": "18061", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18061" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18407" }, { "name": "18009", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18009" }, { "name": "17908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17908" }, { "name": "USN-227-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntulinux.org/usn/usn-227-1" }, { "name": "18517", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18582" }, { "name": "SUSE-SR:2006:002", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_02_sr.html" }, { "name": "18534", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18534" }, { "name": "20051205 Multiple Vendor xpdf StreamPredictor Heap Overflow Vulnerability", "tags": [ "third-party-advisory", "x_refsource_IDEFENSE", "x_transferred" ], "url": "http://www.idefense.com/application/poi/display?id=344\u0026type=vulnerabilities" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "TSLSA-2005-0072", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred" ], "url": "http://www.trustix.org/errata/2005/0072/" }, { "name": "FEDORA-2005-1127", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html" }, { "name": "20051207 [KDE Security Advisory] multiple buffer overflows in kpdf/koffice", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/418883/100/0/threaded" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18908" }, { "name": "25729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/25729" }, { "name": "ADV-2005-2786", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2005/2786" }, { "name": "MDKSA-2006:006", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "ADV-2005-2788", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2005/2788" }, { "name": "17926", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17926" }, { "name": "19798", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19798" }, { "name": "ADV-2005-2755", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2005/2755" }, { "name": "15725", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/15725" }, { "name": "MDKSA-2006:008", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "18191", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18191" }, { "name": "20060201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "17912", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17912" }, { "name": "MDKSA-2006:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "17921", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17921" }, { "name": "MDKSA-2006:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "ADV-2005-2790", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2005/2790" }, { "name": "18389", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18389" }, { "name": "18192", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18192" }, { "name": "ADV-2005-2856", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2005/2856" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19377" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "235", "tags": [ "third-party-advisory", "x_refsource_SREASON", "x_transferred" ], "url": "http://securityreason.com/securityalert/235" }, { "name": "SCOSA-2006.21", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt" }, { "name": "18675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18675" }, { "name": "1015324", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1015324" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18913" }, { "name": "SUSE-SR:2005:029", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2005_29_sr.html" }, { "name": "DSA-937", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-937" }, { "name": "ADV-2005-2787", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2005/2787" }, { "name": "RHSA-2005:878", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-878.html" }, { "name": "FEDORA-2005-1141", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html" }, { "name": "17920", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17920" }, { "name": "DSA-950", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "17955", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17955" }, { "name": "17897", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17897/" }, { "name": "17976", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17976" }, { "name": "18387", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18387" }, { "name": "240", "tags": [ "third-party-advisory", "x_refsource_SREASON", "x_transferred" ], "url": "http://securityreason.com/securityalert/240" }, { "name": "MDKSA-2006:011", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18385" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2005-12-05T00:00:00", "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitrary code via a PDF file with an out-of-range numComps (number of components) field." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-19T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "17929", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17929" }, { "name": "19797", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19797" }, { "name": "xpdf-streampredictor-bo(23442)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23442" }, { "name": "SCOSA-2006.20", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt" }, { "name": "DSA-932", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18349" }, { "name": "SCOSA-2006.15", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "name": "18055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18055" }, { "tags": [ "x_refsource_MISC" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.kde.org/info/security/advisory-20051207-1.txt" }, { "name": "18503", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18503" }, { "name": "oval:org.mitre.oval:def:10914", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10914" }, { "name": "18549", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18549" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18679" }, { "name": "18189", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18189" }, { "name": "26413", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/26413" }, { "name": "17940", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17940" }, { "name": "18303", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "tags": [ "x_refsource_MISC" ], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289" }, { "name": "19230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "DSA-962", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "name": "1015309", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1015309" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "SUSE-SA:2006:001", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "17916", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17916" }, { "name": "RHSA-2005:840", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-840.html" }, { "name": "ADV-2005-2789", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2005/2789" }, { "name": "RHSA-2005:867", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-867.html" }, { "name": "18674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18313" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-1609" }, { "name": "RHSA-2005:868", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2005-868.html" }, { "name": "20051201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18448" }, { "name": "18436", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18436" }, { "name": "18428", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18428" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.01pl1.patch" }, { "name": "18380", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18380" }, { "name": "GLSA-200512-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml" }, { "name": "FEDORA-2005-1126", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html" }, { "name": "18416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18416" }, { "name": "ADV-2007-2280", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "GLSA-200601-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "FEDORA-2005-1142", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html" }, { "name": "18336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18336" }, { "name": "18061", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18061" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18407" }, { "name": "18009", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18009" }, { "name": "17908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17908" }, { "name": "USN-227-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntulinux.org/usn/usn-227-1" }, { "name": "18517", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18582" }, { "name": "SUSE-SR:2006:002", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_02_sr.html" }, { "name": "18534", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18534" }, { "name": "20051205 Multiple Vendor xpdf StreamPredictor Heap Overflow Vulnerability", "tags": [ "third-party-advisory", "x_refsource_IDEFENSE" ], "url": "http://www.idefense.com/application/poi/display?id=344\u0026type=vulnerabilities" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "TSLSA-2005-0072", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX" ], "url": "http://www.trustix.org/errata/2005/0072/" }, { "name": "FEDORA-2005-1127", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html" }, { "name": "20051207 [KDE Security Advisory] multiple buffer overflows in kpdf/koffice", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/418883/100/0/threaded" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18908" }, { "name": "25729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/25729" }, { "name": "ADV-2005-2786", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2005/2786" }, { "name": "MDKSA-2006:006", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "ADV-2005-2788", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2005/2788" }, { "name": "17926", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17926" }, { "name": "19798", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19798" }, { "name": "ADV-2005-2755", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2005/2755" }, { "name": "15725", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/15725" }, { "name": "MDKSA-2006:008", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "18191", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18191" }, { "name": "20060201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "17912", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17912" }, { "name": "MDKSA-2006:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "17921", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17921" }, { "name": "MDKSA-2006:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "ADV-2005-2790", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2005/2790" }, { "name": "18389", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18389" }, { "name": "18192", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18192" }, { "name": "ADV-2005-2856", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2005/2856" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19377" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "235", "tags": [ "third-party-advisory", "x_refsource_SREASON" ], "url": "http://securityreason.com/securityalert/235" }, { "name": "SCOSA-2006.21", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt" }, { "name": "18675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18675" }, { "name": "1015324", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1015324" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18913" }, { "name": "SUSE-SR:2005:029", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2005_29_sr.html" }, { "name": "DSA-937", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-937" }, { "name": "ADV-2005-2787", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2005/2787" }, { "name": "RHSA-2005:878", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-878.html" }, { "name": "FEDORA-2005-1141", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html" }, { "name": "17920", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17920" }, { "name": "DSA-950", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "17955", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17955" }, { "name": "17897", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17897/" }, { "name": "17976", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17976" }, { "name": "18387", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18387" }, { "name": "240", "tags": [ "third-party-advisory", "x_refsource_SREASON" ], "url": "http://securityreason.com/securityalert/240" }, { "name": "MDKSA-2006:011", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18385" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-3192", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitrary code via a PDF file with an out-of-range numComps (number of components) field." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "17929", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17929" }, { "name": "19797", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19797" }, { "name": "xpdf-streampredictor-bo(23442)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23442" }, { "name": "SCOSA-2006.20", "refsource": "SCO", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt" }, { "name": "DSA-932", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18349" }, { "name": "SCOSA-2006.15", "refsource": "SCO", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "name": "18055", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18055" }, { "name": "http://scary.beasts.org/security/CESA-2005-003.txt", "refsource": "MISC", "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "name": "http://www.kde.org/info/security/advisory-20051207-1.txt", "refsource": "CONFIRM", "url": "http://www.kde.org/info/security/advisory-20051207-1.txt" }, { "name": "18503", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18503" }, { "name": "oval:org.mitre.oval:def:10914", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10914" }, { "name": "18549", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18549" }, { "name": "http://www.kde.org/info/security/advisory-20051207-2.txt", "refsource": "CONFIRM", "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18679" }, { "name": "18189", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18189" }, { "name": "26413", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26413" }, { "name": "17940", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17940" }, { "name": "18303", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289", "refsource": "MISC", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289" }, { "name": "19230", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "DSA-962", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-962" }, { "name": "1015309", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1015309" }, { "name": "18398", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "refsource": "FEDORA", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "SUSE-SA:2006:001", "refsource": "SUSE", "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "17916", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17916" }, { "name": "RHSA-2005:840", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-840.html" }, { "name": "ADV-2005-2789", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2005/2789" }, { "name": "RHSA-2005:867", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-867.html" }, { "name": "18674", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18313" }, { "name": "https://issues.rpath.com/browse/RPL-1609", "refsource": "CONFIRM", "url": "https://issues.rpath.com/browse/RPL-1609" }, { "name": "RHSA-2005:868", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2005-868.html" }, { "name": "20051201-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18448" }, { "name": "18436", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18436" }, { "name": "18428", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18428" }, { "name": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.01pl1.patch", "refsource": "CONFIRM", "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.01pl1.patch" }, { "name": "18380", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18380" }, { "name": "GLSA-200512-08", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml" }, { "name": "FEDORA-2005-1126", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html" }, { "name": "18416", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18416" }, { "name": "ADV-2007-2280", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "GLSA-200601-02", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "FEDORA-2005-1142", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html" }, { "name": "18336", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18336" }, { "name": "18061", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18061" }, { "name": "18407", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18407" }, { "name": "18009", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18009" }, { "name": "17908", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17908" }, { "name": "USN-227-1", "refsource": "UBUNTU", "url": "http://www.ubuntulinux.org/usn/usn-227-1" }, { "name": "18517", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18582" }, { "name": "SUSE-SR:2006:002", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2006_02_sr.html" }, { "name": "18534", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18534" }, { "name": "20051205 Multiple Vendor xpdf StreamPredictor Heap Overflow Vulnerability", "refsource": "IDEFENSE", "url": "http://www.idefense.com/application/poi/display?id=344\u0026type=vulnerabilities" }, { "name": "SSA:2006-045-09", "refsource": "SLACKWARE", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "TSLSA-2005-0072", "refsource": "TRUSTIX", "url": "http://www.trustix.org/errata/2005/0072/" }, { "name": "FEDORA-2005-1127", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html" }, { "name": "20051207 [KDE Security Advisory] multiple buffer overflows in kpdf/koffice", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/418883/100/0/threaded" }, { "name": "18908", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18908" }, { "name": "25729", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25729" }, { "name": "ADV-2005-2786", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2005/2786" }, { "name": "MDKSA-2006:006", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "ADV-2005-2788", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2005/2788" }, { "name": "17926", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17926" }, { "name": "19798", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19798" }, { "name": "ADV-2005-2755", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2005/2755" }, { "name": "15725", "refsource": "BID", "url": "http://www.securityfocus.com/bid/15725" }, { "name": "MDKSA-2006:008", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "18191", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18191" }, { "name": "20060201-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "17912", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17912" }, { "name": "MDKSA-2006:010", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "17921", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17921" }, { "name": "MDKSA-2006:004", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "ADV-2005-2790", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2005/2790" }, { "name": "18389", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18389" }, { "name": "18192", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18192" }, { "name": "ADV-2005-2856", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2005/2856" }, { "name": "SSA:2006-045-04", "refsource": "SLACKWARE", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19377" }, { "name": "FLSA:175404", "refsource": "FEDORA", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "235", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/235" }, { "name": "SCOSA-2006.21", "refsource": "SCO", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt" }, { "name": "18675", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18675" }, { "name": "1015324", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1015324" }, { "name": "18913", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18913" }, { "name": "SUSE-SR:2005:029", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2005_29_sr.html" }, { "name": "DSA-937", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-937" }, { "name": "ADV-2005-2787", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2005/2787" }, { "name": "RHSA-2005:878", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-878.html" }, { "name": "FEDORA-2005-1141", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html" }, { "name": "17920", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17920" }, { "name": "DSA-950", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "17955", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17955" }, { "name": "17897", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17897/" }, { "name": "17976", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17976" }, { "name": "18387", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18387" }, { "name": "240", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/240" }, { "name": "MDKSA-2006:011", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18385" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-3192", "datePublished": "2005-12-08T01:00:00", "dateReserved": "2005-10-14T00:00:00", "dateUpdated": "2024-08-07T23:01:59.286Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-3900 (GCVE-0-2024-3900)
Vulnerability from cvelistv5
Published
2024-04-17 18:41
Modified
2024-08-01 20:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by long Unicode sequence in ActualText.
References
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:xpdfreader:xpdf:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "xpdf", "vendor": "xpdfreader", "versions": [ { "lessThanOrEqual": "4.05", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-3900", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-04-19T15:59:35.292126Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:32:36.334Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T20:26:57.133Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.xpdfreader.com/security-bug/CVE-2024-3900.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "all" ], "product": "Xpdf", "vendor": "Xpdf", "versions": [ { "lessThanOrEqual": "4.05", "status": "affected", "version": "0", "versionType": "version" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Sangbin Kim, from Korea University Sejong campus" } ], "datePublic": "2024-04-17T19:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by long Unicode sequence in ActualText.\u003cbr\u003e" } ], "value": "Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by long Unicode sequence in ActualText.\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 2.9, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-17T18:41:03.549Z", "orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "shortName": "GandC" }, "references": [ { "url": "https://www.xpdfreader.com/security-bug/CVE-2024-3900.html" } ], "source": { "discovery": "UNKNOWN" }, "title": "Out-of-bounds stack array write in Xpdf 4.05 due to missing zero check", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "assignerShortName": "GandC", "cveId": "CVE-2024-3900", "datePublished": "2024-04-17T18:41:03.549Z", "dateReserved": "2024-04-16T20:04:32.277Z", "dateUpdated": "2024-08-01T20:26:57.133Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2005-3627 (GCVE-0-2005-3627)
Vulnerability from cvelistv5
Published
2006-01-06 22:00
Modified
2024-08-07 23:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via a DCTDecode stream with (1) a large "number of components" value that is not checked by DCTStream::readBaselineSOF or DCTStream::readProgressiveSOF, (2) a large "Huffman table index" value that is not checked by DCTStream::readHuffmanTables, and (3) certain uses of the scanInfo.numComps value by DCTStream::readScanInfo.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T23:17:23.441Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "16143", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/16143" }, { "name": "DSA-932", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18349" }, { "name": "18147", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18147" }, { "name": "SCOSA-2006.15", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18679" }, { "name": "18312", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18312" }, { "name": "18644", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18644" }, { "name": "USN-236-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/236-1/" }, { "name": "18425", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18425" }, { "name": "18373", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18373" }, { "name": "18303", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "name": "19230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "MDKSA-2006:012", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "name": "DSA-962", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "name": "RHSA-2006:0163", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "name": "DSA-937", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-937" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "2006-0002", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred" ], "url": "http://www.trustix.org/errata/2006/0002/" }, { "name": "SUSE-SA:2006:001", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "FEDORA-2005-026", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "name": "18329", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18329" }, { "name": "18463", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18463" }, { "name": "18642", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18642" }, { "name": "18674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18313" }, { "name": "20051201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18448" }, { "name": "18436", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18436" }, { "name": "18428", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18428" }, { "name": "18380", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18380" }, { "name": "18423", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18423" }, { "name": "18416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18416" }, { "name": "RHSA-2006:0177", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "name": "ADV-2007-2280", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "GLSA-200601-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "18335", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18335" }, { "name": "xpdf-readscaninfo-bo(24025)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24025" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18407" }, { "name": "18332", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18332" }, { "name": "18517", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18582" }, { "name": "18534", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18534" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18908" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "name": "25729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/25729" }, { "name": "18414", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18414" }, { "name": "xpdf-readhuffmantables-bo(24024)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24024" }, { "name": "MDKSA-2006:006", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "18338", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18338" }, { "name": "MDKSA-2006:008", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "20060201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "MDKSA-2006:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "DSA-940", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-940" }, { "name": "MDKSA-2006:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "ADV-2006-0047", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "name": "GLSA-200601-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "name": "18389", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18389" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19377" }, { "name": "FEDORA-2005-025", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "18675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18675" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18913" }, { "name": "DSA-938", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-938" }, { "name": "oval:org.mitre.oval:def:10200", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10200" }, { "name": "18334", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18334" }, { "name": "18375", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18375" }, { "name": "DSA-950", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "18387", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18387" }, { "name": "MDKSA-2006:011", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18385" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-01-06T00:00:00", "descriptions": [ { "lang": "en", "value": "Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via a DCTDecode stream with (1) a large \"number of components\" value that is not checked by DCTStream::readBaselineSOF or DCTStream::readProgressiveSOF, (2) a large \"Huffman table index\" value that is not checked by DCTStream::readHuffmanTables, and (3) certain uses of the scanInfo.numComps value by DCTStream::readScanInfo." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-19T14:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "16143", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/16143" }, { "name": "DSA-932", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18349" }, { "name": "18147", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18147" }, { "name": "SCOSA-2006.15", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "tags": [ "x_refsource_MISC" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18679" }, { "name": "18312", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18312" }, { "name": "18644", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18644" }, { "name": "USN-236-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/236-1/" }, { "name": "18425", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18425" }, { "name": "18373", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18373" }, { "name": "18303", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "name": "19230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "MDKSA-2006:012", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "name": "DSA-962", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "name": "RHSA-2006:0163", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "name": "DSA-937", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-937" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "2006-0002", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX" ], "url": "http://www.trustix.org/errata/2006/0002/" }, { "name": "SUSE-SA:2006:001", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "FEDORA-2005-026", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "name": "18329", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18329" }, { "name": "18463", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18463" }, { "name": "18642", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18642" }, { "name": "18674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18313" }, { "name": "20051201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18448" }, { "name": "18436", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18436" }, { "name": "18428", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18428" }, { "name": "18380", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18380" }, { "name": "18423", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18423" }, { "name": "18416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18416" }, { "name": "RHSA-2006:0177", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "name": "ADV-2007-2280", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "GLSA-200601-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "18335", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18335" }, { "name": "xpdf-readscaninfo-bo(24025)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24025" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18407" }, { "name": "18332", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18332" }, { "name": "18517", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18582" }, { "name": "18534", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18534" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18908" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "name": "25729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/25729" }, { "name": "18414", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18414" }, { "name": "xpdf-readhuffmantables-bo(24024)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24024" }, { "name": "MDKSA-2006:006", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "18338", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18338" }, { "name": "MDKSA-2006:008", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "20060201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "MDKSA-2006:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "DSA-940", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-940" }, { "name": "MDKSA-2006:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "ADV-2006-0047", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "name": "GLSA-200601-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "name": "18389", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18389" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19377" }, { "name": "FEDORA-2005-025", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "18675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18675" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18913" }, { "name": "DSA-938", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-938" }, { "name": "oval:org.mitre.oval:def:10200", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10200" }, { "name": "18334", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18334" }, { "name": "18375", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18375" }, { "name": "DSA-950", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "18387", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18387" }, { "name": "MDKSA-2006:011", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18385" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2005-3627", "datePublished": "2006-01-06T22:00:00", "dateReserved": "2005-11-16T00:00:00", "dateUpdated": "2024-08-07T23:17:23.441Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2005-3625 (GCVE-0-2005-3625)
Vulnerability from cvelistv5
Published
2006-01-06 22:00
Modified
2024-08-07 23:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."
References
► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T23:17:23.366Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "16143", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/16143" }, { "name": "DSA-932", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18349" }, { "name": "oval:org.mitre.oval:def:9575", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575" }, { "name": "18147", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18147" }, { "name": "SCOSA-2006.15", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18679" }, { "name": "18312", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18312" }, { "name": "18644", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18644" }, { "name": "USN-236-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/236-1/" }, { "name": "18425", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18425" }, { "name": "18373", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18373" }, { "name": "18303", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "name": "19230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "MDKSA-2006:012", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "name": "DSA-962", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "name": "RHSA-2006:0163", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "name": "DSA-937", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-937" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "2006-0002", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred" ], "url": "http://www.trustix.org/errata/2006/0002/" }, { "name": "SUSE-SA:2006:001", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "FEDORA-2005-026", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "name": "18329", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18329" }, { "name": "18463", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18463" }, { "name": "18642", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18642" }, { "name": "18674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18313" }, { "name": "20051201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18448" }, { "name": "18436", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18436" }, { "name": "18428", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18428" }, { "name": "18380", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18380" }, { "name": "18423", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18423" }, { "name": "18416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18416" }, { "name": "RHSA-2006:0177", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "name": "ADV-2007-2280", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "GLSA-200601-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "18335", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18335" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18407" }, { "name": "18332", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18332" }, { "name": "18517", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18582" }, { "name": "18534", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18534" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "xpdf-ccittfaxdecode-dctdecode-dos(24023)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18908" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "name": "25729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/25729" }, { "name": "18414", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18414" }, { "name": "MDKSA-2006:006", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "18338", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18338" }, { "name": "MDKSA-2006:008", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "20060201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "MDKSA-2006:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "DSA-940", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-940" }, { "name": "MDKSA-2006:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "ADV-2006-0047", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "name": "GLSA-200601-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "name": "18389", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18389" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19377" }, { "name": "FEDORA-2005-025", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "18675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18675" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18913" }, { "name": "DSA-938", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-938" }, { "name": "18334", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18334" }, { "name": "18375", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18375" }, { "name": "DSA-950", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "18387", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18387" }, { "name": "MDKSA-2006:011", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18385" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-01-06T00:00:00", "descriptions": [ { "lang": "en", "value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka \"Infinite CPU spins.\"" } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-19T14:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "16143", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/16143" }, { "name": "DSA-932", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18349" }, { "name": "oval:org.mitre.oval:def:9575", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575" }, { "name": "18147", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18147" }, { "name": "SCOSA-2006.15", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "tags": [ "x_refsource_MISC" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18679" }, { "name": "18312", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18312" }, { "name": "18644", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18644" }, { "name": "USN-236-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/236-1/" }, { "name": "18425", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18425" }, { "name": "18373", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18373" }, { "name": "18303", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "name": "19230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "MDKSA-2006:012", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "name": "DSA-962", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "name": "RHSA-2006:0163", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "name": "DSA-937", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-937" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "2006-0002", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX" ], "url": "http://www.trustix.org/errata/2006/0002/" }, { "name": "SUSE-SA:2006:001", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "FEDORA-2005-026", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "name": "18329", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18329" }, { "name": "18463", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18463" }, { "name": "18642", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18642" }, { "name": "18674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18313" }, { "name": "20051201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18448" }, { "name": "18436", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18436" }, { "name": "18428", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18428" }, { "name": "18380", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18380" }, { "name": "18423", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18423" }, { "name": "18416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18416" }, { "name": "RHSA-2006:0177", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "name": "ADV-2007-2280", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "GLSA-200601-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "18335", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18335" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18407" }, { "name": "18332", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18332" }, { "name": "18517", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18582" }, { "name": "18534", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18534" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "xpdf-ccittfaxdecode-dctdecode-dos(24023)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18908" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "name": "25729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/25729" }, { "name": "18414", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18414" }, { "name": "MDKSA-2006:006", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "18338", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18338" }, { "name": "MDKSA-2006:008", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "20060201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "MDKSA-2006:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "DSA-940", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-940" }, { "name": "MDKSA-2006:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "ADV-2006-0047", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "name": "GLSA-200601-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "name": "18389", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18389" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19377" }, { "name": "FEDORA-2005-025", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "18675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18675" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18913" }, { "name": "DSA-938", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-938" }, { "name": "18334", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18334" }, { "name": "18375", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18375" }, { "name": "DSA-950", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "18387", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18387" }, { "name": "MDKSA-2006:011", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18385" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2005-3625", "datePublished": "2006-01-06T22:00:00", "dateReserved": "2005-11-16T00:00:00", "dateUpdated": "2024-08-07T23:17:23.366Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2009-4035 (GCVE-0-2009-4035)
Vulnerability from cvelistv5
Published
2009-12-21 21:00
Modified
2024-08-07 06:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers to execute arbitrary code via a PDF file with a crafted Type 1 font that can produce a negative value, leading to a signed-to-unsigned integer conversion error and a buffer overflow.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T06:45:50.951Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1023356", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id?1023356" }, { "name": "RHSA-2009:1680", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-1680.html" }, { "name": "37350", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/37350" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://cgit.freedesktop.org/poppler/poppler/tree/fofi/FoFiType1.cc?id=4b4fc5c017bf147c9069bbce32fc14467bd2a81a" }, { "name": "37787", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37787" }, { "name": "37793", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37793" }, { "name": "xpdf-fofitype1parse-bo(54831)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54831" }, { "name": "37781", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37781" }, { "name": "RHSA-2009:1682", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-1682.html" }, { "name": "oval:org.mitre.oval:def:10996", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10996" }, { "name": "SUSE-SR:2010:003", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00003.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://cgit.freedesktop.org/poppler/poppler/diff/fofi/FoFiType1.cc?id=4b4fc5c0" }, { "name": "RHSA-2009:1681", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-1681.html" }, { "name": "37641", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37641" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=541614" }, { "name": "ADV-2009-3555", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/3555" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2009-12-16T00:00:00", "descriptions": [ { "lang": "en", "value": "The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers to execute arbitrary code via a PDF file with a crafted Type 1 font that can produce a negative value, leading to a signed-to-unsigned integer conversion error and a buffer overflow." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-18T12:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "1023356", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id?1023356" }, { "name": "RHSA-2009:1680", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-1680.html" }, { "name": "37350", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/37350" }, { "tags": [ "x_refsource_MISC" ], "url": "http://cgit.freedesktop.org/poppler/poppler/tree/fofi/FoFiType1.cc?id=4b4fc5c017bf147c9069bbce32fc14467bd2a81a" }, { "name": "37787", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37787" }, { "name": "37793", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37793" }, { "name": "xpdf-fofitype1parse-bo(54831)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54831" }, { "name": "37781", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37781" }, { "name": "RHSA-2009:1682", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-1682.html" }, { "name": "oval:org.mitre.oval:def:10996", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10996" }, { "name": "SUSE-SR:2010:003", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00003.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://cgit.freedesktop.org/poppler/poppler/diff/fofi/FoFiType1.cc?id=4b4fc5c0" }, { "name": "RHSA-2009:1681", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2009-1681.html" }, { "name": "37641", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37641" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=541614" }, { "name": "ADV-2009-3555", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/3555" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2009-4035", "datePublished": "2009-12-21T21:00:00", "dateReserved": "2009-11-20T00:00:00", "dateUpdated": "2024-08-07T06:45:50.951Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2005-3628 (GCVE-0-2005-3628)
Vulnerability from cvelistv5
Published
2006-01-23 22:00
Modified
2024-08-07 23:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via unknown attack vectors.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T23:17:23.423Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "DSA-932", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18147", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18147" }, { "name": "18679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18679" }, { "name": "DSA-931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "19230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19230" }, { "name": "MDKSA-2006:012", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "name": "DSA-962", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "name": "DSA-937", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-937" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "SUSE-SA:2006:001", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "18674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18674" }, { "name": "18436", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18436" }, { "name": "oval:org.mitre.oval:def:10287", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10287" }, { "name": "18428", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18428" }, { "name": "18380", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18380" }, { "name": "18416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18416" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18407" }, { "name": "18582", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18582" }, { "name": "18534", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18534" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18908" }, { "name": "20060201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "MDKSA-2006:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "DSA-940", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-940" }, { "name": "18389", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18389" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "18675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18675" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18913" }, { "name": "DSA-938", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-938" }, { "name": "DSA-950", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "18387", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18387" }, { "name": "MDKSA-2006:011", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18385" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-01-06T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via unknown attack vectors." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-19T14:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "DSA-932", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18147", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18147" }, { "name": "18679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18679" }, { "name": "DSA-931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "19230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19230" }, { "name": "MDKSA-2006:012", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "name": "DSA-962", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "name": "DSA-937", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-937" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "SUSE-SA:2006:001", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "18674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18674" }, { "name": "18436", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18436" }, { "name": "oval:org.mitre.oval:def:10287", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10287" }, { "name": "18428", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18428" }, { "name": "18380", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18380" }, { "name": "18416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18416" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18407" }, { "name": "18582", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18582" }, { "name": "18534", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18534" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18908" }, { "name": "20060201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "MDKSA-2006:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "DSA-940", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-940" }, { "name": "18389", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18389" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "18675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18675" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18913" }, { "name": "DSA-938", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-938" }, { "name": "DSA-950", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "18387", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18387" }, { "name": "MDKSA-2006:011", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18385" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2005-3628", "datePublished": "2006-01-23T22:00:00", "dateReserved": "2005-11-16T00:00:00", "dateUpdated": "2024-08-07T23:17:23.423Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2006-0301 (GCVE-0-2006-0301)
Vulnerability from cvelistv5
Published
2006-01-30 22:00
Modified
2024-08-07 16:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T16:34:13.226Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "18707", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18707" }, { "name": "ADV-2006-0422", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/0422" }, { "name": "1015576", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1015576" }, { "name": "SCOSA-2006.15", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "name": "18837", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18837" }, { "name": "xpdf-splash-bo(24391)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24391" }, { "name": "18834", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18834" }, { "name": "MDKSA-2006:031", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:031" }, { "name": "18983", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18983" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179046" }, { "name": "MDKSA-2006:030", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:030" }, { "name": "20060202 [KDE Security Advisory] kpdf/xpdf heap based buffer overflow", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/423899/100/0/threaded" }, { "name": "18864", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18864" }, { "name": "ADV-2006-0389", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/0389" }, { "name": "18677", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18677" }, { "name": "GLSA-200602-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-12.xml" }, { "name": "FEDORA-2006-103", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00039.html" }, { "name": "RHSA-2006:0201", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0201.html" }, { "name": "MDKSA-2006:032", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:032" }, { "name": "GLSA-200602-05", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-05.xml" }, { "name": "18882", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18882" }, { "name": "18274", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18274" }, { "name": "oval:org.mitre.oval:def:10850", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10850" }, { "name": "DSA-974", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-974" }, { "name": "DSA-971", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-971" }, { "name": "18825", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18825" }, { "name": "RHSA-2006:0206", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0206.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.kde.org/info/security/advisory-20060202-1.txt" }, { "name": "470", "tags": [ "third-party-advisory", "x_refsource_SREASON", "x_transferred" ], "url": "http://securityreason.com/securityalert/470" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "18875", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18875" }, { "name": "GLSA-200602-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-04.xml" }, { "name": "18860", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18860" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18908" }, { "name": "18839", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18839" }, { "name": "USN-249-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-249-1" }, { "name": "18862", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18862" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.novell.com/show_bug.cgi?id=141242" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19377" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-972", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-972" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18913" }, { "name": "18838", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18838" }, { "name": "18826", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18826" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-01-26T00:00:00", "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-19T14:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "18707", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18707" }, { "name": "ADV-2006-0422", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/0422" }, { "name": "1015576", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1015576" }, { "name": "SCOSA-2006.15", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "name": "18837", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18837" }, { "name": "xpdf-splash-bo(24391)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24391" }, { "name": "18834", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18834" }, { "name": "MDKSA-2006:031", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:031" }, { "name": "18983", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18983" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179046" }, { "name": "MDKSA-2006:030", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:030" }, { "name": "20060202 [KDE Security Advisory] kpdf/xpdf heap based buffer overflow", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/423899/100/0/threaded" }, { "name": "18864", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18864" }, { "name": "ADV-2006-0389", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/0389" }, { "name": "18677", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18677" }, { "name": "GLSA-200602-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-12.xml" }, { "name": "FEDORA-2006-103", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00039.html" }, { "name": "RHSA-2006:0201", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0201.html" }, { "name": "MDKSA-2006:032", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:032" }, { "name": "GLSA-200602-05", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-05.xml" }, { "name": "18882", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18882" }, { "name": "18274", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18274" }, { "name": "oval:org.mitre.oval:def:10850", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10850" }, { "name": "DSA-974", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-974" }, { "name": "DSA-971", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-971" }, { "name": "18825", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18825" }, { "name": "RHSA-2006:0206", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0206.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.kde.org/info/security/advisory-20060202-1.txt" }, { "name": "470", "tags": [ "third-party-advisory", "x_refsource_SREASON" ], "url": "http://securityreason.com/securityalert/470" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "18875", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18875" }, { "name": "GLSA-200602-04", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-04.xml" }, { "name": "18860", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18860" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18908" }, { "name": "18839", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18839" }, { "name": "USN-249-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-249-1" }, { "name": "18862", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18862" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.novell.com/show_bug.cgi?id=141242" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19377" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-972", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-972" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18913" }, { "name": "18838", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18838" }, { "name": "18826", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18826" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2006-0301", "datePublished": "2006-01-30T22:00:00", "dateReserved": "2006-01-18T00:00:00", "dateUpdated": "2024-08-07T16:34:13.226Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2005-0206 (GCVE-0-2005-0206)
Vulnerability from cvelistv5
Published
2005-02-15 05:00
Modified
2024-08-07 21:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T21:05:25.397Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "oval:org.mitre.oval:def:11107", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107" }, { "name": "MDKSA-2005:041", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041" }, { "name": "11501", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/11501" }, { "name": "RHSA-2005:034", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html" }, { "name": "MDKSA-2005:056", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056" }, { "name": "MDKSA-2005:043", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043" }, { "name": "RHSA-2005:213", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-213.html" }, { "name": "MDKSA-2005:044", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044" }, { "name": "RHSA-2005:053", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html" }, { "name": "xpdf-pdf-bo(17818)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818" }, { "name": "MDKSA-2005:052", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052" }, { "name": "RHSA-2005:132", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-132.html" }, { "name": "MDKSA-2005:042", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042" }, { "name": "RHSA-2005:057", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2005-02-15T00:00:00", "descriptions": [ { "lang": "en", "value": "The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "oval:org.mitre.oval:def:11107", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107" }, { "name": "MDKSA-2005:041", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041" }, { "name": "11501", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/11501" }, { "name": "RHSA-2005:034", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html" }, { "name": "MDKSA-2005:056", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056" }, { "name": "MDKSA-2005:043", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043" }, { "name": "RHSA-2005:213", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-213.html" }, { "name": "MDKSA-2005:044", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044" }, { "name": "RHSA-2005:053", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html" }, { "name": "xpdf-pdf-bo(17818)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818" }, { "name": "MDKSA-2005:052", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052" }, { "name": "RHSA-2005:132", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-132.html" }, { "name": "MDKSA-2005:042", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042" }, { "name": "RHSA-2005:057", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-0206", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "oval:org.mitre.oval:def:11107", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107" }, { "name": "MDKSA-2005:041", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041" }, { "name": "11501", "refsource": "BID", "url": "http://www.securityfocus.com/bid/11501" }, { "name": "RHSA-2005:034", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html" }, { "name": "MDKSA-2005:056", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056" }, { "name": "MDKSA-2005:043", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043" }, { "name": "RHSA-2005:213", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-213.html" }, { "name": "MDKSA-2005:044", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044" }, { "name": "RHSA-2005:053", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html" }, { "name": "xpdf-pdf-bo(17818)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818" }, { "name": "MDKSA-2005:052", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052" }, { "name": "RHSA-2005:132", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-132.html" }, { "name": "MDKSA-2005:042", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042" }, { "name": "RHSA-2005:057", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-0206", "datePublished": "2005-02-15T05:00:00", "dateReserved": "2005-02-01T00:00:00", "dateUpdated": "2024-08-07T21:05:25.397Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2025-2574 (GCVE-0-2025-2574)
Vulnerability from cvelistv5
Published
2025-03-20 21:07
Modified
2025-03-21 15:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
Out-of-bounds array write in Xpdf 4.05 and earlier, due to incorrect integer overflow checking in the PostScript function interpreter code.
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-2574", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-03-21T15:13:48.238926Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-03-21T15:13:55.504Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "all" ], "product": "Xpdf", "vendor": "Xpdf", "versions": [ { "lessThanOrEqual": "4.05", "status": "affected", "version": "Version", "versionType": "version" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Erik Viken" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Out-of-bounds array write in Xpdf 4.05 and earlier, due to incorrect integer overflow checking in the PostScript function interpreter code." } ], "value": "Out-of-bounds array write in Xpdf 4.05 and earlier, due to incorrect integer overflow checking in the PostScript function interpreter code." } ], "metrics": [ { "cvssV4_0": { "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 2.1, "baseSeverity": "LOW", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-03-20T21:09:36.707Z", "orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "shortName": "GandC" }, "references": [ { "url": "https://www.xpdfreader.com/security-bug/CVE-2025-2574.html" } ], "source": { "discovery": "UNKNOWN" }, "title": "Out-of-bounds array write in Xpdf 4.05 due to incorrect integer overflow checking", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "assignerShortName": "GandC", "cveId": "CVE-2025-2574", "datePublished": "2025-03-20T21:07:46.499Z", "dateReserved": "2025-03-20T20:58:33.490Z", "dateUpdated": "2025-03-21T15:13:55.504Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2007-4352 (GCVE-0-2007-4352)
Vulnerability from cvelistv5
Published
2007-11-08 02:00
Modified
2024-08-07 14:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T14:53:55.890Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SA:2007:060", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2007_60_pdf.html" }, { "name": "27632", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27632" }, { "name": "27743", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27743" }, { "name": "MDKSA-2007:222", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:222" }, { "name": "ADV-2007-3774", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/3774" }, { "name": "27260", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27260" }, { "name": "27856", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27856" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html" }, { "name": "27636", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27636" }, { "name": "29604", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/29604" }, { "name": "MDKSA-2007:223", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:223" }, { "name": "27721", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27721" }, { "name": "27724", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27724" }, { "name": "ADV-2007-3776", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/3776" }, { "name": "FEDORA-2007-3059", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html" }, { "name": "27577", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27577" }, { "name": "29104", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/29104" }, { "name": "FEDORA-2007-3031", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html" }, { "name": "xpdf-dctstreamread-memory-corruption(38306)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38306" }, { "name": "27618", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27618" }, { "name": "27642", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27642" }, { "name": "FEDORA-2007-4031", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html" }, { "name": "27656", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27656" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://secunia.com/secunia_research/2007-88/advisory/" }, { "name": "FEDORA-2007-3100", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html" }, { "name": "RHSA-2007:1026", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1026.html" }, { "name": "DSA-1509", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2008/dsa-1509" }, { "name": "RHSA-2007:1022", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html" }, { "name": "27573", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27573" }, { "name": "RHSA-2007:1029", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1029.html" }, { "name": "27641", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27641" }, { "name": "GLSA-200805-13", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml" }, { "name": "28812", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28812" }, { "name": "DSA-1537", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2008/dsa-1537" }, { "name": "FEDORA-2007-750", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html" }, { "name": "SSA:2007-316-01", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.761882" }, { "name": "26367", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/26367" }, { "name": "27615", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27615" }, { "name": "RHSA-2007:1021", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1021.html" }, { "name": "ADV-2007-3786", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/3786" }, { "name": "27645", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27645" }, { "name": "20071107 Secunia Research: Xpdf \"Stream.cc\" Multiple Vulnerabilities", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/483372" }, { "name": "30168", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/30168" }, { "name": "27574", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27574" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-1926" }, { "name": "26503", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/26503" }, { "name": "MDKSA-2007:219", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:219" }, { "name": "DSA-1480", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2008/dsa-1480" }, { "name": "GLSA-200711-22", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200711-22.xml" }, { "name": "27634", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27634" }, { "name": "MDKSA-2007:227", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:227" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.kde.org/info/security/advisory-20071107-1.txt" }, { "name": "28043", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28043" }, { "name": "27619", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27619" }, { "name": "MDKSA-2007:220", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:220" }, { "name": "27705", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27705" }, { "name": "27578", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27578" }, { "name": "27640", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27640" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html" }, { "name": "GLSA-200711-34", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml" }, { "name": "27599", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27599" }, { "name": "27575", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27575" }, { "name": "1018905", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id?1018905" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html" }, { "name": "oval:org.mitre.oval:def:9979", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9979" }, { "name": "FEDORA-2007-3390", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html" }, { "name": "MDKSA-2007:228", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:228" }, { "name": "ADV-2007-3775", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/3775" }, { "name": "RHSA-2007:1027", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html" }, { "name": "RHSA-2007:1030", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html" }, { "name": "USN-542-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-542-1" }, { "name": "27658", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27658" }, { "name": "RHSA-2007:1024", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1024.html" }, { "name": "MDKSA-2007:230", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230" }, { "name": "USN-542-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-542-2" }, { "name": "RHSA-2007:1025", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1025.html" }, { "name": "ADV-2007-3779", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/3779" }, { "name": "MDKSA-2007:221", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:221" }, { "name": "27553", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27553" }, { "name": "27637", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27637" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2007-11-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-28T12:57:01", "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab", "shortName": "flexera" }, "references": [ { "name": "SUSE-SA:2007:060", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2007_60_pdf.html" }, { "name": "27632", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27632" }, { "name": "27743", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27743" }, { "name": "MDKSA-2007:222", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:222" }, { "name": "ADV-2007-3774", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/3774" }, { "name": "27260", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27260" }, { "name": "27856", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27856" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html" }, { "name": "27636", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27636" }, { "name": "29604", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/29604" }, { "name": "MDKSA-2007:223", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:223" }, { "name": "27721", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27721" }, { "name": "27724", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27724" }, { "name": "ADV-2007-3776", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/3776" }, { "name": "FEDORA-2007-3059", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html" }, { "name": "27577", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27577" }, { "name": "29104", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/29104" }, { "name": "FEDORA-2007-3031", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html" }, { "name": "xpdf-dctstreamread-memory-corruption(38306)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38306" }, { "name": "27618", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27618" }, { "name": "27642", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27642" }, { "name": "FEDORA-2007-4031", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html" }, { "name": "27656", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27656" }, { "tags": [ "x_refsource_MISC" ], "url": "http://secunia.com/secunia_research/2007-88/advisory/" }, { "name": "FEDORA-2007-3100", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html" }, { "name": "RHSA-2007:1026", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1026.html" }, { "name": "DSA-1509", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2008/dsa-1509" }, { "name": "RHSA-2007:1022", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html" }, { "name": "27573", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27573" }, { "name": "RHSA-2007:1029", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1029.html" }, { "name": "27641", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27641" }, { "name": "GLSA-200805-13", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml" }, { "name": "28812", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28812" }, { "name": "DSA-1537", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2008/dsa-1537" }, { "name": "FEDORA-2007-750", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html" }, { "name": "SSA:2007-316-01", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.761882" }, { "name": "26367", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/26367" }, { "name": "27615", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27615" }, { "name": "RHSA-2007:1021", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1021.html" }, { "name": "ADV-2007-3786", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/3786" }, { "name": "27645", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27645" }, { "name": "20071107 Secunia Research: Xpdf \"Stream.cc\" Multiple Vulnerabilities", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/483372" }, { "name": "30168", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/30168" }, { "name": "27574", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27574" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-1926" }, { "name": "26503", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/26503" }, { "name": "MDKSA-2007:219", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:219" }, { "name": "DSA-1480", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2008/dsa-1480" }, { "name": "GLSA-200711-22", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200711-22.xml" }, { "name": "27634", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27634" }, { "name": "MDKSA-2007:227", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:227" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.kde.org/info/security/advisory-20071107-1.txt" }, { "name": "28043", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28043" }, { "name": "27619", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27619" }, { "name": "MDKSA-2007:220", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:220" }, { "name": "27705", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27705" }, { "name": "27578", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27578" }, { "name": "27640", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27640" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html" }, { "name": "GLSA-200711-34", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml" }, { "name": "27599", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27599" }, { "name": "27575", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27575" }, { "name": "1018905", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id?1018905" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html" }, { "name": "oval:org.mitre.oval:def:9979", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9979" }, { "name": "FEDORA-2007-3390", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html" }, { "name": "MDKSA-2007:228", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:228" }, { "name": "ADV-2007-3775", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/3775" }, { "name": "RHSA-2007:1027", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html" }, { "name": "RHSA-2007:1030", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html" }, { "name": "USN-542-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-542-1" }, { "name": "27658", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27658" }, { "name": "RHSA-2007:1024", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1024.html" }, { "name": "MDKSA-2007:230", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230" }, { "name": "USN-542-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-542-2" }, { "name": "RHSA-2007:1025", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1025.html" }, { "name": "ADV-2007-3779", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/3779" }, { "name": "MDKSA-2007:221", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:221" }, { "name": "27553", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27553" }, { "name": "27637", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27637" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "PSIRT-CNA@flexerasoftware.com", "ID": "CVE-2007-4352", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SA:2007:060", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2007_60_pdf.html" }, { "name": "27632", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27632" }, { "name": "27743", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27743" }, { "name": "MDKSA-2007:222", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:222" }, { "name": "ADV-2007-3774", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3774" }, { "name": "27260", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27260" }, { "name": "27856", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27856" }, { "name": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html", "refsource": "CONFIRM", "url": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html" }, { "name": "27636", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27636" }, { "name": "29604", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29604" }, { "name": "MDKSA-2007:223", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:223" }, { "name": "27721", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27721" }, { "name": "27724", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27724" }, { "name": "ADV-2007-3776", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3776" }, { "name": "FEDORA-2007-3059", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html" }, { "name": "27577", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27577" }, { "name": "29104", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29104" }, { "name": "FEDORA-2007-3031", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html" }, { "name": "xpdf-dctstreamread-memory-corruption(38306)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38306" }, { "name": "27618", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27618" }, { "name": "27642", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27642" }, { "name": "FEDORA-2007-4031", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html" }, { "name": "27656", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27656" }, { "name": "http://secunia.com/secunia_research/2007-88/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-88/advisory/" }, { "name": "FEDORA-2007-3100", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html" }, { "name": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html", "refsource": "CONFIRM", "url": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html" }, { "name": "RHSA-2007:1026", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-1026.html" }, { "name": "DSA-1509", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1509" }, { "name": "RHSA-2007:1022", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html" }, { "name": "27573", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27573" }, { "name": "RHSA-2007:1029", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-1029.html" }, { "name": "27641", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27641" }, { "name": "GLSA-200805-13", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml" }, { "name": "28812", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28812" }, { "name": "DSA-1537", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1537" }, { "name": "FEDORA-2007-750", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html" }, { "name": "SSA:2007-316-01", "refsource": "SLACKWARE", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.761882" }, { "name": "26367", "refsource": "BID", "url": "http://www.securityfocus.com/bid/26367" }, { "name": "27615", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27615" }, { "name": "RHSA-2007:1021", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-1021.html" }, { "name": "ADV-2007-3786", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3786" }, { "name": "27645", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27645" }, { "name": "20071107 Secunia Research: Xpdf \"Stream.cc\" Multiple Vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/483372" }, { "name": "30168", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30168" }, { "name": "27574", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27574" }, { "name": "https://issues.rpath.com/browse/RPL-1926", "refsource": "CONFIRM", "url": "https://issues.rpath.com/browse/RPL-1926" }, { "name": "26503", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26503" }, { "name": "MDKSA-2007:219", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:219" }, { "name": "DSA-1480", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1480" }, { "name": "GLSA-200711-22", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200711-22.xml" }, { "name": "27634", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27634" }, { "name": "MDKSA-2007:227", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:227" }, { "name": "http://www.kde.org/info/security/advisory-20071107-1.txt", "refsource": "CONFIRM", "url": "http://www.kde.org/info/security/advisory-20071107-1.txt" }, { "name": "28043", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28043" }, { "name": "27619", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27619" }, { "name": "MDKSA-2007:220", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:220" }, { "name": "27705", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27705" }, { "name": "27578", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27578" }, { "name": "27640", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27640" }, { "name": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html", "refsource": "CONFIRM", "url": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html" }, { "name": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html", "refsource": "CONFIRM", "url": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html" }, { "name": "GLSA-200711-34", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml" }, { "name": "27599", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27599" }, { "name": "27575", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27575" }, { "name": "1018905", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1018905" }, { "name": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html", "refsource": "CONFIRM", "url": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html" }, { "name": "oval:org.mitre.oval:def:9979", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9979" }, { "name": "FEDORA-2007-3390", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html" }, { "name": "MDKSA-2007:228", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:228" }, { "name": "ADV-2007-3775", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3775" }, { "name": "RHSA-2007:1027", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html" }, { "name": "RHSA-2007:1030", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html" }, { "name": "USN-542-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-542-1" }, { "name": "27658", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27658" }, { "name": "RHSA-2007:1024", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-1024.html" }, { "name": "MDKSA-2007:230", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230" }, { "name": "USN-542-2", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-542-2" }, { "name": "RHSA-2007:1025", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-1025.html" }, { "name": "ADV-2007-3779", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3779" }, { "name": "MDKSA-2007:221", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:221" }, { "name": "27553", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27553" }, { "name": "27637", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27637" } ] } } } }, "cveMetadata": { "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab", "assignerShortName": "flexera", "cveId": "CVE-2007-4352", "datePublished": "2007-11-08T02:00:00", "dateReserved": "2007-08-14T00:00:00", "dateUpdated": "2024-08-07T14:53:55.890Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2023-3044 (GCVE-0-2023-3044)
Vulnerability from cvelistv5
Published
2023-06-02 22:32
Modified
2025-01-08 17:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-369 - Divide By Zero
Summary
An excessively large PDF page size (found in fuzz testing, unlikely in normal PDF files) can result in a divide-by-zero in Xpdf's text extraction code.
This is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T06:41:04.131Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.xpdfreader.com/security-bug/CVE-2023-3044.html" }, { "tags": [ "x_transferred" ], "url": "https://github.com/baker221/poc-xpdf" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-3044", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-01-08T17:53:02.399834Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-01-08T17:53:11.882Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "all" ], "product": "Xpdf", "vendor": "Xpdf", "versions": [ { "status": "affected", "version": "4.04" } ] } ], "credits": [ { "lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Junlin Liu of Peking Univ." } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cdiv\u003eAn excessively large PDF page size (found in fuzz testing, unlikely in normal PDF files) can result in a divide-by-zero in Xpdf\u0027s text extraction code.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eThis is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate.\u003cbr\u003e\u003c/div\u003e" } ], "value": "An excessively large PDF page size (found in fuzz testing, unlikely in normal PDF files) can result in a divide-by-zero in Xpdf\u0027s text extraction code.\n\n\n\n\nThis is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate.\n\n\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-369", "description": "CWE-369 Divide By Zero", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-02T22:32:31.677Z", "orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "shortName": "GandC" }, "references": [ { "url": "https://www.xpdfreader.com/security-bug/CVE-2023-3044.html" }, { "url": "https://github.com/baker221/poc-xpdf" } ], "source": { "discovery": "UNKNOWN" }, "title": "Divide-by-zero in Xpdf 4.04 due to very large page size", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "assignerShortName": "GandC", "cveId": "CVE-2023-3044", "datePublished": "2023-06-02T22:32:31.677Z", "dateReserved": "2023-06-01T22:02:19.916Z", "dateUpdated": "2025-01-08T17:53:11.882Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-1125 (GCVE-0-2004-1125)
Vulnerability from cvelistv5
Published
2004-12-22 05:00
Modified
2024-08-08 00:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:39:00.871Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2005:013", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-013.html" }, { "name": "17277", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17277" }, { "name": "RHSA-2005:066", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-066.html" }, { "name": "RHSA-2005:034", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html" }, { "name": "RHSA-2005:018", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-018.html" }, { "name": "FLSA:2352", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2352" }, { "name": "FLSA:2353", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353" }, { "name": "1012646", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1012646" }, { "name": "12070", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/12070" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.kde.org/info/security/advisory-20041223-1.txt" }, { "name": "xpdf-gfx-doimage-bo(18641)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18641" }, { "name": "GLSA-200501-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-17.xml" }, { "name": "RHSA-2005:026", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-026.html" }, { "name": "RHSA-2005:053", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html" }, { "name": "USN-50-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/50-1/" }, { "name": "GLSA-200501-13", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-13.xml" }, { "name": "20041228 KDE Security Advisory: kpdf Buffer Overflow Vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?t=110378596500001\u0026r=1\u0026w=2" }, { "name": "GLSA-200412-25", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml" }, { "name": "20041223 [USN-48-1] xpdf, tetex-bin vulnerabilities", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030241.html" }, { "name": "SUSE-SR:2005:001", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html" }, { "name": "RHSA-2005:354", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-354.html" }, { "name": "20041221 Multiple Vendor xpdf PDF Viewer Buffer Overflow Vulnerability", "tags": [ "third-party-advisory", "x_refsource_IDEFENSE", "x_transferred" ], "url": "http://www.idefense.com/application/poi/display?id=172\u0026type=vulnerabilities" }, { "name": "oval:org.mitre.oval:def:10830", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10830" }, { "name": "SCOSA-2005.42", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch" }, { "name": "CLA-2005:921", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000921" }, { "name": "RHSA-2005:057", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-12-21T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-03T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2005:013", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-013.html" }, { "name": "17277", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17277" }, { "name": "RHSA-2005:066", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-066.html" }, { "name": "RHSA-2005:034", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html" }, { "name": "RHSA-2005:018", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-018.html" }, { "name": "FLSA:2352", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2352" }, { "name": "FLSA:2353", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353" }, { "name": "1012646", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1012646" }, { "name": "12070", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/12070" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.kde.org/info/security/advisory-20041223-1.txt" }, { "name": "xpdf-gfx-doimage-bo(18641)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18641" }, { "name": "GLSA-200501-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-17.xml" }, { "name": "RHSA-2005:026", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-026.html" }, { "name": "RHSA-2005:053", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html" }, { "name": "USN-50-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/50-1/" }, { "name": "GLSA-200501-13", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-13.xml" }, { "name": "20041228 KDE Security Advisory: kpdf Buffer Overflow Vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?t=110378596500001\u0026r=1\u0026w=2" }, { "name": "GLSA-200412-25", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml" }, { "name": "20041223 [USN-48-1] xpdf, tetex-bin vulnerabilities", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030241.html" }, { "name": "SUSE-SR:2005:001", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html" }, { "name": "RHSA-2005:354", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-354.html" }, { "name": "20041221 Multiple Vendor xpdf PDF Viewer Buffer Overflow Vulnerability", "tags": [ "third-party-advisory", "x_refsource_IDEFENSE" ], "url": "http://www.idefense.com/application/poi/display?id=172\u0026type=vulnerabilities" }, { "name": "oval:org.mitre.oval:def:10830", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10830" }, { "name": "SCOSA-2005.42", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch" }, { "name": "CLA-2005:921", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000921" }, { "name": "RHSA-2005:057", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-1125", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2005:013", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-013.html" }, { "name": "17277", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17277" }, { "name": "RHSA-2005:066", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-066.html" }, { "name": "RHSA-2005:034", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html" }, { "name": "RHSA-2005:018", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-018.html" }, { "name": "FLSA:2352", "refsource": "FEDORA", "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2352" }, { "name": "FLSA:2353", "refsource": "FEDORA", "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353" }, { "name": "1012646", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1012646" }, { "name": "12070", "refsource": "BID", "url": "http://www.securityfocus.com/bid/12070" }, { "name": "http://www.kde.org/info/security/advisory-20041223-1.txt", "refsource": "CONFIRM", "url": "http://www.kde.org/info/security/advisory-20041223-1.txt" }, { "name": "xpdf-gfx-doimage-bo(18641)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18641" }, { "name": "GLSA-200501-17", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-17.xml" }, { "name": "RHSA-2005:026", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-026.html" }, { "name": "RHSA-2005:053", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html" }, { "name": "USN-50-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/50-1/" }, { "name": "GLSA-200501-13", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-13.xml" }, { "name": "20041228 KDE Security Advisory: kpdf Buffer Overflow Vulnerability", "refsource": "BUGTRAQ", "url": "http://marc.info/?t=110378596500001\u0026r=1\u0026w=2" }, { "name": "GLSA-200412-25", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml" }, { "name": "20041223 [USN-48-1] xpdf, tetex-bin vulnerabilities", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030241.html" }, { "name": "SUSE-SR:2005:001", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html" }, { "name": "RHSA-2005:354", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-354.html" }, { "name": "20041221 Multiple Vendor xpdf PDF Viewer Buffer Overflow Vulnerability", "refsource": "IDEFENSE", "url": "http://www.idefense.com/application/poi/display?id=172\u0026type=vulnerabilities" }, { "name": "oval:org.mitre.oval:def:10830", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10830" }, { "name": "SCOSA-2005.42", "refsource": "SCO", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt" }, { "name": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch", "refsource": "CONFIRM", "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch" }, { "name": "CLA-2005:921", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000921" }, { "name": "RHSA-2005:057", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-1125", "datePublished": "2004-12-22T05:00:00", "dateReserved": "2004-12-02T00:00:00", "dateUpdated": "2024-08-08T00:39:00.871Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2002-1384 (GCVE-0-2002-1384)
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T03:19:28.818Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "DSA-232", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2003/dsa-232" }, { "name": "RHSA-2002:295", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-295.html" }, { "name": "MDKSA-2003:002", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:002" }, { "name": "SUSE-SA:2003:002", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2003_002_cups.html" }, { "name": "6475", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/6475" }, { "name": "MDKSA-2003:001", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001" }, { "name": "GLSA-200301-1", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=104152282309980\u0026w=2" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.idefense.com/advisory/12.23.02.txt" }, { "name": "RHSA-2002:307", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-307.html" }, { "name": "pdftops-integer-overflow(10937)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10937" }, { "name": "RHSA-2003:216", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-216.html" }, { "name": "DSA-226", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2003/dsa-226" }, { "name": "RHSA-2003:037", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-037.html" }, { "name": "DSA-222", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2003/dsa-222" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2002-12-23T00:00:00", "descriptions": [ { "lang": "en", "value": "Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2007-12-20T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "DSA-232", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2003/dsa-232" }, { "name": "RHSA-2002:295", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-295.html" }, { "name": "MDKSA-2003:002", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:002" }, { "name": "SUSE-SA:2003:002", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2003_002_cups.html" }, { "name": "6475", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/6475" }, { "name": "MDKSA-2003:001", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001" }, { "name": "GLSA-200301-1", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://marc.info/?l=bugtraq\u0026m=104152282309980\u0026w=2" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.idefense.com/advisory/12.23.02.txt" }, { "name": "RHSA-2002:307", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-307.html" }, { "name": "pdftops-integer-overflow(10937)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10937" }, { "name": "RHSA-2003:216", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-216.html" }, { "name": "DSA-226", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2003/dsa-226" }, { "name": "RHSA-2003:037", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-037.html" }, { "name": "DSA-222", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2003/dsa-222" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-1384", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "DSA-232", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2003/dsa-232" }, { "name": "RHSA-2002:295", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2002-295.html" }, { "name": "MDKSA-2003:002", "refsource": "MANDRAKE", "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:002" }, { "name": "SUSE-SA:2003:002", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2003_002_cups.html" }, { "name": "6475", "refsource": "BID", "url": "http://www.securityfocus.com/bid/6475" }, { "name": "MDKSA-2003:001", "refsource": "MANDRAKE", "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001" }, { "name": "GLSA-200301-1", "refsource": "GENTOO", "url": "http://marc.info/?l=bugtraq\u0026m=104152282309980\u0026w=2" }, { "name": "http://www.idefense.com/advisory/12.23.02.txt", "refsource": "MISC", "url": "http://www.idefense.com/advisory/12.23.02.txt" }, { "name": "RHSA-2002:307", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2002-307.html" }, { "name": "pdftops-integer-overflow(10937)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10937" }, { "name": "RHSA-2003:216", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-216.html" }, { "name": "DSA-226", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2003/dsa-226" }, { "name": "RHSA-2003:037", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-037.html" }, { "name": "DSA-222", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2003/dsa-222" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-1384", "datePublished": "2004-09-01T04:00:00", "dateReserved": "2002-12-18T00:00:00", "dateUpdated": "2024-08-08T03:19:28.818Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2007-5392 (GCVE-0-2007-5392)
Vulnerability from cvelistv5
Published
2007-11-08 02:00
Modified
2024-08-07 15:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T15:31:58.169Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SA:2007:060", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2007_60_pdf.html" }, { "name": "27632", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27632" }, { "name": "27743", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27743" }, { "name": "MDKSA-2007:222", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:222" }, { "name": "ADV-2007-3774", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/3774" }, { "name": "27260", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27260" }, { "name": "27856", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27856" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html" }, { "name": "27636", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27636" }, { "name": "29604", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/29604" }, { "name": "MDKSA-2007:223", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:223" }, { "name": "27721", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27721" }, { "name": "27724", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27724" }, { "name": "ADV-2007-3776", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/3776" }, { "name": "FEDORA-2007-3059", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html" }, { "name": "27577", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27577" }, { "name": "29104", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/29104" }, { "name": "FEDORA-2007-3031", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html" }, { "name": "27618", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27618" }, { "name": "27642", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27642" }, { "name": "FEDORA-2007-4031", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html" }, { "name": "27656", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27656" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://secunia.com/secunia_research/2007-88/advisory/" }, { "name": "FEDORA-2007-3100", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html" }, { "name": "RHSA-2007:1026", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1026.html" }, { "name": "DSA-1509", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2008/dsa-1509" }, { "name": "RHSA-2007:1022", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html" }, { "name": "27573", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27573" }, { "name": "RHSA-2007:1029", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1029.html" }, { "name": "27641", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27641" }, { "name": "GLSA-200805-13", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml" }, { "name": "28812", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28812" }, { "name": "DSA-1537", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2008/dsa-1537" }, { "name": "FEDORA-2007-750", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html" }, { "name": "SSA:2007-316-01", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.761882" }, { "name": "26367", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/26367" }, { "name": "27615", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27615" }, { "name": "RHSA-2007:1021", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1021.html" }, { "name": "ADV-2007-3786", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/3786" }, { "name": "27645", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27645" }, { "name": "20071107 Secunia Research: Xpdf \"Stream.cc\" Multiple Vulnerabilities", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/483372" }, { "name": "30168", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/30168" }, { "name": "27574", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27574" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-1926" }, { "name": "26503", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/26503" }, { "name": "MDKSA-2007:219", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:219" }, { "name": "DSA-1480", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2008/dsa-1480" }, { "name": "GLSA-200711-22", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200711-22.xml" }, { "name": "27634", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27634" }, { "name": "MDKSA-2007:227", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:227" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.kde.org/info/security/advisory-20071107-1.txt" }, { "name": "28043", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28043" }, { "name": "oval:org.mitre.oval:def:10036", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10036" }, { "name": "27619", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27619" }, { "name": "xpdf-dctstreamreset-bo(38303)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38303" }, { "name": "MDKSA-2007:220", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:220" }, { "name": "27705", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27705" }, { "name": "27578", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27578" }, { "name": "27640", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27640" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html" }, { "name": "GLSA-200711-34", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml" }, { "name": "27599", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27599" }, { "name": "27575", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27575" }, { "name": "1018905", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id?1018905" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html" }, { "name": "FEDORA-2007-3390", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html" }, { "name": "MDKSA-2007:228", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:228" }, { "name": "ADV-2007-3775", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/3775" }, { "name": "RHSA-2007:1027", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html" }, { "name": "RHSA-2007:1030", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html" }, { "name": "USN-542-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-542-1" }, { "name": "27658", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27658" }, { "name": "RHSA-2007:1024", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1024.html" }, { "name": "MDKSA-2007:230", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230" }, { "name": "USN-542-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-542-2" }, { "name": "RHSA-2007:1025", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1025.html" }, { "name": "ADV-2007-3779", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/3779" }, { "name": "MDKSA-2007:221", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:221" }, { "name": "27553", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27553" }, { "name": "27637", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27637" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2007-11-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-28T12:57:01", "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab", "shortName": "flexera" }, "references": [ { "name": "SUSE-SA:2007:060", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2007_60_pdf.html" }, { "name": "27632", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27632" }, { "name": "27743", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27743" }, { "name": "MDKSA-2007:222", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:222" }, { "name": "ADV-2007-3774", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/3774" }, { "name": "27260", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27260" }, { "name": "27856", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27856" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html" }, { "name": "27636", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27636" }, { "name": "29604", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/29604" }, { "name": "MDKSA-2007:223", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:223" }, { "name": "27721", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27721" }, { "name": "27724", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27724" }, { "name": "ADV-2007-3776", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/3776" }, { "name": "FEDORA-2007-3059", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html" }, { "name": "27577", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27577" }, { "name": "29104", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/29104" }, { "name": "FEDORA-2007-3031", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html" }, { "name": "27618", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27618" }, { "name": "27642", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27642" }, { "name": "FEDORA-2007-4031", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html" }, { "name": "27656", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27656" }, { "tags": [ "x_refsource_MISC" ], "url": "http://secunia.com/secunia_research/2007-88/advisory/" }, { "name": "FEDORA-2007-3100", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html" }, { "name": "RHSA-2007:1026", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1026.html" }, { "name": "DSA-1509", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2008/dsa-1509" }, { "name": "RHSA-2007:1022", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html" }, { "name": "27573", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27573" }, { "name": "RHSA-2007:1029", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1029.html" }, { "name": "27641", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27641" }, { "name": "GLSA-200805-13", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml" }, { "name": "28812", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28812" }, { "name": "DSA-1537", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2008/dsa-1537" }, { "name": "FEDORA-2007-750", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html" }, { "name": "SSA:2007-316-01", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.761882" }, { "name": "26367", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/26367" }, { "name": "27615", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27615" }, { "name": "RHSA-2007:1021", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1021.html" }, { "name": "ADV-2007-3786", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/3786" }, { "name": "27645", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27645" }, { "name": "20071107 Secunia Research: Xpdf \"Stream.cc\" Multiple Vulnerabilities", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/483372" }, { "name": "30168", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/30168" }, { "name": "27574", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27574" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-1926" }, { "name": "26503", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/26503" }, { "name": "MDKSA-2007:219", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:219" }, { "name": "DSA-1480", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2008/dsa-1480" }, { "name": "GLSA-200711-22", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200711-22.xml" }, { "name": "27634", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27634" }, { "name": "MDKSA-2007:227", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:227" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.kde.org/info/security/advisory-20071107-1.txt" }, { "name": "28043", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28043" }, { "name": "oval:org.mitre.oval:def:10036", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10036" }, { "name": "27619", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27619" }, { "name": "xpdf-dctstreamreset-bo(38303)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38303" }, { "name": "MDKSA-2007:220", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:220" }, { "name": "27705", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27705" }, { "name": "27578", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27578" }, { "name": "27640", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27640" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html" }, { "name": "GLSA-200711-34", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml" }, { "name": "27599", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27599" }, { "name": "27575", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27575" }, { "name": "1018905", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id?1018905" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html" }, { "name": "FEDORA-2007-3390", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html" }, { "name": "MDKSA-2007:228", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:228" }, { "name": "ADV-2007-3775", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/3775" }, { "name": "RHSA-2007:1027", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html" }, { "name": "RHSA-2007:1030", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html" }, { "name": "USN-542-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-542-1" }, { "name": "27658", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27658" }, { "name": "RHSA-2007:1024", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1024.html" }, { "name": "MDKSA-2007:230", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230" }, { "name": "USN-542-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-542-2" }, { "name": "RHSA-2007:1025", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1025.html" }, { "name": "ADV-2007-3779", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/3779" }, { "name": "MDKSA-2007:221", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:221" }, { "name": "27553", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27553" }, { "name": "27637", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27637" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "PSIRT-CNA@flexerasoftware.com", "ID": "CVE-2007-5392", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SA:2007:060", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2007_60_pdf.html" }, { "name": "27632", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27632" }, { "name": "27743", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27743" }, { "name": "MDKSA-2007:222", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:222" }, { "name": "ADV-2007-3774", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3774" }, { "name": "27260", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27260" }, { "name": "27856", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27856" }, { "name": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html", "refsource": "CONFIRM", "url": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html" }, { "name": "27636", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27636" }, { "name": "29604", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29604" }, { "name": "MDKSA-2007:223", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:223" }, { "name": "27721", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27721" }, { "name": "27724", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27724" }, { "name": "ADV-2007-3776", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3776" }, { "name": "FEDORA-2007-3059", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html" }, { "name": "27577", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27577" }, { "name": "29104", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29104" }, { "name": "FEDORA-2007-3031", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html" }, { "name": "27618", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27618" }, { "name": "27642", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27642" }, { "name": "FEDORA-2007-4031", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html" }, { "name": "27656", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27656" }, { "name": "http://secunia.com/secunia_research/2007-88/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-88/advisory/" }, { "name": "FEDORA-2007-3100", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html" }, { "name": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html", "refsource": "CONFIRM", "url": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html" }, { "name": "RHSA-2007:1026", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-1026.html" }, { "name": "DSA-1509", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1509" }, { "name": "RHSA-2007:1022", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html" }, { "name": "27573", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27573" }, { "name": "RHSA-2007:1029", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-1029.html" }, { "name": "27641", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27641" }, { "name": "GLSA-200805-13", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml" }, { "name": "28812", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28812" }, { "name": "DSA-1537", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1537" }, { "name": "FEDORA-2007-750", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html" }, { "name": "SSA:2007-316-01", "refsource": "SLACKWARE", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.761882" }, { "name": "26367", "refsource": "BID", "url": "http://www.securityfocus.com/bid/26367" }, { "name": "27615", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27615" }, { "name": "RHSA-2007:1021", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-1021.html" }, { "name": "ADV-2007-3786", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3786" }, { "name": "27645", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27645" }, { "name": "20071107 Secunia Research: Xpdf \"Stream.cc\" Multiple Vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/483372" }, { "name": "30168", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30168" }, { "name": "27574", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27574" }, { "name": "https://issues.rpath.com/browse/RPL-1926", "refsource": "CONFIRM", "url": "https://issues.rpath.com/browse/RPL-1926" }, { "name": "26503", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26503" }, { "name": "MDKSA-2007:219", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:219" }, { "name": "DSA-1480", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1480" }, { "name": "GLSA-200711-22", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200711-22.xml" }, { "name": "27634", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27634" }, { "name": "MDKSA-2007:227", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:227" }, { "name": "http://www.kde.org/info/security/advisory-20071107-1.txt", "refsource": "CONFIRM", "url": "http://www.kde.org/info/security/advisory-20071107-1.txt" }, { "name": "28043", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28043" }, { "name": "oval:org.mitre.oval:def:10036", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10036" }, { "name": "27619", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27619" }, { "name": "xpdf-dctstreamreset-bo(38303)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38303" }, { "name": "MDKSA-2007:220", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:220" }, { "name": "27705", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27705" }, { "name": "27578", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27578" }, { "name": "27640", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27640" }, { "name": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html", "refsource": "CONFIRM", "url": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html" }, { "name": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html", "refsource": "CONFIRM", "url": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html" }, { "name": "GLSA-200711-34", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml" }, { "name": "27599", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27599" }, { "name": "27575", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27575" }, { "name": "1018905", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1018905" }, { "name": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html", "refsource": "CONFIRM", "url": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html" }, { "name": "FEDORA-2007-3390", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html" }, { "name": "MDKSA-2007:228", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:228" }, { "name": "ADV-2007-3775", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3775" }, { "name": "RHSA-2007:1027", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html" }, { "name": "RHSA-2007:1030", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html" }, { "name": "USN-542-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-542-1" }, { "name": "27658", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27658" }, { "name": "RHSA-2007:1024", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-1024.html" }, { "name": "MDKSA-2007:230", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230" }, { "name": "USN-542-2", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-542-2" }, { "name": "RHSA-2007:1025", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-1025.html" }, { "name": "ADV-2007-3779", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3779" }, { "name": "MDKSA-2007:221", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:221" }, { "name": "27553", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27553" }, { "name": "27637", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27637" } ] } } } }, "cveMetadata": { "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab", "assignerShortName": "flexera", "cveId": "CVE-2007-5392", "datePublished": "2007-11-08T02:00:00", "dateReserved": "2007-10-12T00:00:00", "dateUpdated": "2024-08-07T15:31:58.169Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-4976 (GCVE-0-2024-4976)
Vulnerability from cvelistv5
Published
2024-05-15 20:34
Modified
2024-08-01 20:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
Out-of-bounds array write in Xpdf 4.05 and earlier, due to missing object type check in AcroForm field reference.
References
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:xpdf:xpdf:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "xpdf", "vendor": "xpdf", "versions": [ { "lessThanOrEqual": "4.05", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-4976", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-16T18:50:15.005590Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-06T19:54:06.311Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T20:55:10.484Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.xpdfreader.com/security-bug/CVE-2024-4976.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "all" ], "product": "Xpdf", "vendor": "Xpdf", "versions": [ { "lessThanOrEqual": "4.05", "status": "affected", "version": "0", "versionType": "version" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Vladislav Shevchenko (HSE university, Moscow)" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Out-of-bounds array write in Xpdf 4.05 and earlier, due to missing object type check in AcroForm field reference.\u003cbr\u003e" } ], "value": "Out-of-bounds array write in Xpdf 4.05 and earlier, due to missing object type check in AcroForm field reference." } ], "metrics": [ { "cvssV4_0": { "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 2.1, "baseSeverity": "LOW", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-15T20:34:24.716Z", "orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "shortName": "GandC" }, "references": [ { "url": "https://www.xpdfreader.com/security-bug/CVE-2024-4976.html" } ], "source": { "discovery": "UNKNOWN" }, "title": "Out-of-bounds array write in Xpdf 4.05 due to missing object type check", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "assignerShortName": "GandC", "cveId": "CVE-2024-4976", "datePublished": "2024-05-15T20:34:24.716Z", "dateReserved": "2024-05-15T20:23:00.257Z", "dateUpdated": "2024-08-01T20:55:10.484Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2005-2097 (GCVE-0-2005-2097)
Vulnerability from cvelistv5
Published
2005-08-16 04:00
Modified
2024-08-07 22:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temporary file to be created when xpdf attempts to reconstruct the information.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T22:15:37.381Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2005:706", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-706.html" }, { "name": "17277", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17277" }, { "name": "RHSA-2005:671", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-671.html" }, { "name": "oval:org.mitre.oval:def:10280", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10280" }, { "name": "DSA-1136", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1136" }, { "name": "MDKSA-2005:138", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:138" }, { "name": "SUSE-SR:2005:019", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html" }, { "name": "102972", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "USN-163-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/163-1/" }, { "name": "ADV-2007-2280", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "RHSA-2005:670", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-670.html" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18407" }, { "name": "25729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/25729" }, { "name": "SCOSA-2005.42", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt" }, { "name": "DSA-780", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-780" }, { "name": "14529", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/14529" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "RHSA-2005:708", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-708.html" }, { "name": "21339", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21339" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2005-08-09T00:00:00", "descriptions": [ { "lang": "en", "value": "xpdf and kpdf do not properly validate the \"loca\" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a \"broken\" loca table, which causes a large temporary file to be created when xpdf attempts to reconstruct the information." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-19T14:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2005:706", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-706.html" }, { "name": "17277", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17277" }, { "name": "RHSA-2005:671", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-671.html" }, { "name": "oval:org.mitre.oval:def:10280", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10280" }, { "name": "DSA-1136", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1136" }, { "name": "MDKSA-2005:138", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:138" }, { "name": "SUSE-SR:2005:019", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html" }, { "name": "102972", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "USN-163-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/163-1/" }, { "name": "ADV-2007-2280", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "RHSA-2005:670", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-670.html" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18407" }, { "name": "25729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/25729" }, { "name": "SCOSA-2005.42", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt" }, { "name": "DSA-780", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-780" }, { "name": "14529", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/14529" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "RHSA-2005:708", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-708.html" }, { "name": "21339", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21339" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2005-2097", "datePublished": "2005-08-16T04:00:00", "dateReserved": "2005-06-30T00:00:00", "dateUpdated": "2024-08-07T22:15:37.381Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2005-3626 (GCVE-0-2005-3626)
Vulnerability from cvelistv5
Published
2006-01-06 22:00
Modified
2024-08-07 23:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T23:17:23.446Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "16143", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/16143" }, { "name": "DSA-932", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18349" }, { "name": "18147", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18147" }, { "name": "SCOSA-2006.15", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18679" }, { "name": "18312", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18312" }, { "name": "18644", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18644" }, { "name": "USN-236-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/236-1/" }, { "name": "18425", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18425" }, { "name": "18373", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18373" }, { "name": "oval:org.mitre.oval:def:9992", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992" }, { "name": "18303", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "name": "19230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "MDKSA-2006:012", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "name": "DSA-962", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "name": "RHSA-2006:0163", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "name": "DSA-937", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-937" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "2006-0002", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred" ], "url": "http://www.trustix.org/errata/2006/0002/" }, { "name": "SUSE-SA:2006:001", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "FEDORA-2005-026", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "name": "18329", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18329" }, { "name": "18463", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18463" }, { "name": "18642", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18642" }, { "name": "18674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18313" }, { "name": "20051201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18448" }, { "name": "18436", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18436" }, { "name": "18428", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18428" }, { "name": "xpdf-flatedecode-dos(24026)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026" }, { "name": "18380", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18380" }, { "name": "18423", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18423" }, { "name": "18416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18416" }, { "name": "RHSA-2006:0177", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "name": "ADV-2007-2280", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "GLSA-200601-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "18335", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18335" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18407" }, { "name": "18332", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18332" }, { "name": "18517", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18582" }, { "name": "18534", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18534" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18908" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "name": "25729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/25729" }, { "name": "18414", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18414" }, { "name": "MDKSA-2006:006", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "18338", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18338" }, { "name": "MDKSA-2006:008", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "20060201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "MDKSA-2006:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "DSA-940", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-940" }, { "name": "MDKSA-2006:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "ADV-2006-0047", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "name": "GLSA-200601-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "name": "18389", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18389" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19377" }, { "name": "FEDORA-2005-025", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "18675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18675" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18913" }, { "name": "DSA-938", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-938" }, { "name": "18334", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18334" }, { "name": "18375", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18375" }, { "name": "DSA-950", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "18387", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18387" }, { "name": "MDKSA-2006:011", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18385" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-01-06T00:00:00", "descriptions": [ { "lang": "en", "value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-19T14:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "16143", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/16143" }, { "name": "DSA-932", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18349" }, { "name": "18147", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18147" }, { "name": "SCOSA-2006.15", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "tags": [ "x_refsource_MISC" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18679" }, { "name": "18312", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18312" }, { "name": "18644", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18644" }, { "name": "USN-236-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/236-1/" }, { "name": "18425", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18425" }, { "name": "18373", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18373" }, { "name": "oval:org.mitre.oval:def:9992", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992" }, { "name": "18303", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "name": "19230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "MDKSA-2006:012", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "name": "DSA-962", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "name": "RHSA-2006:0163", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "name": "DSA-937", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-937" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "2006-0002", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX" ], "url": "http://www.trustix.org/errata/2006/0002/" }, { "name": "SUSE-SA:2006:001", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "FEDORA-2005-026", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "name": "18329", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18329" }, { "name": "18463", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18463" }, { "name": "18642", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18642" }, { "name": "18674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18313" }, { "name": "20051201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18448" }, { "name": "18436", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18436" }, { "name": "18428", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18428" }, { "name": "xpdf-flatedecode-dos(24026)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026" }, { "name": "18380", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18380" }, { "name": "18423", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18423" }, { "name": "18416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18416" }, { "name": "RHSA-2006:0177", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "name": "ADV-2007-2280", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "GLSA-200601-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "18335", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18335" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18407" }, { "name": "18332", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18332" }, { "name": "18517", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18582" }, { "name": "18534", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18534" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18908" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "name": "25729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/25729" }, { "name": "18414", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18414" }, { "name": "MDKSA-2006:006", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "18338", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18338" }, { "name": "MDKSA-2006:008", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "20060201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "MDKSA-2006:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "DSA-940", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-940" }, { "name": "MDKSA-2006:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "ADV-2006-0047", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "name": "GLSA-200601-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "name": "18389", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18389" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19377" }, { "name": "FEDORA-2005-025", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "18675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18675" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18913" }, { "name": "DSA-938", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-938" }, { "name": "18334", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18334" }, { "name": "18375", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18375" }, { "name": "DSA-950", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "18387", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18387" }, { "name": "MDKSA-2006:011", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18385" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2005-3626", "datePublished": "2006-01-06T22:00:00", "dateReserved": "2005-11-16T00:00:00", "dateUpdated": "2024-08-07T23:17:23.446Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0888 (GCVE-0-2004-0888)
Vulnerability from cvelistv5
Published
2004-10-26 04:00
Modified
2024-08-08 00:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:31:47.615Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2004:592", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-592.html" }, { "name": "11501", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/11501" }, { "name": "RHSA-2005:066", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-066.html" }, { "name": "USN-9-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://www.ubuntu.com/usn/usn-9-1/" }, { "name": "MDKSA-2004:113", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113" }, { "name": "GLSA-200410-20", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml" }, { "name": "DSA-581", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-581" }, { "name": "DSA-573", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-573" }, { "name": "FLSA:2353", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353" }, { "name": "MDKSA-2004:116", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:116" }, { "name": "DSA-599", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-599" }, { "name": "xpdf-pdf-bo(17818)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818" }, { "name": "RHSA-2005:354", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-354.html" }, { "name": "RHSA-2004:543", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-543.html" }, { "name": "oval:org.mitre.oval:def:9714", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9714" }, { "name": "CLA-2004:886", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000886" }, { "name": "MDKSA-2004:114", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:114" }, { "name": "GLSA-200410-30", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml" }, { "name": "MDKSA-2004:115", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:115" }, { "name": "SUSE-SA:2004:039", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2" }, { "name": "FLSA:2352", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=110815379627883\u0026w=2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-10-21T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2004:592", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-592.html" }, { "name": "11501", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/11501" }, { "name": "RHSA-2005:066", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-066.html" }, { "name": "USN-9-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://www.ubuntu.com/usn/usn-9-1/" }, { "name": "MDKSA-2004:113", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113" }, { "name": "GLSA-200410-20", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml" }, { "name": "DSA-581", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-581" }, { "name": "DSA-573", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-573" }, { "name": "FLSA:2353", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353" }, { "name": "MDKSA-2004:116", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:116" }, { "name": "DSA-599", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-599" }, { "name": "xpdf-pdf-bo(17818)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818" }, { "name": "RHSA-2005:354", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-354.html" }, { "name": "RHSA-2004:543", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-543.html" }, { "name": "oval:org.mitre.oval:def:9714", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9714" }, { "name": "CLA-2004:886", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000886" }, { "name": "MDKSA-2004:114", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:114" }, { "name": "GLSA-200410-30", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml" }, { "name": "MDKSA-2004:115", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:115" }, { "name": "SUSE-SA:2004:039", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2" }, { "name": "FLSA:2352", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://marc.info/?l=bugtraq\u0026m=110815379627883\u0026w=2" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0888", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2004:592", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-592.html" }, { "name": "11501", "refsource": "BID", "url": "http://www.securityfocus.com/bid/11501" }, { "name": "RHSA-2005:066", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-066.html" }, { "name": "USN-9-1", "refsource": "UBUNTU", "url": "https://www.ubuntu.com/usn/usn-9-1/" }, { "name": "MDKSA-2004:113", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113" }, { "name": "GLSA-200410-20", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml" }, { "name": "DSA-581", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-581" }, { "name": "DSA-573", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-573" }, { "name": "FLSA:2353", "refsource": "FEDORA", "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353" }, { "name": "MDKSA-2004:116", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:116" }, { "name": "DSA-599", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-599" }, { "name": "xpdf-pdf-bo(17818)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818" }, { "name": "RHSA-2005:354", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-354.html" }, { "name": "RHSA-2004:543", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-543.html" }, { "name": "oval:org.mitre.oval:def:9714", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9714" }, { "name": "CLA-2004:886", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000886" }, { "name": "MDKSA-2004:114", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:114" }, { "name": "GLSA-200410-30", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml" }, { "name": "MDKSA-2004:115", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:115" }, { "name": "SUSE-SA:2004:039", "refsource": "SUSE", "url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2" }, { "name": "FLSA:2352", "refsource": "FEDORA", "url": "http://marc.info/?l=bugtraq\u0026m=110815379627883\u0026w=2" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0888", "datePublished": "2004-10-26T04:00:00", "dateReserved": "2004-09-22T00:00:00", "dateUpdated": "2024-08-08T00:31:47.615Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-2971 (GCVE-0-2024-2971)
Vulnerability from cvelistv5
Published
2024-03-26 21:31
Modified
2024-08-06 15:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by negative object number in indirect reference in the input PDF file.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T19:32:42.482Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.xpdfreader.com/security-bug/CVE-2024-2971.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2024-2971", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-06T15:22:09.869348Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-06T15:22:59.533Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "all" ], "product": "Xpdf", "vendor": "Xpdf", "versions": [ { "lessThanOrEqual": "4.05", "status": "affected", "version": "0", "versionType": "Version" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Song Jiaxuan (Huazhong University of Science and Technology)" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cdiv\u003eOut-of-bounds array write in Xpdf 4.05 and earlier, triggered by negative object number in indirect reference in the input PDF file.\u003c/div\u003e" } ], "value": "Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by negative object number in indirect reference in the input PDF file.\n\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 2.9, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787: Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-03-26T21:31:43.511Z", "orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "shortName": "GandC" }, "references": [ { "url": "https://www.xpdfreader.com/security-bug/CVE-2024-2971.html" } ], "source": { "discovery": "UNKNOWN" }, "title": "Out-of-bounds array access due to negative object numbers in indirect references in Xpdf 4.05", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "assignerShortName": "GandC", "cveId": "CVE-2024-2971", "datePublished": "2024-03-26T21:31:43.511Z", "dateReserved": "2024-03-26T21:14:56.706Z", "dateUpdated": "2024-08-06T15:22:59.533Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-4141 (GCVE-0-2024-4141)
Vulnerability from cvelistv5
Published
2024-04-24 18:36
Modified
2024-08-01 20:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid character code in a Type 1 font. The root problem was a bounds check that was being optimized away by modern compilers.
References
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:xpdf:xpdf:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "xpdf", "vendor": "xpdf", "versions": [ { "lessThan": "4.05", "status": "affected", "version": "0", "versionType": "semver" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-4141", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-04-25T18:19:02.469803Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:54:17.039Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T20:33:52.612Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.xpdfreader.com/security-bug/CVE-2024-4141.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "all" ], "product": "Xpdf", "vendor": "Xpdf", "versions": [ { "lessThan": "4.05", "status": "affected", "version": "0", "versionType": "version" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Wu JieCong" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid character code in a Type 1 font. The root problem was a bounds check that was being optimized away by modern compilers.\u003cbr\u003e" } ], "value": "Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid character code in a Type 1 font. The root problem was a bounds check that was being optimized away by modern compilers.\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 2.9, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-24T18:36:49.410Z", "orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "shortName": "GandC" }, "references": [ { "url": "https://www.xpdfreader.com/security-bug/CVE-2024-4141.html" } ], "source": { "discovery": "UNKNOWN" }, "title": "Out-of-bounds array write in Xpdf 4.05 due to incorrect bounds check", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "assignerShortName": "GandC", "cveId": "CVE-2024-4141", "datePublished": "2024-04-24T18:36:49.410Z", "dateReserved": "2024-04-24T18:24:52.705Z", "dateUpdated": "2024-08-01T20:33:52.612Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2007-5393 (GCVE-0-2007-5393)
Vulnerability from cvelistv5
Published
2007-11-08 02:00
Modified
2024-08-07 15:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T15:31:58.116Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "27579", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27579" }, { "name": "SUSE-SA:2007:060", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2007_60_pdf.html" }, { "name": "27632", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27632" }, { "name": "27743", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27743" }, { "name": "MDKSA-2007:222", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:222" }, { "name": "ADV-2007-3774", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/3774" }, { "name": "xpdf-ccittfaxstreamlookchar-bo(38304)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38304" }, { "name": "27260", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27260" }, { "name": "27856", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27856" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html" }, { "name": "27636", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27636" }, { "name": "29604", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/29604" }, { "name": "MDKSA-2007:223", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:223" }, { "name": "27721", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27721" }, { "name": "27724", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27724" }, { "name": "ADV-2007-3776", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/3776" }, { "name": "FEDORA-2007-3059", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html" }, { "name": "27577", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27577" }, { "name": "29104", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/29104" }, { "name": "FEDORA-2007-3031", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html" }, { "name": "oval:org.mitre.oval:def:9839", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9839" }, { "name": "27618", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27618" }, { "name": "27642", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27642" }, { "name": "FEDORA-2007-4031", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html" }, { "name": "27656", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27656" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://secunia.com/secunia_research/2007-88/advisory/" }, { "name": "FEDORA-2007-3100", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html" }, { "name": "RHSA-2007:1026", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1026.html" }, { "name": "DSA-1509", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2008/dsa-1509" }, { "name": "RHSA-2007:1022", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html" }, { "name": "27573", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27573" }, { "name": "RHSA-2007:1029", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1029.html" }, { "name": "27641", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27641" }, { "name": "GLSA-200805-13", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml" }, { "name": "28812", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28812" }, { "name": "DSA-1537", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2008/dsa-1537" }, { "name": "FEDORA-2007-750", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html" }, { "name": "RHSA-2007:1031", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1031.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm" }, { "name": "27772", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27772" }, { "name": "SSA:2007-316-01", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.761882" }, { "name": "26367", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/26367" }, { "name": "27615", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27615" }, { "name": "RHSA-2007:1021", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1021.html" }, { "name": "ADV-2007-3786", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/3786" }, { "name": "27645", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27645" }, { "name": "20071107 Secunia Research: Xpdf \"Stream.cc\" Multiple Vulnerabilities", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/483372" }, { "name": "30168", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/30168" }, { "name": "27574", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27574" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-1926" }, { "name": "26503", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/26503" }, { "name": "MDKSA-2007:219", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:219" }, { "name": "DSA-1480", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2008/dsa-1480" }, { "name": "GLSA-200711-22", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200711-22.xml" }, { "name": "27634", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27634" }, { "name": "MDKSA-2007:227", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:227" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.kde.org/info/security/advisory-20071107-1.txt" }, { "name": "28043", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28043" }, { "name": "27619", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27619" }, { "name": "MDKSA-2007:220", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:220" }, { "name": "27705", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27705" }, { "name": "27578", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27578" }, { "name": "27640", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27640" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html" }, { "name": "RHSA-2007:1023", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1023.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html" }, { "name": "27718", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27718" }, { "name": "GLSA-200711-34", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml" }, { "name": "27599", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27599" }, { "name": "27575", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27575" }, { "name": "RHSA-2007:1028", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1028.html" }, { "name": "1018905", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id?1018905" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html" }, { "name": "FEDORA-2007-3390", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html" }, { "name": "MDKSA-2007:228", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:228" }, { "name": "ADV-2007-3775", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/3775" }, { "name": "RHSA-2007:1027", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html" }, { "name": "RHSA-2007:1030", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html" }, { "name": "USN-542-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-542-1" }, { "name": "27658", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27658" }, { "name": "RHSA-2007:1024", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1024.html" }, { "name": "MDKSA-2007:230", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230" }, { "name": "USN-542-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-542-2" }, { "name": "RHSA-2007:1025", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1025.html" }, { "name": "ADV-2007-3779", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/3779" }, { "name": "DSA-1408", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2007/dsa-1408" }, { "name": "RHSA-2007:1051", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1051.html" }, { "name": "MDKSA-2007:221", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:221" }, { "name": "27553", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27553" }, { "name": "27637", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27637" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2007-11-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-28T12:57:01", "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab", "shortName": "flexera" }, "references": [ { "name": "27579", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27579" }, { "name": "SUSE-SA:2007:060", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2007_60_pdf.html" }, { "name": "27632", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27632" }, { "name": "27743", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27743" }, { "name": "MDKSA-2007:222", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:222" }, { "name": "ADV-2007-3774", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/3774" }, { "name": "xpdf-ccittfaxstreamlookchar-bo(38304)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38304" }, { "name": "27260", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27260" }, { "name": "27856", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27856" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html" }, { "name": "27636", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27636" }, { "name": "29604", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/29604" }, { "name": "MDKSA-2007:223", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:223" }, { "name": "27721", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27721" }, { "name": "27724", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27724" }, { "name": "ADV-2007-3776", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/3776" }, { "name": "FEDORA-2007-3059", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html" }, { "name": "27577", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27577" }, { "name": "29104", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/29104" }, { "name": "FEDORA-2007-3031", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html" }, { "name": "oval:org.mitre.oval:def:9839", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9839" }, { "name": "27618", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27618" }, { "name": "27642", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27642" }, { "name": "FEDORA-2007-4031", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html" }, { "name": "27656", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27656" }, { "tags": [ "x_refsource_MISC" ], "url": "http://secunia.com/secunia_research/2007-88/advisory/" }, { "name": "FEDORA-2007-3100", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html" }, { "name": "RHSA-2007:1026", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1026.html" }, { "name": "DSA-1509", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2008/dsa-1509" }, { "name": "RHSA-2007:1022", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html" }, { "name": "27573", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27573" }, { "name": "RHSA-2007:1029", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1029.html" }, { "name": "27641", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27641" }, { "name": "GLSA-200805-13", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml" }, { "name": "28812", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28812" }, { "name": "DSA-1537", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2008/dsa-1537" }, { "name": "FEDORA-2007-750", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html" }, { "name": "RHSA-2007:1031", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1031.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm" }, { "name": "27772", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27772" }, { "name": "SSA:2007-316-01", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.761882" }, { "name": "26367", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/26367" }, { "name": "27615", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27615" }, { "name": "RHSA-2007:1021", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1021.html" }, { "name": "ADV-2007-3786", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/3786" }, { "name": "27645", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27645" }, { "name": "20071107 Secunia Research: Xpdf \"Stream.cc\" Multiple Vulnerabilities", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/483372" }, { "name": "30168", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/30168" }, { "name": "27574", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27574" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-1926" }, { "name": "26503", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/26503" }, { "name": "MDKSA-2007:219", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:219" }, { "name": "DSA-1480", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2008/dsa-1480" }, { "name": "GLSA-200711-22", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200711-22.xml" }, { "name": "27634", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27634" }, { "name": "MDKSA-2007:227", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:227" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.kde.org/info/security/advisory-20071107-1.txt" }, { "name": "28043", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28043" }, { "name": "27619", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27619" }, { "name": "MDKSA-2007:220", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:220" }, { "name": "27705", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27705" }, { "name": "27578", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27578" }, { "name": "27640", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27640" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html" }, { "name": "RHSA-2007:1023", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1023.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html" }, { "name": "27718", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27718" }, { "name": "GLSA-200711-34", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml" }, { "name": "27599", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27599" }, { "name": "27575", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27575" }, { "name": "RHSA-2007:1028", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1028.html" }, { "name": "1018905", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id?1018905" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html" }, { "name": "FEDORA-2007-3390", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html" }, { "name": "MDKSA-2007:228", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:228" }, { "name": "ADV-2007-3775", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/3775" }, { "name": "RHSA-2007:1027", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html" }, { "name": "RHSA-2007:1030", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html" }, { "name": "USN-542-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-542-1" }, { "name": "27658", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27658" }, { "name": "RHSA-2007:1024", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1024.html" }, { "name": "MDKSA-2007:230", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230" }, { "name": "USN-542-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-542-2" }, { "name": "RHSA-2007:1025", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1025.html" }, { "name": "ADV-2007-3779", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/3779" }, { "name": "DSA-1408", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2007/dsa-1408" }, { "name": "RHSA-2007:1051", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1051.html" }, { "name": "MDKSA-2007:221", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:221" }, { "name": "27553", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27553" }, { "name": "27637", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27637" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "PSIRT-CNA@flexerasoftware.com", "ID": "CVE-2007-5393", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "27579", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27579" }, { "name": "SUSE-SA:2007:060", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2007_60_pdf.html" }, { "name": "27632", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27632" }, { "name": "27743", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27743" }, { "name": "MDKSA-2007:222", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:222" }, { "name": "ADV-2007-3774", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3774" }, { "name": "xpdf-ccittfaxstreamlookchar-bo(38304)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38304" }, { "name": "27260", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27260" }, { "name": "27856", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27856" }, { "name": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html", "refsource": "CONFIRM", "url": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html" }, { "name": "27636", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27636" }, { "name": "29604", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29604" }, { "name": "MDKSA-2007:223", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:223" }, { "name": "27721", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27721" }, { "name": "27724", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27724" }, { "name": "ADV-2007-3776", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3776" }, { "name": "FEDORA-2007-3059", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html" }, { "name": "27577", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27577" }, { "name": "29104", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29104" }, { "name": "FEDORA-2007-3031", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html" }, { "name": "oval:org.mitre.oval:def:9839", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9839" }, { "name": "27618", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27618" }, { "name": "27642", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27642" }, { "name": "FEDORA-2007-4031", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html" }, { "name": "27656", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27656" }, { "name": "http://secunia.com/secunia_research/2007-88/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2007-88/advisory/" }, { "name": "FEDORA-2007-3100", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html" }, { "name": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html", "refsource": "CONFIRM", "url": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html" }, { "name": "RHSA-2007:1026", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-1026.html" }, { "name": "DSA-1509", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1509" }, { "name": "RHSA-2007:1022", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html" }, { "name": "27573", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27573" }, { "name": "RHSA-2007:1029", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-1029.html" }, { "name": "27641", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27641" }, { "name": "GLSA-200805-13", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml" }, { "name": "28812", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28812" }, { "name": "DSA-1537", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1537" }, { "name": "FEDORA-2007-750", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html" }, { "name": "RHSA-2007:1031", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-1031.html" }, { "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm", "refsource": "CONFIRM", "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm" }, { "name": "27772", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27772" }, { "name": "SSA:2007-316-01", "refsource": "SLACKWARE", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.761882" }, { "name": "26367", "refsource": "BID", "url": "http://www.securityfocus.com/bid/26367" }, { "name": "27615", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27615" }, { "name": "RHSA-2007:1021", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-1021.html" }, { "name": "ADV-2007-3786", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3786" }, { "name": "27645", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27645" }, { "name": "20071107 Secunia Research: Xpdf \"Stream.cc\" Multiple Vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/483372" }, { "name": "30168", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30168" }, { "name": "27574", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27574" }, { "name": "https://issues.rpath.com/browse/RPL-1926", "refsource": "CONFIRM", "url": "https://issues.rpath.com/browse/RPL-1926" }, { "name": "26503", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26503" }, { "name": "MDKSA-2007:219", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:219" }, { "name": "DSA-1480", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1480" }, { "name": "GLSA-200711-22", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200711-22.xml" }, { "name": "27634", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27634" }, { "name": "MDKSA-2007:227", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:227" }, { "name": "http://www.kde.org/info/security/advisory-20071107-1.txt", "refsource": "CONFIRM", "url": "http://www.kde.org/info/security/advisory-20071107-1.txt" }, { "name": "28043", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28043" }, { "name": "27619", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27619" }, { "name": "MDKSA-2007:220", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:220" }, { "name": "27705", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27705" }, { "name": "27578", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27578" }, { "name": "27640", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27640" }, { "name": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html", "refsource": "CONFIRM", "url": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html" }, { "name": "RHSA-2007:1023", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-1023.html" }, { "name": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html", "refsource": "CONFIRM", "url": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html" }, { "name": "27718", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27718" }, { "name": "GLSA-200711-34", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml" }, { "name": "27599", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27599" }, { "name": "27575", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27575" }, { "name": "RHSA-2007:1028", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-1028.html" }, { "name": "1018905", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1018905" }, { "name": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html", "refsource": "CONFIRM", "url": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html" }, { "name": "FEDORA-2007-3390", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html" }, { "name": "MDKSA-2007:228", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:228" }, { "name": "ADV-2007-3775", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3775" }, { "name": "RHSA-2007:1027", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html" }, { "name": "RHSA-2007:1030", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html" }, { "name": "USN-542-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-542-1" }, { "name": "27658", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27658" }, { "name": "RHSA-2007:1024", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-1024.html" }, { "name": "MDKSA-2007:230", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230" }, { "name": "USN-542-2", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-542-2" }, { "name": "RHSA-2007:1025", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-1025.html" }, { "name": "ADV-2007-3779", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3779" }, { "name": "DSA-1408", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2007/dsa-1408" }, { "name": "RHSA-2007:1051", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-1051.html" }, { "name": "MDKSA-2007:221", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:221" }, { "name": "27553", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27553" }, { "name": "27637", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27637" } ] } } } }, "cveMetadata": { "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab", "assignerShortName": "flexera", "cveId": "CVE-2007-5393", "datePublished": "2007-11-08T02:00:00", "dateReserved": "2007-10-12T00:00:00", "dateUpdated": "2024-08-07T15:31:58.116Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-3248 (GCVE-0-2024-3248)
Vulnerability from cvelistv5
Published
2024-04-02 23:04
Modified
2024-08-12 13:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-674 - Uncontrolled Recursion
Summary
In Xpdf 4.05 (and earlier), a PDF object loop in the attachments leads to infinite recursion and a stack overflow.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T20:05:08.315Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://forum.xpdfreader.com/viewtopic.php?t=43657" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:xpdf:xpdf:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "xpdf", "vendor": "xpdf", "versions": [ { "lessThanOrEqual": "4.05", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-3248", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-12T13:50:27.401794Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-12T13:52:19.102Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "all" ], "product": "Xpdf", "vendor": "Xpdf", "versions": [ { "lessThanOrEqual": "4.05", "status": "affected", "version": "0", "versionType": "version" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "In Xpdf 4.05 (and earlier), a PDF object loop in the attachments leads to infinite recursion and a stack overflow.\u003cbr\u003e" } ], "value": "In Xpdf 4.05 (and earlier), a PDF object loop in the attachments leads to infinite recursion and a stack overflow.\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 2.9, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-674", "description": "CWE-674 Uncontrolled Recursion", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-02T23:04:40.828Z", "orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "shortName": "GandC" }, "references": [ { "url": "https://forum.xpdfreader.com/viewtopic.php?t=43657" } ], "source": { "discovery": "UNKNOWN" }, "title": "Stack overflow in Xpdf 4.05 due to object loop in attachments", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "assignerShortName": "GandC", "cveId": "CVE-2024-3248", "datePublished": "2024-04-02T23:04:40.828Z", "dateReserved": "2024-04-02T23:00:19.912Z", "dateUpdated": "2024-08-12T13:52:19.102Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2005-3624 (GCVE-0-2005-3624)
Vulnerability from cvelistv5
Published
2006-01-06 22:00
Modified
2024-08-07 23:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T23:17:23.457Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "16143", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/16143" }, { "name": "DSA-932", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18349" }, { "name": "18147", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18147" }, { "name": "SCOSA-2006.15", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18679" }, { "name": "18312", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18312" }, { "name": "18644", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18644" }, { "name": "USN-236-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/236-1/" }, { "name": "18425", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18425" }, { "name": "18373", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18373" }, { "name": "18303", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "name": "19230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "MDKSA-2006:012", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "name": "DSA-962", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "name": "RHSA-2006:0163", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "name": "DSA-937", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-937" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "2006-0002", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred" ], "url": "http://www.trustix.org/errata/2006/0002/" }, { "name": "SUSE-SA:2006:001", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "FEDORA-2005-026", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "name": "18329", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18329" }, { "name": "18463", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18463" }, { "name": "18642", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18642" }, { "name": "18674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18313" }, { "name": "20051201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18448" }, { "name": "18436", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18436" }, { "name": "18428", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18428" }, { "name": "18380", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18380" }, { "name": "18423", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18423" }, { "name": "18416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18416" }, { "name": "RHSA-2006:0177", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "name": "ADV-2007-2280", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "GLSA-200601-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18407" }, { "name": "18332", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18332" }, { "name": "18517", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18582" }, { "name": "18534", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18534" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18908" }, { "name": "25729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/25729" }, { "name": "18414", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18414" }, { "name": "MDKSA-2006:006", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "18338", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18338" }, { "name": "MDKSA-2006:008", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "20060201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "MDKSA-2006:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "DSA-940", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-940" }, { "name": "MDKSA-2006:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "ADV-2006-0047", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "name": "GLSA-200601-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "name": "xpdf-ccitt-faxstream-bo(24022)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022" }, { "name": "18389", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18389" }, { "name": "oval:org.mitre.oval:def:9437", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19377" }, { "name": "FEDORA-2005-025", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "18675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18675" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18913" }, { "name": "DSA-938", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-938" }, { "name": "18334", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18334" }, { "name": "18375", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18375" }, { "name": "DSA-950", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "18387", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18387" }, { "name": "MDKSA-2006:011", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18385" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-01-06T00:00:00", "descriptions": [ { "lang": "en", "value": "The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-19T14:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "16143", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/16143" }, { "name": "DSA-932", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18349" }, { "name": "18147", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18147" }, { "name": "SCOSA-2006.15", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "tags": [ "x_refsource_MISC" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18679" }, { "name": "18312", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18312" }, { "name": "18644", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18644" }, { "name": "USN-236-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/236-1/" }, { "name": "18425", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18425" }, { "name": "18373", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18373" }, { "name": "18303", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "name": "19230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "MDKSA-2006:012", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "name": "DSA-962", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "name": "RHSA-2006:0163", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "name": "DSA-937", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-937" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "2006-0002", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX" ], "url": "http://www.trustix.org/errata/2006/0002/" }, { "name": "SUSE-SA:2006:001", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "FEDORA-2005-026", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "name": "18329", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18329" }, { "name": "18463", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18463" }, { "name": "18642", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18642" }, { "name": "18674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18313" }, { "name": "20051201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18448" }, { "name": "18436", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18436" }, { "name": "18428", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18428" }, { "name": "18380", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18380" }, { "name": "18423", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18423" }, { "name": "18416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18416" }, { "name": "RHSA-2006:0177", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "name": "ADV-2007-2280", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "GLSA-200601-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18407" }, { "name": "18332", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18332" }, { "name": "18517", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18582" }, { "name": "18534", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18534" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18908" }, { "name": "25729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/25729" }, { "name": "18414", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18414" }, { "name": "MDKSA-2006:006", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "18338", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18338" }, { "name": "MDKSA-2006:008", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "20060201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "MDKSA-2006:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "DSA-940", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-940" }, { "name": "MDKSA-2006:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "ADV-2006-0047", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "name": "GLSA-200601-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "name": "xpdf-ccitt-faxstream-bo(24022)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022" }, { "name": "18389", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18389" }, { "name": "oval:org.mitre.oval:def:9437", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19377" }, { "name": "FEDORA-2005-025", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "18675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18675" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18913" }, { "name": "DSA-938", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-938" }, { "name": "18334", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18334" }, { "name": "18375", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18375" }, { "name": "DSA-950", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "18387", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18387" }, { "name": "MDKSA-2006:011", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18385" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2005-3624", "datePublished": "2006-01-06T22:00:00", "dateReserved": "2005-11-16T00:00:00", "dateUpdated": "2024-08-07T23:17:23.457Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2010-0206 (GCVE-0-2010-0206)
Vulnerability from cvelistv5
Published
2019-10-30 20:10
Modified
2024-08-07 00:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Other
Summary
xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream objects.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T00:37:54.188Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://security-tracker.debian.org/tracker/CVE-2010-0206" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0206" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "xpdf", "vendor": "xpdf", "versions": [ { "status": "affected", "version": "N/A" } ] } ], "datePublic": "2010-04-07T00:00:00", "descriptions": [ { "lang": "en", "value": "xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream objects." } ], "problemTypes": [ { "descriptions": [ { "description": "Other", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-10-30T20:10:52", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://security-tracker.debian.org/tracker/CVE-2010-0206" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0206" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cert@cert.org", "ID": "CVE-2010-0206", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "xpdf", "version": { "version_data": [ { "version_value": "N/A" } ] } } ] }, "vendor_name": "xpdf" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream objects." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Other" } ] } ] }, "references": { "reference_data": [ { "name": "https://security-tracker.debian.org/tracker/CVE-2010-0206", "refsource": "MISC", "url": "https://security-tracker.debian.org/tracker/CVE-2010-0206" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0206", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0206" } ] } } } }, "cveMetadata": { "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2010-0206", "datePublished": "2019-10-30T20:10:52", "dateReserved": "2010-01-06T00:00:00", "dateUpdated": "2024-08-07T00:37:54.188Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0727 (GCVE-0-2000-0727)
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
xpdf PDF viewer client earlier than 0.91 does not properly launch a web browser for embedded URL's, which allows an attacker to execute arbitrary commands via a URL that contains shell metacharacters.
References
► | URL | Tags | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:28:41.438Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20000829 MDKSA-2000:041 - xpdf update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=96766355023239\u0026w=2" }, { "name": "20000913 Conectiva Linux Security Announcement - xpdf", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=96886599829687\u0026w=2" }, { "name": "20000910 xpdf: local exploit", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2000/20000910a" }, { "name": "1624", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1624" }, { "name": "CSSA-2000-031.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-031.0.txt" }, { "name": "RHSA-2000:060", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-060.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-08-29T00:00:00", "descriptions": [ { "lang": "en", "value": "xpdf PDF viewer client earlier than 0.91 does not properly launch a web browser for embedded URL\u0027s, which allows an attacker to execute arbitrary commands via a URL that contains shell metacharacters." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20000829 MDKSA-2000:041 - xpdf update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=96766355023239\u0026w=2" }, { "name": "20000913 Conectiva Linux Security Announcement - xpdf", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=96886599829687\u0026w=2" }, { "name": "20000910 xpdf: local exploit", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2000/20000910a" }, { "name": "1624", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1624" }, { "name": "CSSA-2000-031.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-031.0.txt" }, { "name": "RHSA-2000:060", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-060.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0727", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "xpdf PDF viewer client earlier than 0.91 does not properly launch a web browser for embedded URL\u0027s, which allows an attacker to execute arbitrary commands via a URL that contains shell metacharacters." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20000829 MDKSA-2000:041 - xpdf update", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=96766355023239\u0026w=2" }, { "name": "20000913 Conectiva Linux Security Announcement - xpdf", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=96886599829687\u0026w=2" }, { "name": "20000910 xpdf: local exploit", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2000/20000910a" }, { "name": "1624", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1624" }, { "name": "CSSA-2000-031.0", "refsource": "CALDERA", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-031.0.txt" }, { "name": "RHSA-2000:060", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-060.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0727", "datePublished": "2000-10-13T04:00:00", "dateReserved": "2000-09-19T00:00:00", "dateUpdated": "2024-08-08T05:28:41.438Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-3247 (GCVE-0-2024-3247)
Vulnerability from cvelistv5
Published
2024-04-02 22:57
Modified
2024-08-01 20:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-674 - Uncontrolled Recursion
Summary
In Xpdf 4.05 (and earlier), a PDF object loop in an object stream leads to infinite recursion and a stack overflow.
References
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:xpdf:xpdf:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "xpdf", "vendor": "xpdf", "versions": [ { "lessThanOrEqual": "4.05", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-3247", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-04-03T17:26:43.928823Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-31T20:35:23.652Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T20:05:08.335Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://forum.xpdfreader.com/viewtopic.php?t=43597" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "all" ], "product": "Xpdf", "vendor": "Xpdf", "versions": [ { "lessThanOrEqual": "4.05", "status": "affected", "version": "0", "versionType": "version" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Zhijie Zhang, from Institute of Information Engineering, Chinese Academy of Sciences" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "In Xpdf 4.05 (and earlier), a PDF object loop in an object stream leads to infinite recursion and a stack overflow.\u003cbr\u003e" } ], "value": "In Xpdf 4.05 (and earlier), a PDF object loop in an object stream leads to infinite recursion and a stack overflow.\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 2.9, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-674", "description": "CWE-674 Uncontrolled Recursion", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-02T22:57:35.394Z", "orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "shortName": "GandC" }, "references": [ { "url": "https://forum.xpdfreader.com/viewtopic.php?t=43597" } ], "source": { "discovery": "UNKNOWN" }, "title": "Stack overflow in Xpdf 4.05 due to object loop in PDF object stream", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "assignerShortName": "GandC", "cveId": "CVE-2024-3247", "datePublished": "2024-04-02T22:57:35.394Z", "dateReserved": "2024-04-02T22:48:13.391Z", "dateUpdated": "2024-08-01T20:05:08.335Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2005-0064 (GCVE-0-2005-0064)
Vulnerability from cvelistv5
Published
2005-01-19 05:00
Modified
2024-08-07 20:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T20:57:40.988Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "17277", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17277" }, { "name": "oval:org.mitre.oval:def:11781", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11781" }, { "name": "RHSA-2005:066", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-066.html" }, { "name": "RHSA-2005:034", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html" }, { "name": "MDKSA-2005:018", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:018" }, { "name": "MDKSA-2005:017", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:017" }, { "name": "MDKSA-2005:016", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:016" }, { "name": "2005-0003", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred" ], "url": "http://www.trustix.org/errata/2005/0003/" }, { "name": "FLSA:2352", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2352" }, { "name": "FLSA:2353", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353" }, { "name": "DSA-645", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-645" }, { "name": "GLSA-200502-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/200502-10" }, { "name": "RHSA-2005:026", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-026.html" }, { "name": "RHSA-2005:053", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html" }, { "name": "MDKSA-2005:020", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:020" }, { "name": "GLSA-200501-28", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/200501-28" }, { "name": "20050118 Multiple Unix/Linux Vendor Xpdf makeFileKey2 Stack Overflow", "tags": [ "third-party-advisory", "x_refsource_IDEFENSE", "x_transferred" ], "url": "http://www.idefense.com/application/poi/display?id=186\u0026type=vulnerabilities" }, { "name": "RHSA-2005:059", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-059.html" }, { "name": "20050119 [USN-64-1] xpdf, CUPS vulnerabilities", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=110625368019554\u0026w=2" }, { "name": "SCOSA-2005.42", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt" }, { "name": "DSA-648", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-648" }, { "name": "MDKSA-2005:021", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:021" }, { "name": "CLA-2005:921", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000921" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch" }, { "name": "MDKSA-2005:019", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:019" }, { "name": "RHSA-2005:057", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2005-01-18T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "17277", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17277" }, { "name": "oval:org.mitre.oval:def:11781", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11781" }, { "name": "RHSA-2005:066", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-066.html" }, { "name": "RHSA-2005:034", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html" }, { "name": "MDKSA-2005:018", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:018" }, { "name": "MDKSA-2005:017", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:017" }, { "name": "MDKSA-2005:016", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:016" }, { "name": "2005-0003", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX" ], "url": "http://www.trustix.org/errata/2005/0003/" }, { "name": "FLSA:2352", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2352" }, { "name": "FLSA:2353", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353" }, { "name": "DSA-645", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-645" }, { "name": "GLSA-200502-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/200502-10" }, { "name": "RHSA-2005:026", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-026.html" }, { "name": "RHSA-2005:053", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html" }, { "name": "MDKSA-2005:020", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:020" }, { "name": "GLSA-200501-28", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/200501-28" }, { "name": "20050118 Multiple Unix/Linux Vendor Xpdf makeFileKey2 Stack Overflow", "tags": [ "third-party-advisory", "x_refsource_IDEFENSE" ], "url": "http://www.idefense.com/application/poi/display?id=186\u0026type=vulnerabilities" }, { "name": "RHSA-2005:059", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-059.html" }, { "name": "20050119 [USN-64-1] xpdf, CUPS vulnerabilities", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=110625368019554\u0026w=2" }, { "name": "SCOSA-2005.42", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt" }, { "name": "DSA-648", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-648" }, { "name": "MDKSA-2005:021", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:021" }, { "name": "CLA-2005:921", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000921" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch" }, { "name": "MDKSA-2005:019", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:019" }, { "name": "RHSA-2005:057", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-0064", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "17277", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17277" }, { "name": "oval:org.mitre.oval:def:11781", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11781" }, { "name": "RHSA-2005:066", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-066.html" }, { "name": "RHSA-2005:034", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html" }, { "name": "MDKSA-2005:018", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:018" }, { "name": "MDKSA-2005:017", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:017" }, { "name": "MDKSA-2005:016", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:016" }, { "name": "2005-0003", "refsource": "TRUSTIX", "url": "http://www.trustix.org/errata/2005/0003/" }, { "name": "FLSA:2352", "refsource": "FEDORA", "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2352" }, { "name": "FLSA:2353", "refsource": "FEDORA", "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353" }, { "name": "DSA-645", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2005/dsa-645" }, { "name": "GLSA-200502-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/200502-10" }, { "name": "RHSA-2005:026", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-026.html" }, { "name": "RHSA-2005:053", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html" }, { "name": "MDKSA-2005:020", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:020" }, { "name": "GLSA-200501-28", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/200501-28" }, { "name": "20050118 Multiple Unix/Linux Vendor Xpdf makeFileKey2 Stack Overflow", "refsource": "IDEFENSE", "url": "http://www.idefense.com/application/poi/display?id=186\u0026type=vulnerabilities" }, { "name": "RHSA-2005:059", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-059.html" }, { "name": "20050119 [USN-64-1] xpdf, CUPS vulnerabilities", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=110625368019554\u0026w=2" }, { "name": "SCOSA-2005.42", "refsource": "SCO", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt" }, { "name": "DSA-648", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2005/dsa-648" }, { "name": "MDKSA-2005:021", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:021" }, { "name": "CLA-2005:921", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000921" }, { "name": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch", "refsource": "CONFIRM", "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch" }, { "name": "MDKSA-2005:019", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:019" }, { "name": "RHSA-2005:057", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-0064", "datePublished": "2005-01-19T05:00:00", "dateReserved": "2005-01-13T00:00:00", "dateUpdated": "2024-08-07T20:57:40.988Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2025-3154 (GCVE-0-2025-3154)
Vulnerability from cvelistv5
Published
2025-04-02 22:18
Modified
2025-04-03 19:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid VerticesPerRow value in a PDF shading dictionary.
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-3154", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-04-03T19:14:58.924660Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-04-03T19:15:26.279Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "all" ], "product": "Xpdf", "vendor": "Xpdf", "versions": [ { "lessThanOrEqual": "4.05", "status": "affected", "version": "0", "versionType": "version" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Erik Viken" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid VerticesPerRow value in a PDF shading dictionary." } ], "value": "Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid VerticesPerRow value in a PDF shading dictionary." } ], "metrics": [ { "cvssV4_0": { "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 2.1, "baseSeverity": "LOW", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-04-02T22:18:46.033Z", "orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "shortName": "GandC" }, "references": [ { "url": "https://www.xpdfreader.com/security-bug/CVE-2025-3154.html" } ], "source": { "discovery": "UNKNOWN" }, "title": "Out-of-bounds array write due to invalid VerticesPerRow in Xpdf 4.05", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "assignerShortName": "GandC", "cveId": "CVE-2025-3154", "datePublished": "2025-04-02T22:18:46.033Z", "dateReserved": "2025-04-02T22:09:54.712Z", "dateUpdated": "2025-04-03T19:15:26.279Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-7866 (GCVE-0-2024-7866)
Vulnerability from cvelistv5
Published
2024-08-15 19:50
Modified
2024-08-16 17:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-674 - Uncontrolled Recursion
Summary
In Xpdf 4.05 (and earlier), a PDF object loop in a pattern resource leads to infinite recursion and a stack overflow.
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-7866", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-16T17:13:19.735300Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-16T17:13:35.817Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "all" ], "product": "Xpdf", "vendor": "Xpdf", "versions": [ { "lessThanOrEqual": "4.05", "status": "affected", "version": "0", "versionType": "Version" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "xiaobaozidi" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "In Xpdf 4.05 (and earlier), a PDF object loop in a pattern resource leads to infinite recursion and a stack overflow.\u003cbr\u003e" } ], "value": "In Xpdf 4.05 (and earlier), a PDF object loop in a pattern resource leads to infinite recursion and a stack overflow." } ], "metrics": [ { "cvssV4_0": { "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 2.1, "baseSeverity": "LOW", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-674", "description": "CWE-674 Uncontrolled Recursion", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-15T19:50:06.413Z", "orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "shortName": "GandC" }, "references": [ { "url": "https://www.xpdfreader.com/security-bug/object-loops.html" } ], "source": { "discovery": "UNKNOWN" }, "title": "Stack overflow in Xpdf 4.05 due to object loop in PDF pattern", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "assignerShortName": "GandC", "cveId": "CVE-2024-7866", "datePublished": "2024-08-15T19:50:06.413Z", "dateReserved": "2024-08-15T19:41:01.904Z", "dateUpdated": "2024-08-16T17:13:35.817Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2006-1244 (GCVE-0-2006-1244)
Vulnerability from cvelistv5
Published
2006-03-15 19:00
Modified
2024-08-07 17:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed. Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T17:03:28.588Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "19644", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19644" }, { "name": "DSA-979", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-979" }, { "name": "DSA-998", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-998" }, { "name": "19164", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19164" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3.diff.gz" }, { "name": "19364", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19364" }, { "name": "DSA-983", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-983" }, { "name": "DSA-982", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-982" }, { "name": "19091", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19091" }, { "name": "19065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19065" }, { "name": "23834", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/23834" }, { "name": "DSA-1019", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1019" }, { "name": "16748", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/16748" }, { "name": "18948", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18948" }, { "name": "DSA-984", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-984" }, { "name": "19021", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19021" }, { "name": "USN-270-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/270-1/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-02-17T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed. Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-03T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "19644", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19644" }, { "name": "DSA-979", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-979" }, { "name": "DSA-998", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-998" }, { "name": "19164", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19164" }, { "tags": [ "x_refsource_MISC" ], "url": "http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3.diff.gz" }, { "name": "19364", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19364" }, { "name": "DSA-983", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-983" }, { "name": "DSA-982", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-982" }, { "name": "19091", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19091" }, { "name": "19065", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19065" }, { "name": "23834", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/23834" }, { "name": "DSA-1019", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1019" }, { "name": "16748", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/16748" }, { "name": "18948", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18948" }, { "name": "DSA-984", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-984" }, { "name": "19021", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19021" }, { "name": "USN-270-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/270-1/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-1244", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed. Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "19644", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19644" }, { "name": "DSA-979", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-979" }, { "name": "DSA-998", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-998" }, { "name": "19164", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19164" }, { "name": "http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3.diff.gz", "refsource": "MISC", "url": "http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3.diff.gz" }, { "name": "19364", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19364" }, { "name": "DSA-983", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-983" }, { "name": "DSA-982", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-982" }, { "name": "19091", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19091" }, { "name": "19065", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19065" }, { "name": "23834", "refsource": "OSVDB", "url": "http://www.osvdb.org/23834" }, { "name": "DSA-1019", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1019" }, { "name": "16748", "refsource": "BID", "url": "http://www.securityfocus.com/bid/16748" }, { "name": "18948", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18948" }, { "name": "DSA-984", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-984" }, { "name": "19021", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19021" }, { "name": "USN-270-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/270-1/" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-1244", "datePublished": "2006-03-15T19:00:00", "dateReserved": "2006-03-15T00:00:00", "dateUpdated": "2024-08-07T17:03:28.588Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2023-2662 (GCVE-0-2023-2662)
Vulnerability from cvelistv5
Published
2023-05-11 20:08
Modified
2025-01-24 16:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-369 - Divide By Zero
Summary
In Xpdf 4.04 (and earlier), a bad color space object in the input PDF file can cause a divide-by-zero.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T06:26:09.951Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://forum.xpdfreader.com/viewtopic.php?t=42505" } ], "title": "CVE Program Container" }, { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-2662", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-01-24T16:05:31.137989Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-369", "description": "CWE-369 Divide By Zero", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-01-24T16:06:27.283Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "all" ], "product": "Xpdf", "vendor": "Xpdf", "versions": [ { "status": "affected", "version": "4.04" } ] } ], "credits": [ { "lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "huckleberry" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cdiv\u003eIn Xpdf 4.04 (and earlier), a bad color space object in the input PDF file can cause a divide-by-zero.\u003cbr\u003e\u003c/div\u003e" } ], "value": "In Xpdf 4.04 (and earlier), a bad color space object in the input PDF file can cause a divide-by-zero.\n\n\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 2.9, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-369", "description": "CWE-369 Divide By Zero", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-11T20:08:27.720Z", "orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "shortName": "GandC" }, "references": [ { "url": "https://forum.xpdfreader.com/viewtopic.php?t=42505" } ], "source": { "discovery": "UNKNOWN" }, "title": "Divide-by-zero in Xpdf 4.04 due to bad color space object", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "assignerShortName": "GandC", "cveId": "CVE-2023-2662", "datePublished": "2023-05-11T20:08:25.610Z", "dateReserved": "2023-05-11T20:03:56.213Z", "dateUpdated": "2025-01-24T16:06:27.283Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2023-2664 (GCVE-0-2023-2664)
Vulnerability from cvelistv5
Published
2023-05-11 20:21
Modified
2025-01-23 21:23
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-674 - Uncontrolled Recursion
Summary
In Xpdf 4.04 (and earlier), a PDF object loop in the embedded file tree leads to infinite recursion and a stack overflow.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T06:26:09.765Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://forum.xpdfreader.com/viewtopic.php?t=42422" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-2664", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-01-23T21:22:45.913757Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-01-23T21:23:23.646Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "all" ], "product": "Xpdf", "vendor": "Xpdf", "versions": [ { "status": "affected", "version": "4.04" } ] } ], "credits": [ { "lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "BabyBus" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cdiv\u003e\u0026nbsp;In Xpdf 4.04 (and earlier), a PDF object loop in the embedded file tree leads to infinite recursion and a stack overflow.\u003cbr\u003e\u003c/div\u003e" } ], "value": "\u00a0In Xpdf 4.04 (and earlier), a PDF object loop in the embedded file tree leads to infinite recursion and a stack overflow.\n\n\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 2.9, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-674", "description": "CWE-674 Uncontrolled Recursion", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-11T20:21:25.821Z", "orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "shortName": "GandC" }, "references": [ { "url": "https://forum.xpdfreader.com/viewtopic.php?t=42422" } ], "source": { "discovery": "UNKNOWN" }, "title": "Stack overflow in Xpdf 4.04 due to object loop in PDF embedded file tree", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "assignerShortName": "GandC", "cveId": "CVE-2023-2664", "datePublished": "2023-05-11T20:21:25.821Z", "dateReserved": "2023-05-11T20:19:40.531Z", "dateUpdated": "2025-01-23T21:23:23.646Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0889 (GCVE-0-2004-0889)
Vulnerability from cvelistv5
Published
2004-10-26 04:00
Modified
2024-08-08 00:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.
References
► | URL | Tags | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:31:48.137Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "11501", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/11501" }, { "name": "MDKSA-2004:113", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113" }, { "name": "GLSA-200410-20", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml" }, { "name": "GLSA-200410-30", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml" }, { "name": "xpdf-pdf-file-bo(17819)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17819" }, { "name": "SUSE-SA:2004:039", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-10-21T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "11501", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/11501" }, { "name": "MDKSA-2004:113", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113" }, { "name": "GLSA-200410-20", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml" }, { "name": "GLSA-200410-30", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml" }, { "name": "xpdf-pdf-file-bo(17819)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17819" }, { "name": "SUSE-SA:2004:039", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0889", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "11501", "refsource": "BID", "url": "http://www.securityfocus.com/bid/11501" }, { "name": "MDKSA-2004:113", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113" }, { "name": "GLSA-200410-20", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml" }, { "name": "GLSA-200410-30", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml" }, { "name": "xpdf-pdf-file-bo(17819)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17819" }, { "name": "SUSE-SA:2004:039", "refsource": "SUSE", "url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0889", "datePublished": "2004-10-26T04:00:00", "dateReserved": "2004-09-22T00:00:00", "dateUpdated": "2024-08-08T00:31:48.137Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-7868 (GCVE-0-2024-7868)
Vulnerability from cvelistv5
Published
2024-08-15 20:22
Modified
2024-08-15 20:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-908 - Use of Uninitialized Resource
Summary
In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address.
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-7868", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-15T20:33:27.606080Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-15T20:33:39.716Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "all" ], "product": "Xpdf", "vendor": "Xpdf", "versions": [ { "lessThanOrEqual": "4.05", "status": "affected", "version": "0", "versionType": "Version" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "KMFL" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address.\u003cbr\u003e" } ], "value": "In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address." } ], "metrics": [ { "cvssV4_0": { "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 2.1, "baseSeverity": "LOW", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-908", "description": "CWE-908 Use of Uninitialized Resource", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-15T20:22:52.873Z", "orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "shortName": "GandC" }, "references": [ { "url": "https://www.xpdfreader.com/security-bug/CVE-2024-7868.html" } ], "source": { "discovery": "UNKNOWN" }, "title": "Uninitialized variable in Xpdf 4.05 due to invalid JPEG header", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "assignerShortName": "GandC", "cveId": "CVE-2024-7868", "datePublished": "2024-08-15T20:22:52.873Z", "dateReserved": "2024-08-15T20:15:02.215Z", "dateUpdated": "2024-08-15T20:33:39.716Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2023-3436 (GCVE-0-2023-3436)
Vulnerability from cvelistv5
Published
2023-06-27 20:55
Modified
2024-11-07 17:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-833 - Deadlock
Summary
Xpdf 4.04 will deadlock on a PDF object stream whose "Length" field is itself in another object stream.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T06:55:03.471Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://forum.xpdfreader.com/viewtopic.php?t=42618" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:xpdfreader:xpdf:4.04:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "xpdf", "vendor": "xpdfreader", "versions": [ { "status": "affected", "version": "4.04" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-3436", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-07T16:57:28.396828Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-07T17:00:22.993Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "all" ], "product": "Xpdf", "vendor": "Xpdf", "versions": [ { "status": "affected", "version": "4.04" } ] } ], "credits": [ { "lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Jiahao Liu" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cdiv\u003eXpdf 4.04 will deadlock on a PDF object stream whose \"Length\" field is itself in another object stream.\u003c/div\u003e" } ], "value": "Xpdf 4.04 will deadlock on a PDF object stream whose \"Length\" field is itself in another object stream.\n\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-833", "description": "CWE-833 Deadlock", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-27T20:55:27.693Z", "orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "shortName": "GandC" }, "references": [ { "url": "https://forum.xpdfreader.com/viewtopic.php?t=42618" } ], "source": { "discovery": "UNKNOWN" }, "title": "Deadlock in Xpdf 4.04 due to PDF object stream references", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "assignerShortName": "GandC", "cveId": "CVE-2023-3436", "datePublished": "2023-06-27T20:55:21.049Z", "dateReserved": "2023-06-27T20:43:04.057Z", "dateUpdated": "2024-11-07T17:00:22.993Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0728 (GCVE-0-2000-0728)
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
xpdf PDF viewer client earlier than 0.91 allows local users to overwrite arbitrary files via a symlink attack.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:28:41.285Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20000829 MDKSA-2000:041 - xpdf update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=96766355023239\u0026w=2" }, { "name": "20000913 Conectiva Linux Security Announcement - xpdf", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=96886599829687\u0026w=2" }, { "name": "1624", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1624" }, { "name": "CSSA-2000-031.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-031.0.txt" }, { "name": "RHSA-2000:060", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-060.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-08-29T00:00:00", "descriptions": [ { "lang": "en", "value": "xpdf PDF viewer client earlier than 0.91 allows local users to overwrite arbitrary files via a symlink attack." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20000829 MDKSA-2000:041 - xpdf update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=96766355023239\u0026w=2" }, { "name": "20000913 Conectiva Linux Security Announcement - xpdf", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=96886599829687\u0026w=2" }, { "name": "1624", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1624" }, { "name": "CSSA-2000-031.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-031.0.txt" }, { "name": "RHSA-2000:060", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-060.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0728", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "xpdf PDF viewer client earlier than 0.91 allows local users to overwrite arbitrary files via a symlink attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20000829 MDKSA-2000:041 - xpdf update", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=96766355023239\u0026w=2" }, { "name": "20000913 Conectiva Linux Security Announcement - xpdf", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=96886599829687\u0026w=2" }, { "name": "1624", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1624" }, { "name": "CSSA-2000-031.0", "refsource": "CALDERA", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-031.0.txt" }, { "name": "RHSA-2000:060", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-060.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0728", "datePublished": "2000-10-13T04:00:00", "dateReserved": "2000-09-19T00:00:00", "dateUpdated": "2024-08-08T05:28:41.285Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2005-3191 (GCVE-0-2005-3191)
Vulnerability from cvelistv5
Published
2005-12-07 01:00
Modified
2024-08-07 23:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KDE kpdf, (d) pdftohtml, (e) KOffice KWord, (f) CUPS, and (g) libextractor allow user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with an out-of-range number of components (numComps), which is used as an array index.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T23:01:58.841Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "234", "tags": [ "third-party-advisory", "x_refsource_SREASON", "x_transferred" ], "url": "http://securityreason.com/securityalert/234" }, { "name": "17929", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17929" }, { "name": "19797", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19797" }, { "name": "SCOSA-2006.20", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt" }, { "name": "233", "tags": [ "third-party-advisory", "x_refsource_SREASON", "x_transferred" ], "url": "http://securityreason.com/securityalert/233" }, { "name": "DSA-932", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18349" }, { "name": "18147", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18147" }, { "name": "SCOSA-2006.15", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "name": "18055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18055" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.kde.org/info/security/advisory-20051207-1.txt" }, { "name": "18503", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18503" }, { "name": "18549", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18549" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18679" }, { "name": "18189", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18189" }, { "name": "26413", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/26413" }, { "name": "17940", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17940" }, { "name": "oval:org.mitre.oval:def:9760", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9760" }, { "name": "xpdf-dctstream-baseline-bo(23444)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23444" }, { "name": "18303", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289" }, { "name": "19230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "MDKSA-2006:012", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "name": "DSA-962", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "name": "1015309", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1015309" }, { "name": "DSA-937", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-937" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "SUSE-SA:2006:001", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "17916", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17916" }, { "name": "20051205 Multiple Vendor xpdf DCTStream Progressive Heap Overflow", "tags": [ "third-party-advisory", "x_refsource_IDEFENSE", "x_transferred" ], "url": "http://www.idefense.com/application/poi/display?id=343\u0026type=vulnerabilities" }, { "name": "RHSA-2005:840", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-840.html" }, { "name": "ADV-2005-2789", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2005/2789" }, { "name": "RHSA-2005:867", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-867.html" }, { "name": "18674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18313" }, { "name": "15727", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/15727" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-1609" }, { "name": "RHSA-2005:868", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2005-868.html" }, { "name": "20051201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18448" }, { "name": "18436", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18436" }, { "name": "18428", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18428" }, { "name": "18380", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18380" }, { "name": "GLSA-200512-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml" }, { "name": "FEDORA-2005-1126", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html" }, { "name": "18416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18416" }, { "name": "ADV-2007-2280", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "15726", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/15726" }, { "name": "GLSA-200601-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "FEDORA-2005-1142", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html" }, { "name": "18336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18336" }, { "name": "18061", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18061" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18407" }, { "name": "18009", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18009" }, { "name": "17908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17908" }, { "name": "USN-227-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntulinux.org/usn/usn-227-1" }, { "name": "17897", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17897" }, { "name": "Multiple Vendor xpdf DCTStream Baseline Heap Overflow Vulnerability", "tags": [ "third-party-advisory", "x_refsource_IDEFENSE", "x_transferred" ], "url": "http://www.idefense.com/application/poi/display?id=342\u0026type=vulnerabilities" }, { "name": "18517", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18582" }, { "name": "SUSE-SR:2006:002", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_02_sr.html" }, { "name": "18534", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18534" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "TSLSA-2005-0072", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred" ], "url": "http://www.trustix.org/errata/2005/0072/" }, { "name": "FEDORA-2005-1127", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html" }, { "name": "20051207 [KDE Security Advisory] multiple buffer overflows in kpdf/koffice", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/418883/100/0/threaded" }, { "name": "xpdf-dctstream-progressive-bo(23443)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23443" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18908" }, { "name": "25729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/25729" }, { "name": "ADV-2005-2786", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2005/2786" }, { "name": "MDKSA-2006:006", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "ADV-2005-2788", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2005/2788" }, { "name": "17926", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17926" }, { "name": "19798", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19798" }, { "name": "MDKSA-2006:008", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "18191", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18191" }, { "name": "20060201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "17912", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17912" }, { "name": "MDKSA-2006:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "17921", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17921" }, { "name": "DSA-940", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-940" }, { "name": "MDKSA-2006:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "ADV-2005-2790", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2005/2790" }, { "name": "18389", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18389" }, { "name": "18192", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18192" }, { "name": "ADV-2005-2856", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2005/2856" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19377" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "SCOSA-2006.21", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt" }, { "name": "18675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18675" }, { "name": "1015324", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1015324" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18913" }, { "name": "DSA-938", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-938" }, { "name": "SUSE-SR:2005:029", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2005_29_sr.html" }, { "name": "ADV-2005-2787", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2005/2787" }, { "name": "RHSA-2005:878", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-878.html" }, { "name": "FEDORA-2005-1141", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html" }, { "name": "17920", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17920" }, { "name": "DSA-950", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "17955", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17955" }, { "name": "17976", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17976" }, { "name": "18387", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18387" }, { "name": "MDKSA-2006:011", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18385" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2005-12-05T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KDE kpdf, (d) pdftohtml, (e) KOffice KWord, (f) CUPS, and (g) libextractor allow user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with an out-of-range number of components (numComps), which is used as an array index." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-19T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "234", "tags": [ "third-party-advisory", "x_refsource_SREASON" ], "url": "http://securityreason.com/securityalert/234" }, { "name": "17929", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17929" }, { "name": "19797", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19797" }, { "name": "SCOSA-2006.20", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt" }, { "name": "233", "tags": [ "third-party-advisory", "x_refsource_SREASON" ], "url": "http://securityreason.com/securityalert/233" }, { "name": "DSA-932", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18349" }, { "name": "18147", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18147" }, { "name": "SCOSA-2006.15", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "name": "18055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18055" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.kde.org/info/security/advisory-20051207-1.txt" }, { "name": "18503", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18503" }, { "name": "18549", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18549" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18679" }, { "name": "18189", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18189" }, { "name": "26413", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/26413" }, { "name": "17940", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17940" }, { "name": "oval:org.mitre.oval:def:9760", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9760" }, { "name": "xpdf-dctstream-baseline-bo(23444)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23444" }, { "name": "18303", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "tags": [ "x_refsource_MISC" ], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289" }, { "name": "19230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "MDKSA-2006:012", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "name": "DSA-962", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "name": "1015309", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1015309" }, { "name": "DSA-937", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-937" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "SUSE-SA:2006:001", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "17916", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17916" }, { "name": "20051205 Multiple Vendor xpdf DCTStream Progressive Heap Overflow", "tags": [ "third-party-advisory", "x_refsource_IDEFENSE" ], "url": "http://www.idefense.com/application/poi/display?id=343\u0026type=vulnerabilities" }, { "name": "RHSA-2005:840", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-840.html" }, { "name": "ADV-2005-2789", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2005/2789" }, { "name": "RHSA-2005:867", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-867.html" }, { "name": "18674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18313" }, { "name": "15727", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/15727" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-1609" }, { "name": "RHSA-2005:868", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2005-868.html" }, { "name": "20051201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18448" }, { "name": "18436", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18436" }, { "name": "18428", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18428" }, { "name": "18380", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18380" }, { "name": "GLSA-200512-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml" }, { "name": "FEDORA-2005-1126", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html" }, { "name": "18416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18416" }, { "name": "ADV-2007-2280", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "15726", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/15726" }, { "name": "GLSA-200601-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "FEDORA-2005-1142", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html" }, { "name": "18336", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18336" }, { "name": "18061", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18061" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18407" }, { "name": "18009", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18009" }, { "name": "17908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17908" }, { "name": "USN-227-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntulinux.org/usn/usn-227-1" }, { "name": "17897", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17897" }, { "name": "Multiple Vendor xpdf DCTStream Baseline Heap Overflow Vulnerability", "tags": [ "third-party-advisory", "x_refsource_IDEFENSE" ], "url": "http://www.idefense.com/application/poi/display?id=342\u0026type=vulnerabilities" }, { "name": "18517", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18582" }, { "name": "SUSE-SR:2006:002", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_02_sr.html" }, { "name": "18534", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18534" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "TSLSA-2005-0072", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX" ], "url": "http://www.trustix.org/errata/2005/0072/" }, { "name": "FEDORA-2005-1127", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html" }, { "name": "20051207 [KDE Security Advisory] multiple buffer overflows in kpdf/koffice", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/418883/100/0/threaded" }, { "name": "xpdf-dctstream-progressive-bo(23443)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23443" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18908" }, { "name": "25729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/25729" }, { "name": "ADV-2005-2786", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2005/2786" }, { "name": "MDKSA-2006:006", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "ADV-2005-2788", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2005/2788" }, { "name": "17926", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17926" }, { "name": "19798", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19798" }, { "name": "MDKSA-2006:008", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "18191", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18191" }, { "name": "20060201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "17912", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17912" }, { "name": "MDKSA-2006:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "17921", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17921" }, { "name": "DSA-940", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-940" }, { "name": "MDKSA-2006:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "ADV-2005-2790", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2005/2790" }, { "name": "18389", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18389" }, { "name": "18192", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18192" }, { "name": "ADV-2005-2856", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2005/2856" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19377" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "SCOSA-2006.21", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt" }, { "name": "18675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18675" }, { "name": "1015324", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1015324" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18913" }, { "name": "DSA-938", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-938" }, { "name": "SUSE-SR:2005:029", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2005_29_sr.html" }, { "name": "ADV-2005-2787", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2005/2787" }, { "name": "RHSA-2005:878", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-878.html" }, { "name": "FEDORA-2005-1141", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html" }, { "name": "17920", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17920" }, { "name": "DSA-950", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "17955", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17955" }, { "name": "17976", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17976" }, { "name": "18387", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18387" }, { "name": "MDKSA-2006:011", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18385" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-3191", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KDE kpdf, (d) pdftohtml, (e) KOffice KWord, (f) CUPS, and (g) libextractor allow user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with an out-of-range number of components (numComps), which is used as an array index." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "234", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/234" }, { "name": "17929", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17929" }, { "name": "19797", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19797" }, { "name": "SCOSA-2006.20", "refsource": "SCO", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt" }, { "name": "233", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/233" }, { "name": "DSA-932", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18349" }, { "name": "18147", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18147" }, { "name": "SCOSA-2006.15", "refsource": "SCO", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "name": "18055", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18055" }, { "name": "http://www.kde.org/info/security/advisory-20051207-1.txt", "refsource": "CONFIRM", "url": "http://www.kde.org/info/security/advisory-20051207-1.txt" }, { "name": "18503", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18503" }, { "name": "18549", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18549" }, { "name": "http://www.kde.org/info/security/advisory-20051207-2.txt", "refsource": "CONFIRM", "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18679" }, { "name": "18189", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18189" }, { "name": "26413", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26413" }, { "name": "17940", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17940" }, { "name": "oval:org.mitre.oval:def:9760", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9760" }, { "name": "xpdf-dctstream-baseline-bo(23444)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23444" }, { "name": "18303", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289", "refsource": "MISC", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289" }, { "name": "19230", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "MDKSA-2006:012", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "name": "DSA-962", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-962" }, { "name": "1015309", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1015309" }, { "name": "DSA-937", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2005/dsa-937" }, { "name": "18398", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "refsource": "FEDORA", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "SUSE-SA:2006:001", "refsource": "SUSE", "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "17916", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17916" }, { "name": "20051205 Multiple Vendor xpdf DCTStream Progressive Heap Overflow", "refsource": "IDEFENSE", "url": "http://www.idefense.com/application/poi/display?id=343\u0026type=vulnerabilities" }, { "name": "RHSA-2005:840", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-840.html" }, { "name": "ADV-2005-2789", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2005/2789" }, { "name": "RHSA-2005:867", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-867.html" }, { "name": "18674", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18313" }, { "name": "15727", "refsource": "BID", "url": "http://www.securityfocus.com/bid/15727" }, { "name": "https://issues.rpath.com/browse/RPL-1609", "refsource": "CONFIRM", "url": "https://issues.rpath.com/browse/RPL-1609" }, { "name": "RHSA-2005:868", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2005-868.html" }, { "name": "20051201-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18448" }, { "name": "18436", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18436" }, { "name": "18428", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18428" }, { "name": "18380", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18380" }, { "name": "GLSA-200512-08", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml" }, { "name": "FEDORA-2005-1126", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html" }, { "name": "18416", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18416" }, { "name": "ADV-2007-2280", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "15726", "refsource": "BID", "url": "http://www.securityfocus.com/bid/15726" }, { "name": "GLSA-200601-02", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "FEDORA-2005-1142", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html" }, { "name": "18336", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18336" }, { "name": "18061", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18061" }, { "name": "18407", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18407" }, { "name": "18009", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18009" }, { "name": "17908", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17908" }, { "name": "USN-227-1", "refsource": "UBUNTU", "url": "http://www.ubuntulinux.org/usn/usn-227-1" }, { "name": "17897", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17897" }, { "name": "Multiple Vendor xpdf DCTStream Baseline Heap Overflow Vulnerability", "refsource": "IDEFENSE", "url": "http://www.idefense.com/application/poi/display?id=342\u0026type=vulnerabilities" }, { "name": "18517", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18582" }, { "name": "SUSE-SR:2006:002", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2006_02_sr.html" }, { "name": "18534", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18534" }, { "name": "SSA:2006-045-09", "refsource": "SLACKWARE", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "TSLSA-2005-0072", "refsource": "TRUSTIX", "url": "http://www.trustix.org/errata/2005/0072/" }, { "name": "FEDORA-2005-1127", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html" }, { "name": "20051207 [KDE Security Advisory] multiple buffer overflows in kpdf/koffice", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/418883/100/0/threaded" }, { "name": "xpdf-dctstream-progressive-bo(23443)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23443" }, { "name": "18908", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18908" }, { "name": "25729", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25729" }, { "name": "ADV-2005-2786", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2005/2786" }, { "name": "MDKSA-2006:006", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "ADV-2005-2788", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2005/2788" }, { "name": "17926", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17926" }, { "name": "19798", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19798" }, { "name": "MDKSA-2006:008", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "18191", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18191" }, { "name": "20060201-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "17912", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17912" }, { "name": "MDKSA-2006:010", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "17921", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17921" }, { "name": "DSA-940", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2005/dsa-940" }, { "name": "MDKSA-2006:004", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "ADV-2005-2790", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2005/2790" }, { "name": "18389", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18389" }, { "name": "18192", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18192" }, { "name": "ADV-2005-2856", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2005/2856" }, { "name": "SSA:2006-045-04", "refsource": "SLACKWARE", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19377" }, { "name": "FLSA:175404", "refsource": "FEDORA", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "SCOSA-2006.21", "refsource": "SCO", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt" }, { "name": "18675", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18675" }, { "name": "1015324", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1015324" }, { "name": "18913", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18913" }, { "name": "DSA-938", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2005/dsa-938" }, { "name": "SUSE-SR:2005:029", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2005_29_sr.html" }, { "name": "ADV-2005-2787", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2005/2787" }, { "name": "RHSA-2005:878", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-878.html" }, { "name": "FEDORA-2005-1141", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html" }, { "name": "17920", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17920" }, { "name": "DSA-950", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "17955", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17955" }, { "name": "17976", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17976" }, { "name": "18387", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18387" }, { "name": "MDKSA-2006:011", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18385" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-3191", "datePublished": "2005-12-07T01:00:00", "dateReserved": "2005-10-14T00:00:00", "dateUpdated": "2024-08-07T23:01:58.841Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Vulnerability from fkie_nvd
Published
2005-04-27 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2005:041 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2005:042 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2005:043 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2005:044 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2005:052 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2005:056 | ||
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-034.html | ||
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-053.html | ||
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-057.html | ||
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-132.html | ||
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-213.html | Patch, Vendor Advisory | |
cve@mitre.org | http://www.securityfocus.com/bid/11501 | Patch, Vendor Advisory | |
cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/17818 | ||
cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2005:041 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2005:042 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2005:043 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2005:044 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2005:052 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2005:056 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-034.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-053.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-057.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-132.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-213.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/11501 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/17818 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107 |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
ascii | ptex | 3.1.4 | |
cstex | cstetex | 2.0.2 | |
easy_software_products | cups | 1.0.4 | |
easy_software_products | cups | 1.0.4_8 | |
easy_software_products | cups | 1.1.1 | |
easy_software_products | cups | 1.1.4 | |
easy_software_products | cups | 1.1.4_2 | |
easy_software_products | cups | 1.1.4_3 | |
easy_software_products | cups | 1.1.4_5 | |
easy_software_products | cups | 1.1.6 | |
easy_software_products | cups | 1.1.7 | |
easy_software_products | cups | 1.1.10 | |
easy_software_products | cups | 1.1.12 | |
easy_software_products | cups | 1.1.13 | |
easy_software_products | cups | 1.1.14 | |
easy_software_products | cups | 1.1.15 | |
easy_software_products | cups | 1.1.16 | |
easy_software_products | cups | 1.1.17 | |
easy_software_products | cups | 1.1.18 | |
easy_software_products | cups | 1.1.19 | |
easy_software_products | cups | 1.1.19_rc5 | |
easy_software_products | cups | 1.1.20 | |
gnome | gpdf | 0.110 | |
gnome | gpdf | 0.112 | |
gnome | gpdf | 0.131 | |
kde | koffice | 1.3 | |
kde | koffice | 1.3.1 | |
kde | koffice | 1.3.2 | |
kde | koffice | 1.3.3 | |
kde | koffice | 1.3_beta1 | |
kde | koffice | 1.3_beta2 | |
kde | koffice | 1.3_beta3 | |
kde | kpdf | 3.2 | |
pdftohtml | pdftohtml | 0.32a | |
pdftohtml | pdftohtml | 0.32b | |
pdftohtml | pdftohtml | 0.33 | |
pdftohtml | pdftohtml | 0.33a | |
pdftohtml | pdftohtml | 0.34 | |
pdftohtml | pdftohtml | 0.35 | |
pdftohtml | pdftohtml | 0.36 | |
sgi | propack | 3.0 | |
tetex | tetex | 1.0.6 | |
tetex | tetex | 1.0.7 | |
tetex | tetex | 2.0 | |
tetex | tetex | 2.0.1 | |
tetex | tetex | 2.0.2 | |
xpdf | xpdf | 0.90 | |
xpdf | xpdf | 0.91 | |
xpdf | xpdf | 0.92 | |
xpdf | xpdf | 0.93 | |
xpdf | xpdf | 1.0 | |
xpdf | xpdf | 1.0a | |
xpdf | xpdf | 1.1 | |
xpdf | xpdf | 2.0 | |
xpdf | xpdf | 2.1 | |
xpdf | xpdf | 2.3 | |
xpdf | xpdf | 3.0 | |
sgi | advanced_linux_environment | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
gentoo | linux | * | |
kde | kde | 3.2 | |
kde | kde | 3.2.1 | |
kde | kde | 3.2.2 | |
kde | kde | 3.2.3 | |
kde | kde | 3.3 | |
kde | kde | 3.3.1 | |
mandrakesoft | mandrake_linux_corporate_server | 3.0 | |
mandrakesoft | mandrake_linux_corporate_server | 3.0 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux_desktop | 3.0 | |
redhat | fedora_core | core_1.0 | |
redhat | fedora_core | core_2.0 | |
redhat | fedora_core | core_3.0 | |
redhat | linux | 9.0 | |
redhat | linux_advanced_workstation | 2.1 | |
redhat | linux_advanced_workstation | 2.1 | |
suse | suse_linux | 1.0 | |
suse | suse_linux | 2.0 | |
suse | suse_linux | 3.0 | |
suse | suse_linux | 4.0 | |
suse | suse_linux | 4.2 | |
suse | suse_linux | 4.3 | |
suse | suse_linux | 4.4 | |
suse | suse_linux | 4.4.1 | |
suse | suse_linux | 5.0 | |
suse | suse_linux | 5.1 | |
suse | suse_linux | 5.2 | |
suse | suse_linux | 5.3 | |
suse | suse_linux | 6.0 | |
suse | suse_linux | 6.1 | |
suse | suse_linux | 6.1 | |
suse | suse_linux | 6.2 | |
suse | suse_linux | 6.3 | |
suse | suse_linux | 6.3 | |
suse | suse_linux | 6.3 | |
suse | suse_linux | 6.4 | |
suse | suse_linux | 6.4 | |
suse | suse_linux | 6.4 | |
suse | suse_linux | 6.4 | |
suse | suse_linux | 7.0 | |
suse | suse_linux | 7.0 | |
suse | suse_linux | 7.0 | |
suse | suse_linux | 7.0 | |
suse | suse_linux | 7.0 | |
suse | suse_linux | 7.1 | |
suse | suse_linux | 7.1 | |
suse | suse_linux | 7.1 | |
suse | suse_linux | 7.1 | |
suse | suse_linux | 7.1 | |
suse | suse_linux | 7.2 | |
suse | suse_linux | 7.2 | |
suse | suse_linux | 7.3 | |
suse | suse_linux | 7.3 | |
suse | suse_linux | 7.3 | |
suse | suse_linux | 7.3 | |
suse | suse_linux | 8.0 | |
suse | suse_linux | 8.0 | |
suse | suse_linux | 8.1 | |
suse | suse_linux | 8.2 | |
suse | suse_linux | 9.0 | |
suse | suse_linux | 9.0 | |
suse | suse_linux | 9.1 | |
suse | suse_linux | 9.1 | |
suse | suse_linux | 9.2 | |
suse | suse_linux | 9.2 | |
ubuntu | ubuntu_linux | 4.1 | |
ubuntu | ubuntu_linux | 4.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ascii:ptex:3.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "4AE020D3-0F38-4F53-AFB7-B4E98EAC659F", "vulnerable": true }, { "criteria": "cpe:2.3:a:cstex:cstetex:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E16058D9-AC8B-4A7C-865F-93B476348363", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "68BD578F-CCAD-4515-9205-EB4F297C6DB4", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4_8:*:*:*:*:*:*:*", "matchCriteriaId": "F3182CA2-7375-43BC-A0E5-DE11D4B65EE3", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCF4C8D0-3030-4DD5-800B-76A582A4CD0C", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "734D0C2C-F71F-461A-87EE-202C6B706753", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_2:*:*:*:*:*:*:*", "matchCriteriaId": "3F0F402D-5CD0-4477-8B59-C753CECB02BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_3:*:*:*:*:*:*:*", "matchCriteriaId": "959F7AFA-ED20-434C-993F-06C2A8574662", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_5:*:*:*:*:*:*:*", "matchCriteriaId": "D4F5A0A4-2884-46CA-A846-8B954EB80CFA", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "1741CC9D-C4A8-48F9-86CF-EC20AE2A6BE7", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "35E65857-12C7-49DE-AD27-3CACD456231C", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "47CEF035-57A6-470B-916A-E5562C28E866", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "4E26BB15-4CF8-4496-A7F7-EB34C444EF72", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.13:*:*:*:*:*:*:*", "matchCriteriaId": "D414984E-4F6B-4278-8346-968587E4B18E", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.14:*:*:*:*:*:*:*", "matchCriteriaId": "33C36DCB-2FDD-44E6-85E8-875575AAE69E", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.15:*:*:*:*:*:*:*", "matchCriteriaId": "7C4B7C23-0C54-4FBA-A774-9CC1E148376E", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.16:*:*:*:*:*:*:*", "matchCriteriaId": "9FA0EF14-33E6-4D44-B86E-F04014EA3C8F", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.17:*:*:*:*:*:*:*", "matchCriteriaId": "A5428EE6-F90A-4BB6-9D8C-8B99E80AB6DF", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.18:*:*:*:*:*:*:*", "matchCriteriaId": "A786A770-919E-4E23-949D-D836F316618A", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19:*:*:*:*:*:*:*", "matchCriteriaId": "00A2249C-73DE-434E-A41F-4EDB0ADC0845", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19_rc5:*:*:*:*:*:*:*", "matchCriteriaId": "73AB4D3D-FF35-4A50-A144-3AD41F6F2E55", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.20:*:*:*:*:*:*:*", "matchCriteriaId": "FB7653F1-70E2-423F-A6A9-30333644B506", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnome:gpdf:0.110:*:*:*:*:*:*:*", "matchCriteriaId": "1CB6AE42-D493-43E5-A97C-76C8450E5881", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnome:gpdf:0.112:*:*:*:*:*:*:*", "matchCriteriaId": "2E70576E-C253-4F8B-A93E-14CC2EE7114D", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnome:gpdf:0.131:*:*:*:*:*:*:*", "matchCriteriaId": "832C5512-B473-40E8-BF4F-EC6ABFE46749", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "053435DD-BFDF-4C39-9919-11C42D569085", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "E9BB1A3C-3348-4545-A513-E504B33F72AB", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "CD45E2C8-0B0E-484F-8050-94BF77798183", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "4EAA654E-9DD4-4614-92D7-EF4D676B3A18", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3_beta1:*:*:*:*:*:*:*", "matchCriteriaId": "89C96FC9-40DB-467D-A701-49F97A1B887D", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3_beta2:*:*:*:*:*:*:*", "matchCriteriaId": "76128BDC-2CA7-4AE7-8C4F-BCB3835CA938", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3_beta3:*:*:*:*:*:*:*", "matchCriteriaId": "0B2517C7-27EF-4961-91C3-CA33219AFF2E", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.32a:*:*:*:*:*:*:*", "matchCriteriaId": "EE346726-71D6-438B-B600-A7E107332816", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.32b:*:*:*:*:*:*:*", "matchCriteriaId": "87E85020-B4DB-4011-BDD0-1C8967D45A84", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.33:*:*:*:*:*:*:*", "matchCriteriaId": "8189A9AB-F685-40E2-944F-8BD3DD6FA0A2", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.33a:*:*:*:*:*:*:*", "matchCriteriaId": "C33B8585-FA5F-4210-A997-615BCEE1726F", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.34:*:*:*:*:*:*:*", "matchCriteriaId": "F4AE4C34-C497-426F-AC0D-1805A50582EF", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.35:*:*:*:*:*:*:*", "matchCriteriaId": "A2989EFF-07B9-4EF2-B6C1-59E4F52FDC92", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.36:*:*:*:*:*:*:*", "matchCriteriaId": "A3970101-5E83-49FD-BCB6-D9176D46B5A4", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "739A56F5-B19A-4B92-B9CB-04ECE4FFE204", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*", "matchCriteriaId": "28CC6233-E207-40CC-81FF-A8670EEA4295", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.91:*:*:*:*:*:*:*", "matchCriteriaId": "64DD9B5C-3DB8-4E15-B4A6-541E4E221C1D", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.92:*:*:*:*:*:*:*", "matchCriteriaId": "0304E1E3-8766-40D0-8879-A652B4E9E72D", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.93:*:*:*:*:*:*:*", "matchCriteriaId": "188F1343-8082-4B54-8DA4-E344818ABD52", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "B95DA7DE-B786-4EE7-A3F4-C077A7986D5F", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:1.0a:*:*:*:*:*:*:*", "matchCriteriaId": "C5306C05-4A71-4175-8C22-F2DE0F2FE4C4", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3B9DEF16-ECD5-4BBE-8986-52A6171B3D9F", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "CFFDBEEC-B2C1-47F0-82D3-FC9147B590A9", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "354487CF-0086-4AE2-872B-0032E3EB89EE", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "1169B802-7279-437F-AF59-621A67DC92EC", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:advanced_linux_environment:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "A05AC3EE-6292-4ECC-9680-048A12FCE723", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*", "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*", "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*", "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*", "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*", "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*", "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*", "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*", "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "82F69843-978D-4686-BC5B-1D09DA4A21BD", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "81E19472-47B4-4398-A188-CA5A5D3E7060", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*", "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*", "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*", "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*", "matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*", "matchCriteriaId": "DB89C970-DE94-4E09-A90A-077DB83AD156", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*", "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*", "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "111575DE-98A2-4C54-BDE1-CACC74D22B35", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "1976D15D-9EE6-4A49-B59F-34F0505FD5BC", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "962FC8D7-BE5D-4E7D-9ADC-511681C593BF", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "451453AC-65FF-4E3B-9AC1-2DDB2E2182E4", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "7716120D-5110-42B0-A574-9AA2AC8D3C32", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "CB4C8426-CAF2-4366-94C0-1BA1C544FB6F", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:4.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "5CC7D746-B98B-4FAF-B816-57222759A344", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "830D48B8-D21D-4D31-99A1-20C231804DBE", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "5C0BBDD2-9FF9-4CB7-BCAF-D4AF15DC2C7C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "D1C826AA-6E2F-4DAC-A7A2-9F47729B5DA5", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "BCC94EF9-5872-402F-B2FC-06331A924BB2", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "F163E145-09F7-4BE2-9B46-5B6713070BAB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.1:alpha:*:*:*:*:*:*", "matchCriteriaId": "C7F08806-9458-439A-8EAE-2553122262ED", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "1B67020A-6942-4478-B501-764147C4970D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:ppc:*:*:*:*:*", "matchCriteriaId": "E74E0A28-7C78-4160-8BCF-99605285C0EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.3:alpha:*:*:*:*:*:*", "matchCriteriaId": "76159C25-0760-47CB-AFCE-28306CDEA830", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:i386:*:*:*:*:*", "matchCriteriaId": "8A206E1C-C2EC-4356-8777-B18D7069A4C3", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:ppc:*:*:*:*:*", "matchCriteriaId": "6E2FE291-1142-4627-A497-C0BB0D934A0B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:alpha:*:*:*:*:*:*", "matchCriteriaId": "49BC7C7E-046C-4186-822E-9F3A2AD3577B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:i386:*:*:*:*:*", "matchCriteriaId": "2FE69F6F-6B17-4C87-ACA4-A2A1FB47206A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "467A30EB-CB8F-4928-AC8F-F659084A9E2B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "714C1439-AB8E-4A8B-A783-D60E9DDC38D4", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:alpha:*:*:*:*:*:*", "matchCriteriaId": "62CAE5B0-4D46-4A93-A343-C8E9CB574C62", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "819868A7-EB1E-4CA9-8D71-72F194E5EFEB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:spa:*:*:*:*:*", "matchCriteriaId": "FB647A8B-ADB9-402B-96E1-45321C75731B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "0944FD27-736E-4B55-8D96-9F2CA9BB9B05", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:x86:*:*:*:*:*", "matchCriteriaId": "373BB5AC-1F38-4D0A-97DC-08E9654403EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:alpha:*:*:*:*:*:*", "matchCriteriaId": "B5E71DA3-F4A0-46AF-92A2-E691C7A65528", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0519FF7D-363E-4530-9E63-6EA3E88432DC", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:i386:*:*:*:*:*", "matchCriteriaId": "1975A2DD-EB22-4ED3-8719-F78AA7F414B2", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "FAE3FF4F-646F-4E05-A08A-C9399DEF60F1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "19F606EE-530F-4C06-82DB-52035EE03FA3", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:ppc:*:*:*:*:*", "matchCriteriaId": "A0E896D5-0005-4E7E-895D-B202AFCE09A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:sparc:*:*:*:*:*", "matchCriteriaId": "5A8B313F-93C7-4558-9571-DE1111487E17", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*", "matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*", "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities." }, { "lang": "es", "value": "El parche para corregir las vulnerabilidades de desbordamiento de entero en Xpdf 2.0 y 3.0 (CAN-2004-0888) es incompleto para arquitecturas de 64 bits en ciertas distribuciones de Linux como Red Hat, lo que podr\u00eda dejar a los usuarios de Xpdf expuestos a las vulnerabilidades originales." } ], "id": "CVE-2005-0206", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-04-27T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-132.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-213.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/11501" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-132.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-213.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/11501" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2007-11-08 02:46
Modified
2025-04-09 00:30
Severity ?
Summary
Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter.
References
▶ | URL | Tags | |
---|---|---|---|
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/26503 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27260 | Patch, Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27553 | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27573 | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27574 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27575 | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27577 | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27578 | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27579 | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27599 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27615 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27618 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27619 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27632 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27634 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27636 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27637 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27640 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27641 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27642 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27645 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27656 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27658 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27705 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27718 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27721 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27724 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27743 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27772 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27856 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/28043 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/28812 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/29104 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/29604 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/30168 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/secunia_research/2007-88/advisory/ | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://security.gentoo.org/glsa/glsa-200711-22.xml | ||
PSIRT-CNA@flexerasoftware.com | http://security.gentoo.org/glsa/glsa-200711-34.xml | ||
PSIRT-CNA@flexerasoftware.com | http://security.gentoo.org/glsa/glsa-200805-13.xml | ||
PSIRT-CNA@flexerasoftware.com | http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882 | ||
PSIRT-CNA@flexerasoftware.com | http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm | ||
PSIRT-CNA@flexerasoftware.com | http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html | ||
PSIRT-CNA@flexerasoftware.com | http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html | ||
PSIRT-CNA@flexerasoftware.com | http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html | ||
PSIRT-CNA@flexerasoftware.com | http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html | ||
PSIRT-CNA@flexerasoftware.com | http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html | ||
PSIRT-CNA@flexerasoftware.com | http://www.debian.org/security/2007/dsa-1408 | ||
PSIRT-CNA@flexerasoftware.com | http://www.debian.org/security/2008/dsa-1480 | ||
PSIRT-CNA@flexerasoftware.com | http://www.debian.org/security/2008/dsa-1509 | ||
PSIRT-CNA@flexerasoftware.com | http://www.debian.org/security/2008/dsa-1537 | ||
PSIRT-CNA@flexerasoftware.com | http://www.kde.org/info/security/advisory-20071107-1.txt | ||
PSIRT-CNA@flexerasoftware.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:219 | ||
PSIRT-CNA@flexerasoftware.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:220 | ||
PSIRT-CNA@flexerasoftware.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:221 | ||
PSIRT-CNA@flexerasoftware.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:222 | ||
PSIRT-CNA@flexerasoftware.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:223 | ||
PSIRT-CNA@flexerasoftware.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:227 | ||
PSIRT-CNA@flexerasoftware.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:228 | ||
PSIRT-CNA@flexerasoftware.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:230 | ||
PSIRT-CNA@flexerasoftware.com | http://www.novell.com/linux/security/advisories/2007_60_pdf.html | ||
PSIRT-CNA@flexerasoftware.com | http://www.redhat.com/support/errata/RHSA-2007-1021.html | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://www.redhat.com/support/errata/RHSA-2007-1022.html | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://www.redhat.com/support/errata/RHSA-2007-1023.html | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://www.redhat.com/support/errata/RHSA-2007-1024.html | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://www.redhat.com/support/errata/RHSA-2007-1025.html | ||
PSIRT-CNA@flexerasoftware.com | http://www.redhat.com/support/errata/RHSA-2007-1026.html | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://www.redhat.com/support/errata/RHSA-2007-1027.html | ||
PSIRT-CNA@flexerasoftware.com | http://www.redhat.com/support/errata/RHSA-2007-1028.html | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://www.redhat.com/support/errata/RHSA-2007-1029.html | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://www.redhat.com/support/errata/RHSA-2007-1030.html | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://www.redhat.com/support/errata/RHSA-2007-1031.html | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://www.redhat.com/support/errata/RHSA-2007-1051.html | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://www.securityfocus.com/archive/1/483372 | ||
PSIRT-CNA@flexerasoftware.com | http://www.securityfocus.com/bid/26367 | ||
PSIRT-CNA@flexerasoftware.com | http://www.securitytracker.com/id?1018905 | ||
PSIRT-CNA@flexerasoftware.com | http://www.ubuntu.com/usn/usn-542-1 | ||
PSIRT-CNA@flexerasoftware.com | http://www.ubuntu.com/usn/usn-542-2 | ||
PSIRT-CNA@flexerasoftware.com | http://www.vupen.com/english/advisories/2007/3774 | ||
PSIRT-CNA@flexerasoftware.com | http://www.vupen.com/english/advisories/2007/3775 | ||
PSIRT-CNA@flexerasoftware.com | http://www.vupen.com/english/advisories/2007/3776 | ||
PSIRT-CNA@flexerasoftware.com | http://www.vupen.com/english/advisories/2007/3779 | ||
PSIRT-CNA@flexerasoftware.com | http://www.vupen.com/english/advisories/2007/3786 | ||
PSIRT-CNA@flexerasoftware.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/38304 | ||
PSIRT-CNA@flexerasoftware.com | https://issues.rpath.com/browse/RPL-1926 | ||
PSIRT-CNA@flexerasoftware.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9839 | ||
PSIRT-CNA@flexerasoftware.com | https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html | ||
PSIRT-CNA@flexerasoftware.com | https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html | ||
PSIRT-CNA@flexerasoftware.com | https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html | ||
PSIRT-CNA@flexerasoftware.com | https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html | ||
PSIRT-CNA@flexerasoftware.com | https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html | ||
PSIRT-CNA@flexerasoftware.com | https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26503 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27260 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27553 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27573 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27574 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27575 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27577 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27578 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27579 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27599 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27615 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27618 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27619 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27632 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27634 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27636 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27637 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27640 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27641 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27642 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27645 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27656 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27658 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27705 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27718 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27721 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27724 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27743 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27772 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27856 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/28043 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/28812 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29104 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29604 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30168 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/secunia_research/2007-88/advisory/ | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200711-22.xml | ||
af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200711-34.xml | ||
af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200805-13.xml | ||
af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm | ||
af854a3a-2127-422b-91ae-364da2661108 | http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2007/dsa-1408 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2008/dsa-1480 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2008/dsa-1509 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2008/dsa-1537 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20071107-1.txt | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:219 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:220 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:221 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:222 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:223 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:227 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:228 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:230 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2007_60_pdf.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-1021.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-1022.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-1023.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-1024.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-1025.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-1026.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-1027.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-1028.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-1029.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-1030.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-1031.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-1051.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/483372 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/26367 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1018905 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-542-1 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-542-2 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/3774 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/3775 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/3776 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/3779 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/3786 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/38304 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://issues.rpath.com/browse/RPL-1926 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9839 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html | ||
af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html | ||
af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html | ||
af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html | ||
af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html | ||
af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:xpdf:xpdf:3.02p11:*:*:*:*:*:*:*", "matchCriteriaId": "45863F75-92B6-4FF8-864C-23184905A877", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter." }, { "lang": "es", "value": "Un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en el m\u00e9todo CCITTFaxStream::lookChar en el archivo xpdf/Stream.cc en Xpdf versi\u00f3n 3.02p11, permite a atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo PDF que contiene un filtro CCITTFaxDecode dise\u00f1ado." } ], "id": "CVE-2007-5393", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2007-11-08T02:46:00.000", "references": [ { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/26503" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/27260" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27553" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27573" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27574" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27575" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27577" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27578" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27579" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27599" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27615" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27618" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27619" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27632" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27634" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27636" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27637" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27640" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27641" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27642" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27645" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27656" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27658" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27705" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27718" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27721" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27724" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27743" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27772" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27856" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/28043" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/28812" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/29104" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/29604" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/30168" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/secunia_research/2007-88/advisory/" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://security.gentoo.org/glsa/glsa-200711-22.xml" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.761882" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.debian.org/security/2007/dsa-1408" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.debian.org/security/2008/dsa-1480" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.debian.org/security/2008/dsa-1509" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.debian.org/security/2008/dsa-1537" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.kde.org/info/security/advisory-20071107-1.txt" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:219" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:220" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:221" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:222" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:223" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:227" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:228" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.novell.com/linux/security/advisories/2007_60_pdf.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1021.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1023.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1024.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.redhat.com/support/errata/RHSA-2007-1025.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1026.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1028.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1029.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1031.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1051.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.securityfocus.com/archive/1/483372" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.securityfocus.com/bid/26367" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.securitytracker.com/id?1018905" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.ubuntu.com/usn/usn-542-1" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.ubuntu.com/usn/usn-542-2" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.vupen.com/english/advisories/2007/3774" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.vupen.com/english/advisories/2007/3775" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.vupen.com/english/advisories/2007/3776" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.vupen.com/english/advisories/2007/3779" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.vupen.com/english/advisories/2007/3786" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38304" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "https://issues.rpath.com/browse/RPL-1926" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9839" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26503" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/27260" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27553" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27573" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27574" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27575" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27577" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27578" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27579" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27599" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27615" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27618" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27619" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27632" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27634" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27636" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27637" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27640" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27641" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27642" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27645" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27656" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27658" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27705" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27718" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27721" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27724" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27743" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27772" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27856" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28043" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28812" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/29104" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/29604" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/30168" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/secunia_research/2007-88/advisory/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200711-22.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.761882" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2007/dsa-1408" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2008/dsa-1480" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2008/dsa-1509" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2008/dsa-1537" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.kde.org/info/security/advisory-20071107-1.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:219" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:220" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:221" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:222" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:223" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:227" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:228" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2007_60_pdf.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1021.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1023.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1024.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2007-1025.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1026.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1028.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1029.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1051.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/483372" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/26367" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1018905" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-542-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-542-2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/3774" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/3775" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/3776" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/3779" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/3786" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38304" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://issues.rpath.com/browse/RPL-1926" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9839" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html" } ], "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2007-11-08 02:46
Modified
2025-04-09 00:30
Severity ?
Summary
Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file.
References
▶ | URL | Tags | |
---|---|---|---|
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/26503 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27260 | Patch, Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27553 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27573 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27574 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27575 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27577 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27578 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27599 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27615 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27618 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27619 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27632 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27634 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27636 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27637 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27640 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27641 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27642 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27645 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27656 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27658 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27705 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27721 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27724 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27743 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27856 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/28043 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/28812 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/29104 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/29604 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/30168 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/secunia_research/2007-88/advisory/ | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://security.gentoo.org/glsa/glsa-200711-22.xml | ||
PSIRT-CNA@flexerasoftware.com | http://security.gentoo.org/glsa/glsa-200711-34.xml | ||
PSIRT-CNA@flexerasoftware.com | http://security.gentoo.org/glsa/glsa-200805-13.xml | ||
PSIRT-CNA@flexerasoftware.com | http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882 | ||
PSIRT-CNA@flexerasoftware.com | http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html | ||
PSIRT-CNA@flexerasoftware.com | http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html | ||
PSIRT-CNA@flexerasoftware.com | http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html | ||
PSIRT-CNA@flexerasoftware.com | http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html | ||
PSIRT-CNA@flexerasoftware.com | http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html | ||
PSIRT-CNA@flexerasoftware.com | http://www.debian.org/security/2008/dsa-1480 | ||
PSIRT-CNA@flexerasoftware.com | http://www.debian.org/security/2008/dsa-1509 | ||
PSIRT-CNA@flexerasoftware.com | http://www.debian.org/security/2008/dsa-1537 | ||
PSIRT-CNA@flexerasoftware.com | http://www.kde.org/info/security/advisory-20071107-1.txt | ||
PSIRT-CNA@flexerasoftware.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:219 | ||
PSIRT-CNA@flexerasoftware.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:220 | ||
PSIRT-CNA@flexerasoftware.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:221 | ||
PSIRT-CNA@flexerasoftware.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:222 | ||
PSIRT-CNA@flexerasoftware.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:223 | ||
PSIRT-CNA@flexerasoftware.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:227 | ||
PSIRT-CNA@flexerasoftware.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:228 | ||
PSIRT-CNA@flexerasoftware.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:230 | ||
PSIRT-CNA@flexerasoftware.com | http://www.novell.com/linux/security/advisories/2007_60_pdf.html | ||
PSIRT-CNA@flexerasoftware.com | http://www.redhat.com/support/errata/RHSA-2007-1021.html | ||
PSIRT-CNA@flexerasoftware.com | http://www.redhat.com/support/errata/RHSA-2007-1022.html | ||
PSIRT-CNA@flexerasoftware.com | http://www.redhat.com/support/errata/RHSA-2007-1024.html | ||
PSIRT-CNA@flexerasoftware.com | http://www.redhat.com/support/errata/RHSA-2007-1025.html | ||
PSIRT-CNA@flexerasoftware.com | http://www.redhat.com/support/errata/RHSA-2007-1026.html | ||
PSIRT-CNA@flexerasoftware.com | http://www.redhat.com/support/errata/RHSA-2007-1027.html | ||
PSIRT-CNA@flexerasoftware.com | http://www.redhat.com/support/errata/RHSA-2007-1029.html | ||
PSIRT-CNA@flexerasoftware.com | http://www.redhat.com/support/errata/RHSA-2007-1030.html | ||
PSIRT-CNA@flexerasoftware.com | http://www.securityfocus.com/archive/1/483372 | ||
PSIRT-CNA@flexerasoftware.com | http://www.securityfocus.com/bid/26367 | ||
PSIRT-CNA@flexerasoftware.com | http://www.securitytracker.com/id?1018905 | ||
PSIRT-CNA@flexerasoftware.com | http://www.ubuntu.com/usn/usn-542-1 | ||
PSIRT-CNA@flexerasoftware.com | http://www.ubuntu.com/usn/usn-542-2 | ||
PSIRT-CNA@flexerasoftware.com | http://www.vupen.com/english/advisories/2007/3774 | ||
PSIRT-CNA@flexerasoftware.com | http://www.vupen.com/english/advisories/2007/3775 | ||
PSIRT-CNA@flexerasoftware.com | http://www.vupen.com/english/advisories/2007/3776 | ||
PSIRT-CNA@flexerasoftware.com | http://www.vupen.com/english/advisories/2007/3779 | ||
PSIRT-CNA@flexerasoftware.com | http://www.vupen.com/english/advisories/2007/3786 | ||
PSIRT-CNA@flexerasoftware.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/38306 | ||
PSIRT-CNA@flexerasoftware.com | https://issues.rpath.com/browse/RPL-1926 | ||
PSIRT-CNA@flexerasoftware.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9979 | ||
PSIRT-CNA@flexerasoftware.com | https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html | ||
PSIRT-CNA@flexerasoftware.com | https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html | ||
PSIRT-CNA@flexerasoftware.com | https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html | ||
PSIRT-CNA@flexerasoftware.com | https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html | ||
PSIRT-CNA@flexerasoftware.com | https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html | ||
PSIRT-CNA@flexerasoftware.com | https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26503 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27260 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27553 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27573 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27574 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27575 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27577 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27578 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27599 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27615 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27618 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27619 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27632 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27634 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27636 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27637 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27640 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27641 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27642 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27645 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27656 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27658 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27705 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27721 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27724 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27743 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27856 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/28043 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/28812 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29104 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29604 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30168 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/secunia_research/2007-88/advisory/ | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200711-22.xml | ||
af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200711-34.xml | ||
af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200805-13.xml | ||
af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2008/dsa-1480 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2008/dsa-1509 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2008/dsa-1537 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20071107-1.txt | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:219 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:220 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:221 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:222 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:223 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:227 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:228 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:230 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2007_60_pdf.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-1021.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-1022.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-1024.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-1025.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-1026.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-1027.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-1029.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-1030.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/483372 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/26367 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1018905 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-542-1 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-542-2 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/3774 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/3775 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/3776 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/3779 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/3786 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/38306 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://issues.rpath.com/browse/RPL-1926 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9979 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html | ||
af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html | ||
af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html | ||
af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html | ||
af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html | ||
af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0.1_pl1:*:*:*:*:*:*:*", "matchCriteriaId": "B0A09900-C462-4E3D-9399-0271F91DC5BD", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file." }, { "lang": "es", "value": "Un error de \u00edndice de matriz en el m\u00e9todo DCTStream::readProgressiveDataUnit en el archivo xpdf/Stream.cc en Xpdf versi\u00f3n 3.02pl1, tal y como es usado en poppler, teTeX, KDE, KOffice, CUPS y otros productos, permite a atacantes remotos desencadenar corrupci\u00f3n de memoria y ejecutar c\u00f3digo arbitrario por medio de un archivo PDF dise\u00f1ado." } ], "id": "CVE-2007-4352", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 4.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2007-11-08T02:46:00.000", "references": [ { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/26503" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/27260" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27553" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27573" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27574" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27575" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27577" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27578" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27599" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27615" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27618" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27619" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27632" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27634" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27636" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27637" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27640" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27641" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27642" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27645" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27656" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27658" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27705" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27721" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27724" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27743" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27856" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/28043" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/28812" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/29104" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/29604" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/30168" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/secunia_research/2007-88/advisory/" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://security.gentoo.org/glsa/glsa-200711-22.xml" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.761882" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.debian.org/security/2008/dsa-1480" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.debian.org/security/2008/dsa-1509" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.debian.org/security/2008/dsa-1537" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.kde.org/info/security/advisory-20071107-1.txt" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:219" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:220" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:221" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:222" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:223" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:227" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:228" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.novell.com/linux/security/advisories/2007_60_pdf.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.redhat.com/support/errata/RHSA-2007-1021.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.redhat.com/support/errata/RHSA-2007-1024.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.redhat.com/support/errata/RHSA-2007-1025.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.redhat.com/support/errata/RHSA-2007-1026.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.redhat.com/support/errata/RHSA-2007-1029.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.securityfocus.com/archive/1/483372" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.securityfocus.com/bid/26367" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.securitytracker.com/id?1018905" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.ubuntu.com/usn/usn-542-1" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.ubuntu.com/usn/usn-542-2" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.vupen.com/english/advisories/2007/3774" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.vupen.com/english/advisories/2007/3775" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.vupen.com/english/advisories/2007/3776" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.vupen.com/english/advisories/2007/3779" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.vupen.com/english/advisories/2007/3786" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38306" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "https://issues.rpath.com/browse/RPL-1926" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9979" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26503" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/27260" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27553" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27573" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27574" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27575" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27577" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27578" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27599" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27615" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27618" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27619" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27632" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27634" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27636" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27637" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27640" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27641" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27642" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27645" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27656" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27658" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27705" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27721" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27724" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27743" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27856" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28043" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28812" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/29104" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/29604" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/30168" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/secunia_research/2007-88/advisory/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200711-22.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.761882" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2008/dsa-1480" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2008/dsa-1509" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2008/dsa-1537" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.kde.org/info/security/advisory-20071107-1.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:219" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:220" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:221" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:222" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:223" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:227" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:228" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2007_60_pdf.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2007-1021.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2007-1024.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2007-1025.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2007-1026.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2007-1029.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/483372" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/26367" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1018905" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-542-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-542-2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/3774" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/3775" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/3776" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/3779" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/3786" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38306" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://issues.rpath.com/browse/RPL-1926" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9979" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html" } ], "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2007-01-09 00:28
Modified
2025-04-09 00:30
Severity ?
Summary
The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://docs.info.apple.com/article.html?artnum=305214 | ||
cve@mitre.org | http://projects.info-pull.com/moab/MOAB-06-01-2007.html | ||
cve@mitre.org | http://secunia.com/advisories/23791 | ||
cve@mitre.org | http://secunia.com/advisories/23799 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/23808 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/23813 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/23815 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/23839 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/23844 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/23876 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/24204 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/24479 | Vendor Advisory | |
cve@mitre.org | http://securitytracker.com/id?1017514 | ||
cve@mitre.org | http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html | ||
cve@mitre.org | http://www.kde.org/info/security/advisory-20070115-1.txt | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2007:018 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2007:019 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2007:020 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2007:021 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2007:022 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2007:024 | ||
cve@mitre.org | http://www.novell.com/linux/security/advisories/2007_3_sr.html | ||
cve@mitre.org | http://www.securityfocus.com/archive/1/457055/100/0/threaded | ||
cve@mitre.org | http://www.securityfocus.com/bid/21910 | Exploit | |
cve@mitre.org | http://www.securitytracker.com/id?1017749 | ||
cve@mitre.org | http://www.ubuntu.com/usn/usn-410-1 | ||
cve@mitre.org | http://www.ubuntu.com/usn/usn-410-2 | ||
cve@mitre.org | http://www.us-cert.gov/cas/techalerts/TA07-072A.html | US Government Resource | |
cve@mitre.org | http://www.vupen.com/english/advisories/2007/0203 | Vendor Advisory | |
cve@mitre.org | http://www.vupen.com/english/advisories/2007/0212 | Vendor Advisory | |
cve@mitre.org | http://www.vupen.com/english/advisories/2007/0244 | Vendor Advisory | |
cve@mitre.org | http://www.vupen.com/english/advisories/2007/0930 | Vendor Advisory | |
cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/31364 | ||
cve@mitre.org | https://issues.rpath.com/browse/RPL-964 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://docs.info.apple.com/article.html?artnum=305214 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://projects.info-pull.com/moab/MOAB-06-01-2007.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/23791 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/23799 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/23808 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/23813 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/23815 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/23839 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/23844 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/23876 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/24204 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/24479 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1017514 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20070115-1.txt | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:018 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:019 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:020 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:021 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:022 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:024 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2007_3_sr.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/457055/100/0/threaded | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/21910 | Exploit | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1017749 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-410-1 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-410-2 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.us-cert.gov/cas/techalerts/TA07-072A.html | US Government Resource | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/0203 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/0212 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/0244 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/0930 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/31364 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://issues.rpath.com/browse/RPL-964 |
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "2B77866E-6818-4DE6-9457-39416871952C", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0.1_pl1:*:*:*:*:*:*:*", "matchCriteriaId": "B0A09900-C462-4E3D-9399-0271F91DC5BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0.1_pl2:*:*:*:*:*:*:*", "matchCriteriaId": "0E99D1B2-0FDB-4E39-84FD-B354F808651E", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0_pl2:*:*:*:*:*:*:*", "matchCriteriaId": "F6D23CF8-2B6C-4D2A-8E5E-6AACE99A7C19", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "82F69843-978D-4686-BC5B-1D09DA4A21BD", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "81E19472-47B4-4398-A188-CA5A5D3E7060", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "9F7180B3-03AC-427C-8CAD-FE06F81C4FF1", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.4:*:*:*:*:*:*:*", "matchCriteriaId": "442021C9-BE4D-4BC9-8114-8BEFA9EC1232", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "7036AE90-C7E0-48CE-805D-3F1E04852675", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "8D49AE92-BA00-4A8E-BBFE-1BE994CFA3CF", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "29911CA1-ECFD-476F-8C85-EA0C6C143DC5", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.5:*:*:*:*:*:*:*", "matchCriteriaId": "D17CEFEB-9166-4426-92E1-D8F61D5F5D4C", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node." }, { "lang": "es", "value": "La especificaci\u00f3n de Adobe PDF versi\u00f3n 1.3, implementada por (a) xpdf versi\u00f3n 3.0.1 parche 2, (b) kpdf en KDE anterior a versi\u00f3n 3.5.5, (c) poppler anterior a versi\u00f3n 0.5.4, y otros productos, permite a los atacantes remotos tener un impacto desconocido, posiblemente incluyendo la denegaci\u00f3n de servicio (bucle infinito), ejecuci\u00f3n de c\u00f3digo arbitraria, o corrupci\u00f3n de memoria , por medio de un archivo PDF con un (1) diccionario de cat\u00e1logo creado o (2) un atributo Pages creado que hace referencia a un nodo de \u00e1rbol de p\u00e1ginas no v\u00e1lido." } ], "id": "CVE-2007-0104", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2007-01-09T00:28:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://docs.info.apple.com/article.html?artnum=305214" }, { "source": "cve@mitre.org", "url": "http://projects.info-pull.com/moab/MOAB-06-01-2007.html" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/23791" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/23799" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/23808" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/23813" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/23815" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/23839" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/23844" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/23876" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/24204" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/24479" }, { "source": "cve@mitre.org", "url": "http://securitytracker.com/id?1017514" }, { "source": "cve@mitre.org", "url": "http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html" }, { "source": "cve@mitre.org", "url": "http://www.kde.org/info/security/advisory-20070115-1.txt" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:018" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:019" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:020" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:021" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:022" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:024" }, { "source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/2007_3_sr.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/457055/100/0/threaded" }, { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "http://www.securityfocus.com/bid/21910" }, { "source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1017749" }, { "source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/usn-410-1" }, { "source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/usn-410-2" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2007/0203" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2007/0212" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2007/0244" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2007/0930" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31364" }, { "source": "cve@mitre.org", "url": "https://issues.rpath.com/browse/RPL-964" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://docs.info.apple.com/article.html?artnum=305214" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://projects.info-pull.com/moab/MOAB-06-01-2007.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/23791" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/23799" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/23808" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/23813" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/23815" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/23839" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/23844" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/23876" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/24204" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/24479" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1017514" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.kde.org/info/security/advisory-20070115-1.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:018" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:019" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:020" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:021" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:022" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:024" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2007_3_sr.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/457055/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://www.securityfocus.com/bid/21910" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1017749" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-410-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-410-2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2007/0203" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2007/0212" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2007/0244" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2007/0930" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31364" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://issues.rpath.com/browse/RPL-964" } ], "sourceIdentifier": "cve@mitre.org", "vendorComments": [ { "comment": "Not Vulnerable. This flaw is the result of an infinite recursion flaw in xpdf, which cannot result in arbitrary code execution.", "lastModified": "2007-01-15T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-20" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-12-07 00:03
Modified
2025-04-03 01:03
Severity ?
Summary
Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and (5) libextractor allows user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with large size values that cause insufficient memory to be allocated.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt | ||
cve@mitre.org | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt | ||
cve@mitre.org | ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt | ||
cve@mitre.org | ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U | ||
cve@mitre.org | ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U | ||
cve@mitre.org | ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U | ||
cve@mitre.org | http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html | ||
cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2005-868.html | ||
cve@mitre.org | http://secunia.com/advisories/17897 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/17912 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/17916 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/17920 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/17926 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/17929 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/17940 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/17955 | ||
cve@mitre.org | http://secunia.com/advisories/17956 | ||
cve@mitre.org | http://secunia.com/advisories/17959 | ||
cve@mitre.org | http://secunia.com/advisories/17976 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18009 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18055 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18061 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18147 | ||
cve@mitre.org | http://secunia.com/advisories/18189 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18191 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18192 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18303 | ||
cve@mitre.org | http://secunia.com/advisories/18313 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18336 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18349 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18380 | ||
cve@mitre.org | http://secunia.com/advisories/18385 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18387 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18389 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18398 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18407 | ||
cve@mitre.org | http://secunia.com/advisories/18416 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18448 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18517 | ||
cve@mitre.org | http://secunia.com/advisories/18520 | ||
cve@mitre.org | http://secunia.com/advisories/18534 | ||
cve@mitre.org | http://secunia.com/advisories/18554 | ||
cve@mitre.org | http://secunia.com/advisories/18582 | ||
cve@mitre.org | http://secunia.com/advisories/18674 | ||
cve@mitre.org | http://secunia.com/advisories/18675 | ||
cve@mitre.org | http://secunia.com/advisories/18679 | ||
cve@mitre.org | http://secunia.com/advisories/18908 | ||
cve@mitre.org | http://secunia.com/advisories/18913 | ||
cve@mitre.org | http://secunia.com/advisories/19125 | ||
cve@mitre.org | http://secunia.com/advisories/19230 | ||
cve@mitre.org | http://secunia.com/advisories/19377 | ||
cve@mitre.org | http://secunia.com/advisories/19797 | ||
cve@mitre.org | http://secunia.com/advisories/19798 | ||
cve@mitre.org | http://secunia.com/advisories/25729 | ||
cve@mitre.org | http://secunia.com/advisories/26413 | ||
cve@mitre.org | http://securityreason.com/securityalert/236 | ||
cve@mitre.org | http://securitytracker.com/id?1015309 | ||
cve@mitre.org | http://securitytracker.com/id?1015324 | ||
cve@mitre.org | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 | ||
cve@mitre.org | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 | ||
cve@mitre.org | http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 | ||
cve@mitre.org | http://www.debian.org/security/2005/dsa-931 | ||
cve@mitre.org | http://www.debian.org/security/2005/dsa-932 | ||
cve@mitre.org | http://www.debian.org/security/2005/dsa-937 | ||
cve@mitre.org | http://www.debian.org/security/2005/dsa-938 | ||
cve@mitre.org | http://www.debian.org/security/2005/dsa-940 | ||
cve@mitre.org | http://www.debian.org/security/2006/dsa-936 | ||
cve@mitre.org | http://www.debian.org/security/2006/dsa-950 | ||
cve@mitre.org | http://www.debian.org/security/2006/dsa-961 | ||
cve@mitre.org | http://www.debian.org/security/2006/dsa-962 | ||
cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml | ||
cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml | ||
cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200603-02.xml | ||
cve@mitre.org | http://www.idefense.com/application/poi/display?id=345&type=vulnerabilities&flashstatus=true | Patch, Vendor Advisory | |
cve@mitre.org | http://www.kde.org/info/security/advisory-20051207-1.txt | ||
cve@mitre.org | http://www.kde.org/info/security/advisory-20051207-2.txt | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2006:003 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2006:004 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2006:005 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2006:006 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2006:008 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2006:012 | ||
cve@mitre.org | http://www.novell.com/linux/security/advisories/2005_29_sr.html | ||
cve@mitre.org | http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00014.html | ||
cve@mitre.org | http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html | ||
cve@mitre.org | http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html | ||
cve@mitre.org | http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00022.html | ||
cve@mitre.org | http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html | ||
cve@mitre.org | http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html | ||
cve@mitre.org | http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00073.html | ||
cve@mitre.org | http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00043.html | ||
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-840.html | Vendor Advisory | |
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-867.html | Vendor Advisory | |
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-878.html | Vendor Advisory | |
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2006-0160.html | Vendor Advisory | |
cve@mitre.org | http://www.securityfocus.com/archive/1/418883/100/0/threaded | ||
cve@mitre.org | http://www.securityfocus.com/archive/1/427053/100/0/threaded | ||
cve@mitre.org | http://www.securityfocus.com/archive/1/427990/100/0/threaded | ||
cve@mitre.org | http://www.securityfocus.com/bid/15721 | ||
cve@mitre.org | http://www.trustix.org/errata/2005/0072/ | ||
cve@mitre.org | http://www.ubuntulinux.org/usn/usn-227-1 | ||
cve@mitre.org | http://www.vupen.com/english/advisories/2005/2787 | ||
cve@mitre.org | http://www.vupen.com/english/advisories/2005/2789 | ||
cve@mitre.org | http://www.vupen.com/english/advisories/2005/2790 | ||
cve@mitre.org | http://www.vupen.com/english/advisories/2005/2856 | ||
cve@mitre.org | http://www.vupen.com/english/advisories/2007/2280 | ||
cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/23441 | ||
cve@mitre.org | https://issues.rpath.com/browse/RPL-1609 | ||
cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11440 | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U | ||
af854a3a-2127-422b-91ae-364da2661108 | http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2005-868.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17897 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17912 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17916 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17920 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17926 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17929 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17940 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17955 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17956 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17959 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17976 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18009 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18055 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18061 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18147 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18189 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18191 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18192 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18303 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18313 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18336 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18349 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18380 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18385 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18387 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18389 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18398 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18407 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18416 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18448 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18517 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18520 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18534 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18554 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18582 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18674 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18675 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18679 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18908 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18913 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19125 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19230 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19377 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19797 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19798 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/25729 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26413 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/236 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1015309 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1015324 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-931 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-932 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-937 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-938 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-940 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-936 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-950 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-961 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-962 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200603-02.xml | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.idefense.com/application/poi/display?id=345&type=vulnerabilities&flashstatus=true | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20051207-1.txt | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20051207-2.txt | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:003 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:004 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:005 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:006 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:008 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:012 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2005_29_sr.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00014.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00022.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00073.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00043.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-840.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-867.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-878.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2006-0160.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/418883/100/0/threaded | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/427053/100/0/threaded | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/427990/100/0/threaded | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/15721 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.trustix.org/errata/2005/0072/ | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntulinux.org/usn/usn-227-1 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2005/2787 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2005/2789 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2005/2790 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2005/2856 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/2280 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/23441 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://issues.rpath.com/browse/RPL-1609 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11440 |
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*", "matchCriteriaId": "28CC6233-E207-40CC-81FF-A8670EEA4295", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.91:*:*:*:*:*:*:*", "matchCriteriaId": "64DD9B5C-3DB8-4E15-B4A6-541E4E221C1D", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.92:*:*:*:*:*:*:*", "matchCriteriaId": "0304E1E3-8766-40D0-8879-A652B4E9E72D", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.93:*:*:*:*:*:*:*", "matchCriteriaId": "188F1343-8082-4B54-8DA4-E344818ABD52", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "B95DA7DE-B786-4EE7-A3F4-C077A7986D5F", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:1.0a:*:*:*:*:*:*:*", "matchCriteriaId": "C5306C05-4A71-4175-8C22-F2DE0F2FE4C4", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3B9DEF16-ECD5-4BBE-8986-52A6171B3D9F", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "CFFDBEEC-B2C1-47F0-82D3-FC9147B590A9", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "354487CF-0086-4AE2-872B-0032E3EB89EE", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "96767060-505A-42D2-A68A-6AD810DE800A", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "1169B802-7279-437F-AF59-621A67DC92EC", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "2B77866E-6818-4DE6-9457-39416871952C", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0_pl2:*:*:*:*:*:*:*", "matchCriteriaId": "F6D23CF8-2B6C-4D2A-8E5E-6AACE99A7C19", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0_pl3:*:*:*:*:*:*:*", "matchCriteriaId": "9107B531-7254-4908-97F0-3BF1EA0495AC", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and (5) libextractor allows user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with large size values that cause insufficient memory to be allocated." } ], "id": "CVE-2005-3193", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 4.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2005-12-07T00:03:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "source": "cve@mitre.org", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt" }, { "source": "cve@mitre.org", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt" }, { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "cve@mitre.org", "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "source": "cve@mitre.org", "url": "http://rhn.redhat.com/errata/RHSA-2005-868.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17897" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17912" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17916" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17920" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17926" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17929" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17940" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/17955" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/17956" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/17959" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17976" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18009" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18055" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18061" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18147" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18189" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18191" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18192" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18303" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18313" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18336" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18349" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18380" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18385" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18387" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18389" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18398" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18407" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18416" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18448" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18517" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18520" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18534" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18554" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18582" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18674" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18675" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18679" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18908" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18913" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/19125" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/19230" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/19377" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/19797" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/19798" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/25729" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/26413" }, { "source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/236" }, { "source": "cve@mitre.org", "url": "http://securitytracker.com/id?1015309" }, { "source": "cve@mitre.org", "url": "http://securitytracker.com/id?1015324" }, { "source": "cve@mitre.org", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "cve@mitre.org", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "cve@mitre.org", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2005/dsa-931" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2005/dsa-932" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2005/dsa-937" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2005/dsa-938" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2005/dsa-940" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2006/dsa-950" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2006/dsa-961" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2006/dsa-962" }, { "source": "cve@mitre.org", "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml" }, { "source": "cve@mitre.org", "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "source": "cve@mitre.org", "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-02.xml" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.idefense.com/application/poi/display?id=345\u0026type=vulnerabilities\u0026flashstatus=true" }, { "source": "cve@mitre.org", "url": "http://www.kde.org/info/security/advisory-20051207-1.txt" }, { "source": "cve@mitre.org", "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/2005_29_sr.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00014.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00022.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00073.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00043.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-840.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-867.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-878.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/418883/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/15721" }, { "source": "cve@mitre.org", "url": "http://www.trustix.org/errata/2005/0072/" }, { "source": "cve@mitre.org", "url": "http://www.ubuntulinux.org/usn/usn-227-1" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2005/2787" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2005/2789" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2005/2790" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2005/2856" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23441" }, { "source": "cve@mitre.org", "url": "https://issues.rpath.com/browse/RPL-1609" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11440" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2005-868.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17897" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17912" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17916" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17920" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17926" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17929" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17940" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17955" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17956" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17959" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17976" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18009" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18055" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18061" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18147" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18189" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18191" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18192" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18303" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18313" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18336" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18349" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18380" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18385" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18387" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18389" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18398" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18407" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18416" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18448" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18517" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18520" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18534" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18554" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18582" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18674" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18675" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18679" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18908" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18913" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19125" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19230" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19377" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19797" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19798" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25729" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26413" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/236" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1015309" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1015324" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-931" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-932" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-937" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-938" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-940" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-950" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-961" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-962" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-02.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.idefense.com/application/poi/display?id=345\u0026type=vulnerabilities\u0026flashstatus=true" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.kde.org/info/security/advisory-20051207-1.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2005_29_sr.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00014.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00022.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00073.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00043.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-840.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-867.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-878.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/418883/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/15721" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.trustix.org/errata/2005/0072/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntulinux.org/usn/usn-227-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2005/2787" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2005/2789" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2005/2790" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2005/2856" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23441" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://issues.rpath.com/browse/RPL-1609" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11440" } ], "sourceIdentifier": "cve@mitre.org", "vendorComments": [ { "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", "lastModified": "2007-03-14T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2006-01-30 22:03
Modified
2025-04-03 01:03
Severity ?
Summary
Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap.
References
▶ | URL | Tags | |
---|---|---|---|
secalert@redhat.com | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt | Patch, Vendor Advisory | |
secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2006-0206.html | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18274 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18677 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18707 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18825 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18826 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18834 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18837 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18838 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18839 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18860 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18862 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18864 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18875 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18882 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18908 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18913 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18983 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/19377 | Patch, Vendor Advisory | |
secalert@redhat.com | http://securityreason.com/securityalert/470 | ||
secalert@redhat.com | http://securitytracker.com/id?1015576 | Patch | |
secalert@redhat.com | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 | Patch | |
secalert@redhat.com | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 | Patch | |
secalert@redhat.com | http://www.debian.org/security/2006/dsa-971 | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.debian.org/security/2006/dsa-972 | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.debian.org/security/2006/dsa-974 | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.gentoo.org/security/en/glsa/glsa-200602-04.xml | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.gentoo.org/security/en/glsa/glsa-200602-05.xml | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.gentoo.org/security/en/glsa/glsa-200602-12.xml | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.kde.org/info/security/advisory-20060202-1.txt | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:030 | ||
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:031 | ||
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:032 | ||
secalert@redhat.com | http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00039.html | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2006-0201.html | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.securityfocus.com/archive/1/423899/100/0/threaded | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.securityfocus.com/archive/1/427990/100/0/threaded | ||
secalert@redhat.com | http://www.ubuntu.com/usn/usn-249-1 | Patch | |
secalert@redhat.com | http://www.vupen.com/english/advisories/2006/0389 | Vendor Advisory | |
secalert@redhat.com | http://www.vupen.com/english/advisories/2006/0422 | Vendor Advisory | |
secalert@redhat.com | https://bugzilla.novell.com/show_bug.cgi?id=141242 | ||
secalert@redhat.com | https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179046 | ||
secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/24391 | ||
secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10850 | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2006-0206.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18274 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18677 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18707 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18825 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18826 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18834 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18837 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18838 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18839 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18860 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18862 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18864 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18875 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18882 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18908 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18913 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18983 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19377 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/470 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1015576 | Patch | |
af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 | Patch | |
af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 | Patch | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-971 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-972 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-974 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200602-04.xml | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200602-05.xml | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200602-12.xml | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20060202-1.txt | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:030 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:031 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:032 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00039.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2006-0201.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/423899/100/0/threaded | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/427990/100/0/threaded | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-249-1 | Patch | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2006/0389 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2006/0422 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.novell.com/show_bug.cgi?id=141242 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179046 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/24391 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10850 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:xpdf:xpdf:*:*:*:*:*:*:*:*", "matchCriteriaId": "BC1CAEC5-3851-4749-AF27-E090E3C52E35", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap." } ], "id": "CVE-2006-0301", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2006-01-30T22:03:00.000", "references": [ { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0206.html" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18274" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18677" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18707" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18825" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18826" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18834" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18837" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18838" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18839" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18860" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18862" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18864" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18875" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18882" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18908" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18913" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18983" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/19377" }, { "source": "secalert@redhat.com", "url": "http://securityreason.com/securityalert/470" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://securitytracker.com/id?1015576" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-971" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-972" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-974" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-04.xml" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-05.xml" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-12.xml" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.kde.org/info/security/advisory-20060202-1.txt" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:030" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:031" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:032" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00039.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0201.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/archive/1/423899/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.ubuntu.com/usn/usn-249-1" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2006/0389" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2006/0422" }, { "source": "secalert@redhat.com", "url": "https://bugzilla.novell.com/show_bug.cgi?id=141242" }, { "source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179046" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24391" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10850" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0206.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18274" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18677" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18707" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18825" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18826" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18834" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18837" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18838" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18839" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18860" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18862" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18864" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18875" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18882" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18908" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18913" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18983" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/19377" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/470" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://securitytracker.com/id?1015576" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-971" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-972" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-974" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-04.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-05.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-12.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.kde.org/info/security/advisory-20060202-1.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:030" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:031" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:032" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00039.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0201.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/archive/1/423899/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.ubuntu.com/usn/usn-249-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2006/0389" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2006/0422" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.novell.com/show_bug.cgi?id=141242" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179046" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24391" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10850" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via a DCTDecode stream with (1) a large "number of components" value that is not checked by DCTStream::readBaselineSOF or DCTStream::readProgressiveSOF, (2) a large "Huffman table index" value that is not checked by DCTStream::readHuffmanTables, and (3) certain uses of the scanInfo.numComps value by DCTStream::readScanInfo.
References
▶ | URL | Tags | |
---|---|---|---|
secalert@redhat.com | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt | ||
secalert@redhat.com | ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U | ||
secalert@redhat.com | ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U | ||
secalert@redhat.com | ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U | ||
secalert@redhat.com | http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html | Patch, Vendor Advisory | |
secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2006-0177.html | Patch, Vendor Advisory | |
secalert@redhat.com | http://scary.beasts.org/security/CESA-2005-003.txt | Exploit, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18147 | ||
secalert@redhat.com | http://secunia.com/advisories/18303 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18312 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18313 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18329 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18332 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18334 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18335 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18338 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18349 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18373 | ||
secalert@redhat.com | http://secunia.com/advisories/18375 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18380 | ||
secalert@redhat.com | http://secunia.com/advisories/18385 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18387 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18389 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18398 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18407 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18414 | ||
secalert@redhat.com | http://secunia.com/advisories/18416 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18423 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18425 | ||
secalert@redhat.com | http://secunia.com/advisories/18428 | ||
secalert@redhat.com | http://secunia.com/advisories/18436 | ||
secalert@redhat.com | http://secunia.com/advisories/18448 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18463 | ||
secalert@redhat.com | http://secunia.com/advisories/18517 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18534 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18554 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18582 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18642 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18644 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18674 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18675 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18679 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18908 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18913 | ||
secalert@redhat.com | http://secunia.com/advisories/19230 | ||
secalert@redhat.com | http://secunia.com/advisories/19377 | ||
secalert@redhat.com | http://secunia.com/advisories/25729 | ||
secalert@redhat.com | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 | ||
secalert@redhat.com | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 | ||
secalert@redhat.com | http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 | ||
secalert@redhat.com | http://www.debian.org/security/2005/dsa-931 | ||
secalert@redhat.com | http://www.debian.org/security/2005/dsa-932 | ||
secalert@redhat.com | http://www.debian.org/security/2005/dsa-937 | ||
secalert@redhat.com | http://www.debian.org/security/2005/dsa-938 | ||
secalert@redhat.com | http://www.debian.org/security/2005/dsa-940 | ||
secalert@redhat.com | http://www.debian.org/security/2006/dsa-936 | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.debian.org/security/2006/dsa-950 | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.debian.org/security/2006/dsa-961 | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.debian.org/security/2006/dsa-962 | ||
secalert@redhat.com | http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml | ||
secalert@redhat.com | http://www.kde.org/info/security/advisory-20051207-2.txt | Patch | |
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:003 | ||
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:004 | ||
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:005 | ||
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:006 | ||
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:008 | ||
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 | ||
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 | ||
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:012 | ||
secalert@redhat.com | http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html | Patch | |
secalert@redhat.com | http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html | Patch | |
secalert@redhat.com | http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html | ||
secalert@redhat.com | http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html | ||
secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2006-0160.html | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2006-0163.html | ||
secalert@redhat.com | http://www.securityfocus.com/archive/1/427053/100/0/threaded | ||
secalert@redhat.com | http://www.securityfocus.com/archive/1/427990/100/0/threaded | ||
secalert@redhat.com | http://www.securityfocus.com/bid/16143 | Patch | |
secalert@redhat.com | http://www.trustix.org/errata/2006/0002/ | ||
secalert@redhat.com | http://www.vupen.com/english/advisories/2006/0047 | ||
secalert@redhat.com | http://www.vupen.com/english/advisories/2007/2280 | ||
secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/24024 | ||
secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/24025 | ||
secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10200 | ||
secalert@redhat.com | https://usn.ubuntu.com/236-1/ | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U | ||
af854a3a-2127-422b-91ae-364da2661108 | http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2006-0177.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://scary.beasts.org/security/CESA-2005-003.txt | Exploit, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18147 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18303 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18312 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18313 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18329 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18332 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18334 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18335 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18338 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18349 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18373 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18375 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18380 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18385 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18387 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18389 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18398 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18407 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18414 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18416 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18423 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18425 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18428 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18436 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18448 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18463 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18517 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18534 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18554 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18582 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18642 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18644 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18674 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18675 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18679 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18908 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18913 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19230 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19377 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/25729 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-931 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-932 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-937 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-938 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-940 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-936 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-950 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-961 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-962 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20051207-2.txt | Patch | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:003 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:004 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:005 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:006 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:008 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:012 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html | Patch | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html | Patch | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2006-0160.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2006-0163.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/427053/100/0/threaded | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/427990/100/0/threaded | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/16143 | Patch | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.trustix.org/errata/2006/0002/ | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2006/0047 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/2280 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/24024 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/24025 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10200 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/236-1/ |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:xpdf:xpdf:*:*:*:*:*:*:*:*", "matchCriteriaId": "BC1CAEC5-3851-4749-AF27-E090E3C52E35", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via a DCTDecode stream with (1) a large \"number of components\" value that is not checked by DCTStream::readBaselineSOF or DCTStream::readProgressiveSOF, (2) a large \"Huffman table index\" value that is not checked by DCTStream::readHuffmanTables, and (3) certain uses of the scanInfo.numComps value by DCTStream::readScanInfo." } ], "id": "CVE-2005-3627", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-12-31T05:00:00.000", "references": [ { "source": "secalert@redhat.com", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "source": "secalert@redhat.com", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18147" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18303" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18312" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18313" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18329" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18332" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18334" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18335" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18338" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18349" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18373" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18375" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18380" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18385" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18387" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18389" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18398" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18407" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18414" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18416" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18423" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18425" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18428" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18436" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18448" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18463" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18517" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18534" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18554" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18582" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18642" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18644" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18674" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18675" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18679" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18908" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18913" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19230" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19377" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/25729" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-931" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-932" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-937" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-938" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-940" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-962" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "source": "secalert@redhat.com", "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/16143" }, { "source": "secalert@redhat.com", "url": "http://www.trustix.org/errata/2006/0002/" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24024" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24025" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10200" }, { "source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/236-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18147" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18303" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18312" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18313" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18329" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18332" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18334" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18335" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18338" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18349" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18373" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18375" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18380" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18385" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18387" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18389" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18398" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18407" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18414" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18416" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18425" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18428" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18436" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18448" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18463" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18517" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18534" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18554" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18582" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18642" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18644" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18674" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18675" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18679" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18908" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18913" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19230" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19377" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25729" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-931" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-932" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-937" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-938" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-940" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-962" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/16143" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.trustix.org/errata/2006/0002/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24024" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24025" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10200" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/236-1/" } ], "sourceIdentifier": "secalert@redhat.com", "vendorComments": [ { "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", "lastModified": "2007-03-14T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" }, { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-01-27 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://marc.info/?l=bugtraq&m=109880927526773&w=2 | ||
cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml | Patch, Vendor Advisory | |
cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2004:113 | ||
cve@mitre.org | http://www.securityfocus.com/bid/11501 | ||
cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/17819 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=109880927526773&w=2 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2004:113 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/11501 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/17819 |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
easy_software_products | cups | 1.0.4 | |
easy_software_products | cups | 1.0.4_8 | |
easy_software_products | cups | 1.1.1 | |
easy_software_products | cups | 1.1.4 | |
easy_software_products | cups | 1.1.4_2 | |
easy_software_products | cups | 1.1.4_3 | |
easy_software_products | cups | 1.1.4_5 | |
easy_software_products | cups | 1.1.6 | |
easy_software_products | cups | 1.1.7 | |
easy_software_products | cups | 1.1.10 | |
easy_software_products | cups | 1.1.12 | |
easy_software_products | cups | 1.1.13 | |
easy_software_products | cups | 1.1.14 | |
easy_software_products | cups | 1.1.15 | |
easy_software_products | cups | 1.1.16 | |
easy_software_products | cups | 1.1.17 | |
easy_software_products | cups | 1.1.18 | |
easy_software_products | cups | 1.1.19 | |
easy_software_products | cups | 1.1.19_rc5 | |
easy_software_products | cups | 1.1.20 | |
gnome | gpdf | 0.112 | |
gnome | gpdf | 0.131 | |
kde | koffice | 1.3 | |
kde | koffice | 1.3.1 | |
kde | koffice | 1.3.2 | |
kde | koffice | 1.3.3 | |
kde | koffice | 1.3_beta1 | |
kde | koffice | 1.3_beta2 | |
kde | koffice | 1.3_beta3 | |
kde | kpdf | 3.2 | |
pdftohtml | pdftohtml | 0.32a | |
pdftohtml | pdftohtml | 0.32b | |
pdftohtml | pdftohtml | 0.33 | |
pdftohtml | pdftohtml | 0.33a | |
pdftohtml | pdftohtml | 0.34 | |
pdftohtml | pdftohtml | 0.35 | |
pdftohtml | pdftohtml | 0.36 | |
tetex | tetex | 1.0.7 | |
tetex | tetex | 2.0 | |
tetex | tetex | 2.0.1 | |
tetex | tetex | 2.0.2 | |
xpdf | xpdf | 0.90 | |
xpdf | xpdf | 0.91 | |
xpdf | xpdf | 0.92 | |
xpdf | xpdf | 0.93 | |
xpdf | xpdf | 1.0 | |
xpdf | xpdf | 1.0a | |
xpdf | xpdf | 1.1 | |
xpdf | xpdf | 2.0 | |
xpdf | xpdf | 2.1 | |
xpdf | xpdf | 2.3 | |
xpdf | xpdf | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
gentoo | linux | * | |
kde | kde | 3.2 | |
kde | kde | 3.2.1 | |
kde | kde | 3.2.2 | |
kde | kde | 3.2.3 | |
kde | kde | 3.3 | |
kde | kde | 3.3.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux_desktop | 3.0 | |
redhat | fedora_core | core_2.0 | |
redhat | linux_advanced_workstation | 2.1 | |
redhat | linux_advanced_workstation | 2.1 | |
suse | suse_linux | 8.0 | |
suse | suse_linux | 8.1 | |
suse | suse_linux | 8.2 | |
suse | suse_linux | 9.0 | |
suse | suse_linux | 9.0 | |
suse | suse_linux | 9.1 | |
suse | suse_linux | 9.2 | |
ubuntu | ubuntu_linux | 4.1 | |
ubuntu | ubuntu_linux | 4.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "68BD578F-CCAD-4515-9205-EB4F297C6DB4", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4_8:*:*:*:*:*:*:*", "matchCriteriaId": "F3182CA2-7375-43BC-A0E5-DE11D4B65EE3", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCF4C8D0-3030-4DD5-800B-76A582A4CD0C", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "734D0C2C-F71F-461A-87EE-202C6B706753", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_2:*:*:*:*:*:*:*", "matchCriteriaId": "3F0F402D-5CD0-4477-8B59-C753CECB02BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_3:*:*:*:*:*:*:*", "matchCriteriaId": "959F7AFA-ED20-434C-993F-06C2A8574662", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_5:*:*:*:*:*:*:*", "matchCriteriaId": "D4F5A0A4-2884-46CA-A846-8B954EB80CFA", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "1741CC9D-C4A8-48F9-86CF-EC20AE2A6BE7", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "35E65857-12C7-49DE-AD27-3CACD456231C", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "47CEF035-57A6-470B-916A-E5562C28E866", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "4E26BB15-4CF8-4496-A7F7-EB34C444EF72", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.13:*:*:*:*:*:*:*", "matchCriteriaId": "D414984E-4F6B-4278-8346-968587E4B18E", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.14:*:*:*:*:*:*:*", "matchCriteriaId": "33C36DCB-2FDD-44E6-85E8-875575AAE69E", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.15:*:*:*:*:*:*:*", "matchCriteriaId": "7C4B7C23-0C54-4FBA-A774-9CC1E148376E", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.16:*:*:*:*:*:*:*", "matchCriteriaId": "9FA0EF14-33E6-4D44-B86E-F04014EA3C8F", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.17:*:*:*:*:*:*:*", "matchCriteriaId": "A5428EE6-F90A-4BB6-9D8C-8B99E80AB6DF", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.18:*:*:*:*:*:*:*", "matchCriteriaId": "A786A770-919E-4E23-949D-D836F316618A", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19:*:*:*:*:*:*:*", "matchCriteriaId": "00A2249C-73DE-434E-A41F-4EDB0ADC0845", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19_rc5:*:*:*:*:*:*:*", "matchCriteriaId": "73AB4D3D-FF35-4A50-A144-3AD41F6F2E55", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.20:*:*:*:*:*:*:*", "matchCriteriaId": "FB7653F1-70E2-423F-A6A9-30333644B506", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnome:gpdf:0.112:*:*:*:*:*:*:*", "matchCriteriaId": "2E70576E-C253-4F8B-A93E-14CC2EE7114D", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnome:gpdf:0.131:*:*:*:*:*:*:*", "matchCriteriaId": "832C5512-B473-40E8-BF4F-EC6ABFE46749", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "053435DD-BFDF-4C39-9919-11C42D569085", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "E9BB1A3C-3348-4545-A513-E504B33F72AB", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "CD45E2C8-0B0E-484F-8050-94BF77798183", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "4EAA654E-9DD4-4614-92D7-EF4D676B3A18", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3_beta1:*:*:*:*:*:*:*", "matchCriteriaId": "89C96FC9-40DB-467D-A701-49F97A1B887D", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3_beta2:*:*:*:*:*:*:*", "matchCriteriaId": "76128BDC-2CA7-4AE7-8C4F-BCB3835CA938", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3_beta3:*:*:*:*:*:*:*", "matchCriteriaId": "0B2517C7-27EF-4961-91C3-CA33219AFF2E", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.32a:*:*:*:*:*:*:*", "matchCriteriaId": "EE346726-71D6-438B-B600-A7E107332816", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.32b:*:*:*:*:*:*:*", "matchCriteriaId": "87E85020-B4DB-4011-BDD0-1C8967D45A84", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.33:*:*:*:*:*:*:*", "matchCriteriaId": "8189A9AB-F685-40E2-944F-8BD3DD6FA0A2", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.33a:*:*:*:*:*:*:*", "matchCriteriaId": "C33B8585-FA5F-4210-A997-615BCEE1726F", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.34:*:*:*:*:*:*:*", "matchCriteriaId": "F4AE4C34-C497-426F-AC0D-1805A50582EF", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.35:*:*:*:*:*:*:*", "matchCriteriaId": "A2989EFF-07B9-4EF2-B6C1-59E4F52FDC92", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.36:*:*:*:*:*:*:*", "matchCriteriaId": "A3970101-5E83-49FD-BCB6-D9176D46B5A4", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*", "matchCriteriaId": "28CC6233-E207-40CC-81FF-A8670EEA4295", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.91:*:*:*:*:*:*:*", "matchCriteriaId": "64DD9B5C-3DB8-4E15-B4A6-541E4E221C1D", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.92:*:*:*:*:*:*:*", "matchCriteriaId": "0304E1E3-8766-40D0-8879-A652B4E9E72D", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.93:*:*:*:*:*:*:*", "matchCriteriaId": "188F1343-8082-4B54-8DA4-E344818ABD52", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "B95DA7DE-B786-4EE7-A3F4-C077A7986D5F", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:1.0a:*:*:*:*:*:*:*", "matchCriteriaId": "C5306C05-4A71-4175-8C22-F2DE0F2FE4C4", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3B9DEF16-ECD5-4BBE-8986-52A6171B3D9F", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "CFFDBEEC-B2C1-47F0-82D3-FC9147B590A9", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "354487CF-0086-4AE2-872B-0032E3EB89EE", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "1169B802-7279-437F-AF59-621A67DC92EC", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*", "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*", "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*", "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*", "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*", "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*", "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*", "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*", "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "82F69843-978D-4686-BC5B-1D09DA4A21BD", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "81E19472-47B4-4398-A188-CA5A5D3E7060", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*", "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*", "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*", "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*", "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888." } ], "id": "CVE-2004-0889", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-01-27T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml" }, { "source": "cve@mitre.org", "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/11501" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17819" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/11501" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17819" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2006-03-09 00:02
Modified
2025-04-03 01:03
Severity ?
Summary
Certain patches for kpdf do not include all relevant patches from xpdf that were associated with CVE-2005-3627, which allows context-dependent attackers to exploit vulnerabilities that were present in CVE-2005-3627.
References
▶ | URL | Tags | |
---|---|---|---|
secalert@redhat.com | http://secunia.com/advisories/19189 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/19190 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/19264 | Vendor Advisory | |
secalert@redhat.com | http://securityreason.com/securityalert/566 | ||
secalert@redhat.com | http://securitytracker.com/id?1015751 | ||
secalert@redhat.com | http://www.debian.org/security/2006/dsa-1008 | ||
secalert@redhat.com | http://www.kde.org/info/security/advisory-20060202-1.txt | ||
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:054 | ||
secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2006-0262.html | ||
secalert@redhat.com | http://www.securityfocus.com/archive/1/427299/100/0/threaded | ||
secalert@redhat.com | http://www.securityfocus.com/bid/17039 | ||
secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/25146 | ||
secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11441 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19189 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19190 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19264 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/566 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1015751 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-1008 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20060202-1.txt | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:054 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2006-0262.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/427299/100/0/threaded | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/17039 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/25146 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11441 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:xpdf:xpdf:*:*:*:*:*:*:*:*", "matchCriteriaId": "BC1CAEC5-3851-4749-AF27-E090E3C52E35", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Certain patches for kpdf do not include all relevant patches from xpdf that were associated with CVE-2005-3627, which allows context-dependent attackers to exploit vulnerabilities that were present in CVE-2005-3627." } ], "id": "CVE-2006-0746", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2006-03-09T00:02:00.000", "references": [ { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19189" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19190" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19264" }, { "source": "secalert@redhat.com", "url": "http://securityreason.com/securityalert/566" }, { "source": "secalert@redhat.com", "url": "http://securitytracker.com/id?1015751" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-1008" }, { "source": "secalert@redhat.com", "url": "http://www.kde.org/info/security/advisory-20060202-1.txt" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:054" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2006-0262.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/427299/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/17039" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25146" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11441" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19189" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19190" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19264" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/566" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1015751" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1008" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.kde.org/info/security/advisory-20060202-1.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:054" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2006-0262.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427299/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/17039" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25146" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11441" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-12-07 01:03
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KDE kpdf, (d) pdftohtml, (e) KOffice KWord, (f) CUPS, and (g) libextractor allow user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with an out-of-range number of components (numComps), which is used as an array index.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt | ||
cve@mitre.org | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt | ||
cve@mitre.org | ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt | ||
cve@mitre.org | ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U | ||
cve@mitre.org | ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U | ||
cve@mitre.org | ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U | ||
cve@mitre.org | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289 | ||
cve@mitre.org | http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html | ||
cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2005-868.html | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/17897 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/17908 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/17912 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/17916 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/17920 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/17921 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/17926 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/17929 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/17940 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/17955 | ||
cve@mitre.org | http://secunia.com/advisories/17976 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18009 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18055 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18061 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18147 | ||
cve@mitre.org | http://secunia.com/advisories/18189 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18191 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18192 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18303 | ||
cve@mitre.org | http://secunia.com/advisories/18313 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18336 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18349 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18380 | ||
cve@mitre.org | http://secunia.com/advisories/18385 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18387 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18389 | ||
cve@mitre.org | http://secunia.com/advisories/18398 | ||
cve@mitre.org | http://secunia.com/advisories/18407 | ||
cve@mitre.org | http://secunia.com/advisories/18416 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18428 | ||
cve@mitre.org | http://secunia.com/advisories/18436 | ||
cve@mitre.org | http://secunia.com/advisories/18448 | ||
cve@mitre.org | http://secunia.com/advisories/18503 | ||
cve@mitre.org | http://secunia.com/advisories/18517 | ||
cve@mitre.org | http://secunia.com/advisories/18534 | ||
cve@mitre.org | http://secunia.com/advisories/18549 | ||
cve@mitre.org | http://secunia.com/advisories/18554 | ||
cve@mitre.org | http://secunia.com/advisories/18582 | ||
cve@mitre.org | http://secunia.com/advisories/18674 | ||
cve@mitre.org | http://secunia.com/advisories/18675 | ||
cve@mitre.org | http://secunia.com/advisories/18679 | ||
cve@mitre.org | http://secunia.com/advisories/18908 | ||
cve@mitre.org | http://secunia.com/advisories/18913 | ||
cve@mitre.org | http://secunia.com/advisories/19230 | ||
cve@mitre.org | http://secunia.com/advisories/19377 | ||
cve@mitre.org | http://secunia.com/advisories/19797 | ||
cve@mitre.org | http://secunia.com/advisories/19798 | ||
cve@mitre.org | http://secunia.com/advisories/25729 | ||
cve@mitre.org | http://secunia.com/advisories/26413 | ||
cve@mitre.org | http://securityreason.com/securityalert/233 | ||
cve@mitre.org | http://securityreason.com/securityalert/234 | ||
cve@mitre.org | http://securitytracker.com/id?1015309 | ||
cve@mitre.org | http://securitytracker.com/id?1015324 | ||
cve@mitre.org | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 | ||
cve@mitre.org | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 | ||
cve@mitre.org | http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 | ||
cve@mitre.org | http://www.debian.org/security/2005/dsa-931 | ||
cve@mitre.org | http://www.debian.org/security/2005/dsa-932 | ||
cve@mitre.org | http://www.debian.org/security/2005/dsa-937 | ||
cve@mitre.org | http://www.debian.org/security/2005/dsa-938 | ||
cve@mitre.org | http://www.debian.org/security/2005/dsa-940 | ||
cve@mitre.org | http://www.debian.org/security/2006/dsa-936 | ||
cve@mitre.org | http://www.debian.org/security/2006/dsa-950 | ||
cve@mitre.org | http://www.debian.org/security/2006/dsa-961 | ||
cve@mitre.org | http://www.debian.org/security/2006/dsa-962 | ||
cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml | ||
cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml | ||
cve@mitre.org | http://www.idefense.com/application/poi/display?id=342&type=vulnerabilities | Patch, Vendor Advisory | |
cve@mitre.org | http://www.idefense.com/application/poi/display?id=343&type=vulnerabilities | Patch, Vendor Advisory | |
cve@mitre.org | http://www.kde.org/info/security/advisory-20051207-1.txt | ||
cve@mitre.org | http://www.kde.org/info/security/advisory-20051207-2.txt | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2006:003 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2006:004 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2006:005 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2006:006 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2006:008 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2006:012 | ||
cve@mitre.org | http://www.novell.com/linux/security/advisories/2005_29_sr.html | ||
cve@mitre.org | http://www.novell.com/linux/security/advisories/2006_02_sr.html | ||
cve@mitre.org | http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html | ||
cve@mitre.org | http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html | ||
cve@mitre.org | http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html | ||
cve@mitre.org | http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html | ||
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-840.html | Vendor Advisory | |
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-867.html | Vendor Advisory | |
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-878.html | Vendor Advisory | |
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2006-0160.html | ||
cve@mitre.org | http://www.securityfocus.com/archive/1/418883/100/0/threaded | ||
cve@mitre.org | http://www.securityfocus.com/archive/1/427053/100/0/threaded | ||
cve@mitre.org | http://www.securityfocus.com/archive/1/427990/100/0/threaded | ||
cve@mitre.org | http://www.securityfocus.com/bid/15726 | ||
cve@mitre.org | http://www.securityfocus.com/bid/15727 | ||
cve@mitre.org | http://www.trustix.org/errata/2005/0072/ | ||
cve@mitre.org | http://www.ubuntulinux.org/usn/usn-227-1 | ||
cve@mitre.org | http://www.vupen.com/english/advisories/2005/2786 | ||
cve@mitre.org | http://www.vupen.com/english/advisories/2005/2787 | ||
cve@mitre.org | http://www.vupen.com/english/advisories/2005/2788 | ||
cve@mitre.org | http://www.vupen.com/english/advisories/2005/2789 | ||
cve@mitre.org | http://www.vupen.com/english/advisories/2005/2790 | ||
cve@mitre.org | http://www.vupen.com/english/advisories/2005/2856 | ||
cve@mitre.org | http://www.vupen.com/english/advisories/2007/2280 | ||
cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/23443 | ||
cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/23444 | ||
cve@mitre.org | https://issues.rpath.com/browse/RPL-1609 | ||
cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9760 | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U | ||
af854a3a-2127-422b-91ae-364da2661108 | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2005-868.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17897 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17908 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17912 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17916 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17920 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17921 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17926 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17929 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17940 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17955 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17976 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18009 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18055 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18061 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18147 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18189 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18191 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18192 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18303 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18313 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18336 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18349 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18380 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18385 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18387 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18389 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18398 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18407 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18416 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18428 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18436 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18448 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18503 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18517 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18534 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18549 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18554 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18582 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18674 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18675 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18679 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18908 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18913 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19230 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19377 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19797 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19798 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/25729 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26413 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/233 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/234 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1015309 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1015324 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-931 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-932 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-937 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-938 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-940 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-936 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-950 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-961 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-962 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.idefense.com/application/poi/display?id=342&type=vulnerabilities | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.idefense.com/application/poi/display?id=343&type=vulnerabilities | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20051207-1.txt | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20051207-2.txt | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:003 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:004 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:005 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:006 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:008 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:012 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2005_29_sr.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2006_02_sr.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-840.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-867.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-878.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2006-0160.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/418883/100/0/threaded | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/427053/100/0/threaded | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/427990/100/0/threaded | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/15726 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/15727 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.trustix.org/errata/2005/0072/ | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntulinux.org/usn/usn-227-1 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2005/2786 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2005/2787 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2005/2788 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2005/2789 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2005/2790 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2005/2856 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/2280 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/23443 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/23444 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://issues.rpath.com/browse/RPL-1609 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9760 |
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*", "matchCriteriaId": "28CC6233-E207-40CC-81FF-A8670EEA4295", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.91:*:*:*:*:*:*:*", "matchCriteriaId": "64DD9B5C-3DB8-4E15-B4A6-541E4E221C1D", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.92:*:*:*:*:*:*:*", "matchCriteriaId": "0304E1E3-8766-40D0-8879-A652B4E9E72D", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.93:*:*:*:*:*:*:*", "matchCriteriaId": "188F1343-8082-4B54-8DA4-E344818ABD52", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "B95DA7DE-B786-4EE7-A3F4-C077A7986D5F", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:1.0a:*:*:*:*:*:*:*", "matchCriteriaId": "C5306C05-4A71-4175-8C22-F2DE0F2FE4C4", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3B9DEF16-ECD5-4BBE-8986-52A6171B3D9F", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "CFFDBEEC-B2C1-47F0-82D3-FC9147B590A9", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "354487CF-0086-4AE2-872B-0032E3EB89EE", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "96767060-505A-42D2-A68A-6AD810DE800A", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "1169B802-7279-437F-AF59-621A67DC92EC", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "2B77866E-6818-4DE6-9457-39416871952C", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0_pl2:*:*:*:*:*:*:*", "matchCriteriaId": "F6D23CF8-2B6C-4D2A-8E5E-6AACE99A7C19", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0_pl3:*:*:*:*:*:*:*", "matchCriteriaId": "9107B531-7254-4908-97F0-3BF1EA0495AC", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KDE kpdf, (d) pdftohtml, (e) KOffice KWord, (f) CUPS, and (g) libextractor allow user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with an out-of-range number of components (numComps), which is used as an array index." } ], "id": "CVE-2005-3191", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 4.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2005-12-07T01:03:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "source": "cve@mitre.org", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt" }, { "source": "cve@mitre.org", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt" }, { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "cve@mitre.org", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289" }, { "source": "cve@mitre.org", "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2005-868.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17897" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17908" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17912" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17916" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17920" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17921" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17926" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17929" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17940" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/17955" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17976" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18009" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18055" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18061" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18147" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18189" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18191" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18192" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18303" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18313" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18336" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18349" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18380" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18385" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18387" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18389" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18398" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18407" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18416" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18428" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18436" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18448" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18503" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18517" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18534" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18549" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18554" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18582" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18674" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18675" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18679" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18908" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18913" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/19230" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/19377" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/19797" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/19798" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/25729" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/26413" }, { "source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/233" }, { "source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/234" }, { "source": "cve@mitre.org", "url": "http://securitytracker.com/id?1015309" }, { "source": "cve@mitre.org", "url": "http://securitytracker.com/id?1015324" }, { "source": "cve@mitre.org", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "cve@mitre.org", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "cve@mitre.org", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2005/dsa-931" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2005/dsa-932" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2005/dsa-937" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2005/dsa-938" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2005/dsa-940" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2006/dsa-950" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2006/dsa-961" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2006/dsa-962" }, { "source": "cve@mitre.org", "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml" }, { "source": "cve@mitre.org", "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.idefense.com/application/poi/display?id=342\u0026type=vulnerabilities" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.idefense.com/application/poi/display?id=343\u0026type=vulnerabilities" }, { "source": "cve@mitre.org", "url": "http://www.kde.org/info/security/advisory-20051207-1.txt" }, { "source": "cve@mitre.org", "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/2005_29_sr.html" }, { "source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/2006_02_sr.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-840.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-867.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-878.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/418883/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/15726" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/15727" }, { "source": "cve@mitre.org", "url": "http://www.trustix.org/errata/2005/0072/" }, { "source": "cve@mitre.org", "url": "http://www.ubuntulinux.org/usn/usn-227-1" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2005/2786" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2005/2787" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2005/2788" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2005/2789" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2005/2790" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2005/2856" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23443" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23444" }, { "source": "cve@mitre.org", "url": "https://issues.rpath.com/browse/RPL-1609" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9760" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2005-868.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17897" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17908" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17912" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17916" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17920" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17921" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17926" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17929" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17940" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17955" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17976" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18009" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18055" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18061" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18147" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18189" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18191" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18192" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18303" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18313" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18336" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18349" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18380" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18385" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18387" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18389" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18398" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18407" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18416" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18428" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18436" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18448" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18503" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18517" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18534" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18549" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18554" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18582" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18674" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18675" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18679" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18908" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18913" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19230" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19377" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19797" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19798" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25729" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26413" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/233" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/234" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1015309" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1015324" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-931" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-932" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-937" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-938" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-940" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-950" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-961" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-962" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.idefense.com/application/poi/display?id=342\u0026type=vulnerabilities" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.idefense.com/application/poi/display?id=343\u0026type=vulnerabilities" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.kde.org/info/security/advisory-20051207-1.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2005_29_sr.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2006_02_sr.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-840.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-867.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-878.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/418883/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/15726" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/15727" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.trustix.org/errata/2005/0072/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntulinux.org/usn/usn-227-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2005/2786" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2005/2787" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2005/2788" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2005/2789" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2005/2790" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2005/2856" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23443" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23444" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://issues.rpath.com/browse/RPL-1609" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9760" } ], "sourceIdentifier": "cve@mitre.org", "vendorComments": [ { "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", "lastModified": "2007-03-14T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch | Patch | |
cve@mitre.org | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt | ||
cve@mitre.org | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000921 | Patch, Vendor Advisory | |
cve@mitre.org | http://marc.info/?l=bugtraq&m=110625368019554&w=2 | ||
cve@mitre.org | http://secunia.com/advisories/17277 | ||
cve@mitre.org | http://www.debian.org/security/2005/dsa-645 | Patch, Vendor Advisory | |
cve@mitre.org | http://www.debian.org/security/2005/dsa-648 | Patch, Vendor Advisory | |
cve@mitre.org | http://www.idefense.com/application/poi/display?id=186&type=vulnerabilities | Exploit, Patch, Vendor Advisory | |
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2005:016 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2005:017 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2005:018 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2005:019 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2005:020 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2005:021 | ||
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-026.html | ||
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-034.html | Patch, Vendor Advisory | |
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-053.html | Patch, Vendor Advisory | |
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-057.html | Patch, Vendor Advisory | |
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-059.html | Patch, Vendor Advisory | |
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-066.html | Patch, Vendor Advisory | |
cve@mitre.org | http://www.trustix.org/errata/2005/0003/ | Patch, Vendor Advisory | |
cve@mitre.org | https://bugzilla.fedora.us/show_bug.cgi?id=2352 | Patch, Vendor Advisory | |
cve@mitre.org | https://bugzilla.fedora.us/show_bug.cgi?id=2353 | Patch, Vendor Advisory | |
cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11781 | ||
cve@mitre.org | https://security.gentoo.org/glsa/200501-28 | ||
cve@mitre.org | https://security.gentoo.org/glsa/200502-10 | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch | Patch | |
af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt | ||
af854a3a-2127-422b-91ae-364da2661108 | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000921 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=110625368019554&w=2 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17277 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-645 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-648 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.idefense.com/application/poi/display?id=186&type=vulnerabilities | Exploit, Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2005:016 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2005:017 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2005:018 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2005:019 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2005:020 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2005:021 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-026.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-034.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-053.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-057.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-059.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-066.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.trustix.org/errata/2005/0003/ | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.fedora.us/show_bug.cgi?id=2352 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.fedora.us/show_bug.cgi?id=2353 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11781 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/200501-28 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/200502-10 |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
xpdf | xpdf | 0.2 | |
xpdf | xpdf | 0.3 | |
xpdf | xpdf | 0.4 | |
xpdf | xpdf | 0.5 | |
xpdf | xpdf | 0.5a | |
xpdf | xpdf | 0.6 | |
xpdf | xpdf | 0.7 | |
xpdf | xpdf | 0.7a | |
xpdf | xpdf | 0.80 | |
xpdf | xpdf | 0.90 | |
xpdf | xpdf | 0.91 | |
xpdf | xpdf | 0.91a | |
xpdf | xpdf | 0.91b | |
xpdf | xpdf | 0.91c | |
xpdf | xpdf | 0.92 | |
xpdf | xpdf | 0.92a | |
xpdf | xpdf | 0.92b | |
xpdf | xpdf | 0.92c | |
xpdf | xpdf | 0.92d | |
xpdf | xpdf | 0.92e | |
xpdf | xpdf | 0.93 | |
xpdf | xpdf | 0.93a | |
xpdf | xpdf | 0.93b | |
xpdf | xpdf | 0.93c | |
xpdf | xpdf | 1.0 | |
xpdf | xpdf | 1.0a | |
xpdf | xpdf | 1.1 | |
xpdf | xpdf | 2.0 | |
xpdf | xpdf | 2.1 | |
xpdf | xpdf | 2.2 | |
xpdf | xpdf | 2.3 | |
xpdf | xpdf | 3.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:xpdf:xpdf:0.2:*:*:*:*:*:*:*", "matchCriteriaId": "D4D33C2A-E803-4575-B4CF-D5E484A22D80", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.3:*:*:*:*:*:*:*", "matchCriteriaId": "A2A7B432-CDA1-472C-8FA4-30952A5A542D", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.4:*:*:*:*:*:*:*", "matchCriteriaId": "82DFDA2C-4518-4491-A8B5-DFD08997D2F6", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.5:*:*:*:*:*:*:*", "matchCriteriaId": "DFB22C0B-E48E-4AD7-92BC-6DFB2D1F121C", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.5a:*:*:*:*:*:*:*", "matchCriteriaId": "5A668276-7AE1-4395-90EE-E5A7B84657C5", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.6:*:*:*:*:*:*:*", "matchCriteriaId": "F5D90CF9-30BC-4F64-9A90-3B8160BB1737", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.7:*:*:*:*:*:*:*", "matchCriteriaId": "172B87AF-5263-46CA-A9C2-AC08CCBC2960", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.7a:*:*:*:*:*:*:*", "matchCriteriaId": "48F57D8D-E95C-4E80-B99C-475CB4D866F3", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.80:*:*:*:*:*:*:*", "matchCriteriaId": "756DDE44-2E0C-4209-ABBF-B9F73E4308C7", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*", "matchCriteriaId": "28CC6233-E207-40CC-81FF-A8670EEA4295", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.91:*:*:*:*:*:*:*", "matchCriteriaId": "64DD9B5C-3DB8-4E15-B4A6-541E4E221C1D", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.91a:*:*:*:*:*:*:*", "matchCriteriaId": "57BB7E29-D56E-4B1B-ACFF-012B9B1E3187", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.91b:*:*:*:*:*:*:*", "matchCriteriaId": "6E9AA00B-7910-426C-BA4F-56476C101E31", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.91c:*:*:*:*:*:*:*", "matchCriteriaId": "25102E75-6D76-4DBF-B559-3C514B79D710", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.92:*:*:*:*:*:*:*", "matchCriteriaId": "0304E1E3-8766-40D0-8879-A652B4E9E72D", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.92a:*:*:*:*:*:*:*", "matchCriteriaId": "00D8F3B8-255A-41BF-9A6D-8D44796FFC12", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.92b:*:*:*:*:*:*:*", "matchCriteriaId": "8F432DC7-26C9-4645-B297-625F2D4C6F01", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.92c:*:*:*:*:*:*:*", "matchCriteriaId": "49D5BC8E-8877-4277-BF7F-2021E9F20146", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.92d:*:*:*:*:*:*:*", "matchCriteriaId": "8D7DBEC5-478B-4AF5-ADC5-F95650DB90BA", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.92e:*:*:*:*:*:*:*", "matchCriteriaId": "BBC1A6C4-145B-49A4-A6B7-5DB9C8C5DF3D", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.93:*:*:*:*:*:*:*", "matchCriteriaId": "188F1343-8082-4B54-8DA4-E344818ABD52", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.93a:*:*:*:*:*:*:*", "matchCriteriaId": "F4377ECA-92FE-4E39-B9F3-4220262CB989", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.93b:*:*:*:*:*:*:*", "matchCriteriaId": "BC3D4DA0-C4B0-4727-AADF-522A7C4ECA55", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.93c:*:*:*:*:*:*:*", "matchCriteriaId": "EAC59A29-3F4E-4667-9966-E94F5FC3036D", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "B95DA7DE-B786-4EE7-A3F4-C077A7986D5F", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:1.0a:*:*:*:*:*:*:*", "matchCriteriaId": "C5306C05-4A71-4175-8C22-F2DE0F2FE4C4", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3B9DEF16-ECD5-4BBE-8986-52A6171B3D9F", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "CFFDBEEC-B2C1-47F0-82D3-FC9147B590A9", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "354487CF-0086-4AE2-872B-0032E3EB89EE", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "96767060-505A-42D2-A68A-6AD810DE800A", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "1169B802-7279-437F-AF59-621A67DC92EC", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value." } ], "id": "CVE-2005-0064", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-05-02T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch" }, { "source": "cve@mitre.org", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000921" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=110625368019554\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/17277" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2005/dsa-645" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2005/dsa-648" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.idefense.com/application/poi/display?id=186\u0026type=vulnerabilities" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:016" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:017" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:018" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:019" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:020" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:021" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-026.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-059.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-066.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.trustix.org/errata/2005/0003/" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2352" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11781" }, { "source": "cve@mitre.org", "url": "https://security.gentoo.org/glsa/200501-28" }, { "source": "cve@mitre.org", "url": "https://security.gentoo.org/glsa/200502-10" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000921" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=110625368019554\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17277" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2005/dsa-645" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2005/dsa-648" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.idefense.com/application/poi/display?id=186\u0026type=vulnerabilities" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:016" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:017" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:018" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:019" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:020" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:021" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-026.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-059.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-066.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.trustix.org/errata/2005/0003/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2352" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11781" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/200501-28" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/200502-10" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
References
▶ | URL | Tags | |
---|---|---|---|
secalert@redhat.com | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt | ||
secalert@redhat.com | ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U | ||
secalert@redhat.com | ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U | ||
secalert@redhat.com | ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U | ||
secalert@redhat.com | http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html | Patch | |
secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2006-0177.html | Patch, Vendor Advisory | |
secalert@redhat.com | http://scary.beasts.org/security/CESA-2005-003.txt | Exploit, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18147 | ||
secalert@redhat.com | http://secunia.com/advisories/18303 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18312 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18313 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18329 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18332 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18334 | ||
secalert@redhat.com | http://secunia.com/advisories/18338 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18349 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18373 | ||
secalert@redhat.com | http://secunia.com/advisories/18375 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18380 | ||
secalert@redhat.com | http://secunia.com/advisories/18385 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18387 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18389 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18398 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18407 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18414 | ||
secalert@redhat.com | http://secunia.com/advisories/18416 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18423 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18425 | ||
secalert@redhat.com | http://secunia.com/advisories/18428 | ||
secalert@redhat.com | http://secunia.com/advisories/18436 | ||
secalert@redhat.com | http://secunia.com/advisories/18448 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18463 | ||
secalert@redhat.com | http://secunia.com/advisories/18517 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18534 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18554 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18582 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18642 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18644 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18674 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18675 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18679 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18908 | ||
secalert@redhat.com | http://secunia.com/advisories/18913 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/19230 | ||
secalert@redhat.com | http://secunia.com/advisories/19377 | ||
secalert@redhat.com | http://secunia.com/advisories/25729 | ||
secalert@redhat.com | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 | ||
secalert@redhat.com | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 | ||
secalert@redhat.com | http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 | ||
secalert@redhat.com | http://www.debian.org/security/2005/dsa-931 | ||
secalert@redhat.com | http://www.debian.org/security/2005/dsa-932 | ||
secalert@redhat.com | http://www.debian.org/security/2005/dsa-937 | ||
secalert@redhat.com | http://www.debian.org/security/2005/dsa-938 | ||
secalert@redhat.com | http://www.debian.org/security/2005/dsa-940 | ||
secalert@redhat.com | http://www.debian.org/security/2006/dsa-936 | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.debian.org/security/2006/dsa-950 | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.debian.org/security/2006/dsa-961 | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.debian.org/security/2006/dsa-962 | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.kde.org/info/security/advisory-20051207-2.txt | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:003 | ||
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:004 | ||
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:005 | ||
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:006 | ||
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:008 | ||
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 | ||
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 | ||
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:012 | ||
secalert@redhat.com | http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html | ||
secalert@redhat.com | http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html | ||
secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2006-0160.html | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2006-0163.html | ||
secalert@redhat.com | http://www.securityfocus.com/archive/1/427053/100/0/threaded | ||
secalert@redhat.com | http://www.securityfocus.com/archive/1/427990/100/0/threaded | ||
secalert@redhat.com | http://www.securityfocus.com/bid/16143 | Patch | |
secalert@redhat.com | http://www.trustix.org/errata/2006/0002/ | ||
secalert@redhat.com | http://www.vupen.com/english/advisories/2006/0047 | ||
secalert@redhat.com | http://www.vupen.com/english/advisories/2007/2280 | ||
secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/24022 | ||
secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437 | ||
secalert@redhat.com | https://usn.ubuntu.com/236-1/ | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U | ||
af854a3a-2127-422b-91ae-364da2661108 | http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html | Patch | |
af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2006-0177.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://scary.beasts.org/security/CESA-2005-003.txt | Exploit, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18147 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18303 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18312 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18313 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18329 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18332 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18334 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18338 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18349 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18373 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18375 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18380 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18385 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18387 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18389 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18398 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18407 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18414 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18416 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18423 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18425 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18428 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18436 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18448 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18463 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18517 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18534 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18554 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18582 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18642 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18644 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18674 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18675 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18679 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18908 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18913 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19230 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19377 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/25729 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-931 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-932 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-937 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-938 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-940 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-936 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-950 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-961 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-962 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20051207-2.txt | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:003 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:004 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:005 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:006 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:008 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:012 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2006-0160.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2006-0163.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/427053/100/0/threaded | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/427990/100/0/threaded | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/16143 | Patch | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.trustix.org/errata/2006/0002/ | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2006/0047 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/2280 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/24022 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/236-1/ |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
easy_software_products | cups | 1.1.22 | |
easy_software_products | cups | 1.1.22_rc1 | |
easy_software_products | cups | 1.1.23 | |
easy_software_products | cups | 1.1.23_rc1 | |
kde | kdegraphics | 3.2 | |
kde | kdegraphics | 3.4.3 | |
kde | koffice | 1.4 | |
kde | koffice | 1.4.1 | |
kde | koffice | 1.4.2 | |
kde | kpdf | 3.2 | |
kde | kpdf | 3.4.3 | |
kde | kword | 1.4.2 | |
libextractor | libextractor | * | |
poppler | poppler | 0.4.2 | |
sgi | propack | 3.0 | |
tetex | tetex | 1.0.7 | |
tetex | tetex | 2.0 | |
tetex | tetex | 2.0.1 | |
tetex | tetex | 2.0.2 | |
tetex | tetex | 3.0 | |
xpdf | xpdf | 3.0 | |
conectiva | linux | 10.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
gentoo | linux | * | |
mandrakesoft | mandrake_linux | 10.1 | |
mandrakesoft | mandrake_linux | 10.1 | |
mandrakesoft | mandrake_linux | 10.2 | |
mandrakesoft | mandrake_linux | 10.2 | |
mandrakesoft | mandrake_linux | 2006 | |
mandrakesoft | mandrake_linux | 2006 | |
mandrakesoft | mandrake_linux_corporate_server | 2.1 | |
mandrakesoft | mandrake_linux_corporate_server | 2.1 | |
mandrakesoft | mandrake_linux_corporate_server | 3.0 | |
mandrakesoft | mandrake_linux_corporate_server | 3.0 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux | 4.0 | |
redhat | enterprise_linux | 4.0 | |
redhat | enterprise_linux | 4.0 | |
redhat | enterprise_linux_desktop | 3.0 | |
redhat | enterprise_linux_desktop | 4.0 | |
redhat | fedora_core | core_1.0 | |
redhat | fedora_core | core_2.0 | |
redhat | fedora_core | core_3.0 | |
redhat | fedora_core | core_4.0 | |
redhat | linux | 7.3 | |
redhat | linux | 9.0 | |
redhat | linux_advanced_workstation | 2.1 | |
redhat | linux_advanced_workstation | 2.1 | |
sco | openserver | 5.0.7 | |
sco | openserver | 6.0 | |
slackware | slackware_linux | 9.0 | |
slackware | slackware_linux | 9.1 | |
slackware | slackware_linux | 10.0 | |
slackware | slackware_linux | 10.1 | |
slackware | slackware_linux | 10.2 | |
suse | suse_linux | 1.0 | |
suse | suse_linux | 9.0 | |
suse | suse_linux | 9.0 | |
suse | suse_linux | 9.0 | |
suse | suse_linux | 9.0 | |
suse | suse_linux | 9.0 | |
suse | suse_linux | 9.1 | |
suse | suse_linux | 9.1 | |
suse | suse_linux | 9.1 | |
suse | suse_linux | 9.2 | |
suse | suse_linux | 9.2 | |
suse | suse_linux | 9.2 | |
suse | suse_linux | 9.3 | |
suse | suse_linux | 9.3 | |
suse | suse_linux | 9.3 | |
suse | suse_linux | 10.0 | |
suse | suse_linux | 10.0 | |
trustix | secure_linux | 2.0 | |
trustix | secure_linux | 2.2 | |
trustix | secure_linux | 3.0 | |
turbolinux | turbolinux | 10 | |
turbolinux | turbolinux | fuji | |
turbolinux | turbolinux_appliance_server | 1.0_hosting_edition | |
turbolinux | turbolinux_appliance_server | 1.0_workgroup_edition | |
turbolinux | turbolinux_desktop | 10.0 | |
turbolinux | turbolinux_home | * | |
turbolinux | turbolinux_multimedia | * | |
turbolinux | turbolinux_personal | * | |
turbolinux | turbolinux_server | 8.0 | |
turbolinux | turbolinux_server | 10.0 | |
turbolinux | turbolinux_server | 10.0_x86 | |
turbolinux | turbolinux_workstation | 8.0 | |
ubuntu | ubuntu_linux | 4.1 | |
ubuntu | ubuntu_linux | 4.1 | |
ubuntu | ubuntu_linux | 5.04 | |
ubuntu | ubuntu_linux | 5.04 | |
ubuntu | ubuntu_linux | 5.04 | |
ubuntu | ubuntu_linux | 5.10 | |
ubuntu | ubuntu_linux | 5.10 | |
ubuntu | ubuntu_linux | 5.10 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22:*:*:*:*:*:*:*", "matchCriteriaId": "B1512A96-B8E7-4DB7-A4CB-8FD3773BFC97", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "787B918D-9CCC-44FE-92AF-E8DF1E91A3C7", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23:*:*:*:*:*:*:*", "matchCriteriaId": "C116493B-2837-4531-9291-A9FF03099A97", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "525BD04B-387F-4713-BC89-472D0D0BCFD0", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kdegraphics:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "6BF92649-90CE-4E75-A938-61D0916B5A7E", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kdegraphics:3.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "2CA505B4-0C17-49C8-9533-CA8CE3AA77D8", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "37C08E0A-651F-458B-BCEC-A30DCD527E47", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "6000D6AF-C056-4BC0-A54C-72E23E52AB92", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "A7D036E4-FA49-417D-968B-9D73B16A09BA", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kpdf:3.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "BC2AB9CB-DEAB-45AB-A7CA-D19E069907EC", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kword:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "EAC32BAA-99B3-4B40-83A3-ED9E1B12B295", "vulnerable": true }, { "criteria": "cpe:2.3:a:libextractor:libextractor:*:*:*:*:*:*:*:*", "matchCriteriaId": "679D9520-DE8E-4D06-A227-3B1C1D05977D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:sp6:*:*:*:*:*:*", "matchCriteriaId": "EF8ABD90-AD2B-4FA0-A355-9D7CD6D3C486", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "9178B36F-41D5-4AE7-B9C8-56BDEADE76EB", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*", "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*", "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*", "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*", "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*", "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*", "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*", "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*", "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "5BF84240-1881-4EFB-BB2F-F9CE8AD09C7B", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*", "matchCriteriaId": "AF8AE8C4-810F-41AB-A251-5A2D4DD6884D", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*", "matchCriteriaId": "5EACF214-FA27-44FF-A431-927AB79377A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*", "matchCriteriaId": "E2B58895-0E2A-4466-9CB2-0083349A83B2", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*", "matchCriteriaId": "03F8220A-9B1C-40AA-AEAB-F9A93225FBD5", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*", "matchCriteriaId": "2311919C-7864-469D-B0F6-9B11D8D0A1C3", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*", "matchCriteriaId": "19876495-4C1A-487C-955A-C5AA46362A1F", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*", "matchCriteriaId": "D75286DD-50BC-4B72-8AC8-E20730124DC2", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*", "matchCriteriaId": "1998C972-497E-4916-B50E-FB32303EEA8E", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "A6CD3DD9-3A8A-4716-A2D1-136A790AFF94", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*", "matchCriteriaId": "6CE2020A-4FB2-4FCD-8561-7BD147CD95EB", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "08E90AFA-C262-46D0-B60E-26B67C9602D5", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:*", "matchCriteriaId": "0315FB43-D199-4734-B724-50ED031C0020", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:*:*:*:*:*:*", "matchCriteriaId": "11D69B83-4EF3-407B-8E8C-DE623F099C17", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:x86-64:*:*:*:*:*", "matchCriteriaId": "7D221688-18A0-453D-8D13-6B68011FCA13", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*", "matchCriteriaId": "597094EC-D23F-4EC4-A140-96F287679124", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86-64:*:*:*:*:*", "matchCriteriaId": "C4FCF0D3-A6CB-448E-B0D3-DA82BE02DEC8", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*", "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*", "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*", "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*", "matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*", "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C720DACC-CF4B-4A00-818C-8303A7D7DED6", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*", "matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "7458BA31-812E-40C9-BB92-8688A3BCBA56", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "D29C5A03-A7C9-4780-BB63-CF1E874D018D", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "B85EF0EE-3E61-4CA3-9F00-610AB2E1CFCF", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.2:*:*:*:*:*:*:*", "matchCriteriaId": "70440F49-AEE9-41BE-8E1A-43AB657C8E09", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:personal:*:*:*:*:*", "matchCriteriaId": "F239BA8A-6B41-4B08-8C7C-25D235812C50", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:professional:*:*:*:*:*", "matchCriteriaId": "89BA858B-9466-4640-84AE-DC5BDC65D6B8", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:s_390:*:*:*:*:*", "matchCriteriaId": "85F2D904-E830-4034-9CCB-0FF65019622C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:personal:*:*:*:*:*", "matchCriteriaId": "3EA56868-ACA1-4C65-9FFB-A68129D2428A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:professional:*:*:*:*:*", "matchCriteriaId": "1BA2E629-58C6-4BA0-A447-F8F570B35E74", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:personal:*:*:*:*:*", "matchCriteriaId": "3BEE15E9-9194-4E37-AB3B-66ECD5AC9E11", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:professional:*:*:*:*:*", "matchCriteriaId": "C89BA3B6-370B-4911-A363-935A9C9EACF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*", "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:personal:*:*:*:*:*", "matchCriteriaId": "4F1B4D15-0562-44D6-B80B-35A8F432BD41", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:professional:*:*:*:*:*", "matchCriteriaId": "D84ABF78-0D85-4E15-907E-B5ACE86EB8C7", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:x86_64:*:*:*:*:*", "matchCriteriaId": "9C7018E7-F90C-435D-A07A-05A294EA2827", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*", "matchCriteriaId": "16915004-1006-41D6-9E42-D1A5041E442D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:professional:*:*:*:*:*", "matchCriteriaId": "994ABCE2-3B9E-4E4E-83F7-CE2A79C70F64", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "100A2456-BF20-4461-8DC9-C61889322B29", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:10:*:*:*:*:*:*:*", "matchCriteriaId": "1C7D4F57-E186-497A-B390-92E5D2C7E894", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*", "matchCriteriaId": "CEC3F6F3-9A6E-4A98-A967-6776C872475C", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_hosting_edition:*:*:*:*:*:*:*", "matchCriteriaId": "FC3218DD-A565-4AB8-86FE-E7F59AC0535F", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_workgroup_edition:*:*:*:*:*:*:*", "matchCriteriaId": "97AEDB57-202F-4B53-8815-21836F177060", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_home:*:*:*:*:*:*:*:*", "matchCriteriaId": "065FF0F1-7FAC-4584-92EA-EAA87DC76FA1", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_multimedia:*:*:*:*:*:*:*:*", "matchCriteriaId": "E27180A1-9767-4CD3-978C-7538155B162D", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_personal:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAAA9376-A060-49AE-86A7-6B28E26ED5D9", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "B484D091-62DE-4EF2-AC54-26896CA8B315", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0_x86:*:*:*:*:*:*:*", "matchCriteriaId": "EC5AC26E-3F3F-4D14-BE65-82B4432AB382", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*", "matchCriteriaId": "3BD12488-1ED8-4751-ABF5-3578D54750A8", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*", "matchCriteriaId": "AE3733CF-4C88-443C-9B90-6477C9C500D0", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*", "matchCriteriaId": "9C500A75-D75E-45B4-B582-0F0DF27C3C04", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*", "matchCriteriaId": "86FD134D-A5C5-4B08-962D-70CF07C74923", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*", "matchCriteriaId": "FA84692E-F99D-4207-B4F2-799A6ADB88AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*", "matchCriteriaId": "8B0F1091-4B76-44F5-B896-6D37E2F909A2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows." } ], "id": "CVE-2005-3624", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-12-31T05:00:00.000", "references": [ { "source": "secalert@redhat.com", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "source": "secalert@redhat.com", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18147" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18303" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18312" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18313" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18329" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18332" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18334" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18338" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18349" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18373" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18375" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18380" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18385" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18387" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18389" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18398" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18407" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18414" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18416" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18423" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18425" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18428" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18436" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18448" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18463" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18517" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18534" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18554" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18582" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18642" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18644" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18674" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18675" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18679" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18908" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18913" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19230" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19377" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/25729" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-931" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-932" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-937" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-938" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-940" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/16143" }, { "source": "secalert@redhat.com", "url": "http://www.trustix.org/errata/2006/0002/" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437" }, { "source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/236-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18147" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18303" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18312" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18313" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18329" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18332" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18334" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18338" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18349" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18373" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18375" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18380" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18385" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18387" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18389" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18398" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18407" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18414" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18416" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18425" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18428" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18436" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18448" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18463" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18517" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18534" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18554" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18582" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18642" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18644" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18674" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18675" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18679" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18908" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18913" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19230" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19377" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25729" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-931" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-932" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-937" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-938" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-940" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/16143" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.trustix.org/errata/2006/0002/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/236-1/" } ], "sourceIdentifier": "secalert@redhat.com", "vendorComments": [ { "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", "lastModified": "2007-03-14T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-189" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-10-20 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
xpdf PDF viewer client earlier than 0.91 allows local users to overwrite arbitrary files via a symlink attack.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://marc.info/?l=bugtraq&m=96766355023239&w=2 | ||
cve@mitre.org | http://marc.info/?l=bugtraq&m=96886599829687&w=2 | ||
cve@mitre.org | http://www.calderasystems.com/support/security/advisories/CSSA-2000-031.0.txt | ||
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2000-060.html | ||
cve@mitre.org | http://www.securityfocus.com/bid/1624 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=96766355023239&w=2 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=96886599829687&w=2 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.calderasystems.com/support/security/advisories/CSSA-2000-031.0.txt | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2000-060.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/1624 | Patch, Vendor Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*", "matchCriteriaId": "28CC6233-E207-40CC-81FF-A8670EEA4295", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "xpdf PDF viewer client earlier than 0.91 allows local users to overwrite arbitrary files via a symlink attack." } ], "id": "CVE-2000-0728", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-10-20T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=96766355023239\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=96886599829687\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-031.0.txt" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-060.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1624" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=96766355023239\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=96886599829687\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-031.0.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-060.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1624" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
References
▶ | URL | Tags | |
---|---|---|---|
secalert@redhat.com | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt | ||
secalert@redhat.com | ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U | ||
secalert@redhat.com | ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U | ||
secalert@redhat.com | ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U | ||
secalert@redhat.com | http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html | Patch, Vendor Advisory | |
secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2006-0177.html | Patch, Vendor Advisory | |
secalert@redhat.com | http://scary.beasts.org/security/CESA-2005-003.txt | Exploit | |
secalert@redhat.com | http://secunia.com/advisories/18147 | ||
secalert@redhat.com | http://secunia.com/advisories/18303 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18312 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18313 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18329 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18332 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18334 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18335 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18338 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18349 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18373 | ||
secalert@redhat.com | http://secunia.com/advisories/18375 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18380 | ||
secalert@redhat.com | http://secunia.com/advisories/18385 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18387 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18389 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18398 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18407 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18414 | ||
secalert@redhat.com | http://secunia.com/advisories/18416 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18423 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18425 | ||
secalert@redhat.com | http://secunia.com/advisories/18428 | ||
secalert@redhat.com | http://secunia.com/advisories/18436 | ||
secalert@redhat.com | http://secunia.com/advisories/18448 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18463 | ||
secalert@redhat.com | http://secunia.com/advisories/18517 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18534 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18554 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18582 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18642 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18644 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18674 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18675 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18679 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18908 | ||
secalert@redhat.com | http://secunia.com/advisories/18913 | ||
secalert@redhat.com | http://secunia.com/advisories/19230 | ||
secalert@redhat.com | http://secunia.com/advisories/19377 | ||
secalert@redhat.com | http://secunia.com/advisories/25729 | ||
secalert@redhat.com | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 | ||
secalert@redhat.com | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 | ||
secalert@redhat.com | http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 | ||
secalert@redhat.com | http://www.debian.org/security/2005/dsa-931 | ||
secalert@redhat.com | http://www.debian.org/security/2005/dsa-932 | ||
secalert@redhat.com | http://www.debian.org/security/2005/dsa-937 | ||
secalert@redhat.com | http://www.debian.org/security/2005/dsa-938 | ||
secalert@redhat.com | http://www.debian.org/security/2005/dsa-940 | ||
secalert@redhat.com | http://www.debian.org/security/2006/dsa-936 | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.debian.org/security/2006/dsa-950 | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.debian.org/security/2006/dsa-961 | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.debian.org/security/2006/dsa-962 | ||
secalert@redhat.com | http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml | ||
secalert@redhat.com | http://www.kde.org/info/security/advisory-20051207-2.txt | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:003 | ||
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:004 | ||
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:005 | ||
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:006 | ||
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:008 | ||
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 | ||
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 | ||
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:012 | ||
secalert@redhat.com | http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html | Patch | |
secalert@redhat.com | http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html | Patch | |
secalert@redhat.com | http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html | ||
secalert@redhat.com | http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html | ||
secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2006-0160.html | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2006-0163.html | ||
secalert@redhat.com | http://www.securityfocus.com/archive/1/427053/100/0/threaded | ||
secalert@redhat.com | http://www.securityfocus.com/archive/1/427990/100/0/threaded | ||
secalert@redhat.com | http://www.securityfocus.com/bid/16143 | Patch | |
secalert@redhat.com | http://www.trustix.org/errata/2006/0002/ | ||
secalert@redhat.com | http://www.vupen.com/english/advisories/2006/0047 | ||
secalert@redhat.com | http://www.vupen.com/english/advisories/2007/2280 | ||
secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/24026 | ||
secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992 | ||
secalert@redhat.com | https://usn.ubuntu.com/236-1/ | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U | ||
af854a3a-2127-422b-91ae-364da2661108 | http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2006-0177.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://scary.beasts.org/security/CESA-2005-003.txt | Exploit | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18147 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18303 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18312 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18313 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18329 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18332 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18334 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18335 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18338 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18349 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18373 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18375 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18380 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18385 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18387 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18389 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18398 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18407 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18414 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18416 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18423 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18425 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18428 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18436 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18448 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18463 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18517 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18534 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18554 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18582 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18642 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18644 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18674 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18675 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18679 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18908 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18913 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19230 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19377 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/25729 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-931 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-932 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-937 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-938 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-940 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-936 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-950 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-961 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-962 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20051207-2.txt | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:003 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:004 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:005 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:006 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:008 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:012 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html | Patch | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html | Patch | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2006-0160.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2006-0163.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/427053/100/0/threaded | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/427990/100/0/threaded | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/16143 | Patch | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.trustix.org/errata/2006/0002/ | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2006/0047 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/2280 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/24026 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/236-1/ |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
easy_software_products | cups | 1.1.22 | |
easy_software_products | cups | 1.1.22_rc1 | |
easy_software_products | cups | 1.1.23 | |
easy_software_products | cups | 1.1.23_rc1 | |
kde | kdegraphics | 3.2 | |
kde | kdegraphics | 3.4.3 | |
kde | koffice | 1.4 | |
kde | koffice | 1.4.1 | |
kde | koffice | 1.4.2 | |
kde | kpdf | 3.2 | |
kde | kpdf | 3.4.3 | |
kde | kword | 1.4.2 | |
libextractor | libextractor | * | |
poppler | poppler | 0.4.2 | |
sgi | propack | 3.0 | |
tetex | tetex | 1.0.7 | |
tetex | tetex | 2.0 | |
tetex | tetex | 2.0.1 | |
tetex | tetex | 2.0.2 | |
tetex | tetex | 3.0 | |
xpdf | xpdf | 3.0 | |
conectiva | linux | 10.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
gentoo | linux | * | |
mandrakesoft | mandrake_linux | 10.1 | |
mandrakesoft | mandrake_linux | 10.1 | |
mandrakesoft | mandrake_linux | 10.2 | |
mandrakesoft | mandrake_linux | 10.2 | |
mandrakesoft | mandrake_linux | 2006 | |
mandrakesoft | mandrake_linux | 2006 | |
mandrakesoft | mandrake_linux_corporate_server | 2.1 | |
mandrakesoft | mandrake_linux_corporate_server | 2.1 | |
mandrakesoft | mandrake_linux_corporate_server | 3.0 | |
mandrakesoft | mandrake_linux_corporate_server | 3.0 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux | 4.0 | |
redhat | enterprise_linux | 4.0 | |
redhat | enterprise_linux | 4.0 | |
redhat | enterprise_linux_desktop | 3.0 | |
redhat | enterprise_linux_desktop | 4.0 | |
redhat | fedora_core | core_1.0 | |
redhat | fedora_core | core_2.0 | |
redhat | fedora_core | core_3.0 | |
redhat | fedora_core | core_4.0 | |
redhat | linux | 7.3 | |
redhat | linux | 9.0 | |
redhat | linux_advanced_workstation | 2.1 | |
redhat | linux_advanced_workstation | 2.1 | |
sco | openserver | 5.0.7 | |
sco | openserver | 6.0 | |
slackware | slackware_linux | 9.0 | |
slackware | slackware_linux | 9.1 | |
slackware | slackware_linux | 10.0 | |
slackware | slackware_linux | 10.1 | |
slackware | slackware_linux | 10.2 | |
suse | suse_linux | 1.0 | |
suse | suse_linux | 9.0 | |
suse | suse_linux | 9.0 | |
suse | suse_linux | 9.0 | |
suse | suse_linux | 9.0 | |
suse | suse_linux | 9.0 | |
suse | suse_linux | 9.1 | |
suse | suse_linux | 9.1 | |
suse | suse_linux | 9.1 | |
suse | suse_linux | 9.2 | |
suse | suse_linux | 9.2 | |
suse | suse_linux | 9.2 | |
suse | suse_linux | 9.3 | |
suse | suse_linux | 9.3 | |
suse | suse_linux | 9.3 | |
suse | suse_linux | 10.0 | |
suse | suse_linux | 10.0 | |
trustix | secure_linux | 2.0 | |
trustix | secure_linux | 2.2 | |
trustix | secure_linux | 3.0 | |
turbolinux | turbolinux | 10 | |
turbolinux | turbolinux | fuji | |
turbolinux | turbolinux_appliance_server | 1.0_hosting_edition | |
turbolinux | turbolinux_appliance_server | 1.0_workgroup_edition | |
turbolinux | turbolinux_desktop | 10.0 | |
turbolinux | turbolinux_home | * | |
turbolinux | turbolinux_multimedia | * | |
turbolinux | turbolinux_personal | * | |
turbolinux | turbolinux_server | 8.0 | |
turbolinux | turbolinux_server | 10.0 | |
turbolinux | turbolinux_server | 10.0_x86 | |
turbolinux | turbolinux_workstation | 8.0 | |
ubuntu | ubuntu_linux | 4.1 | |
ubuntu | ubuntu_linux | 4.1 | |
ubuntu | ubuntu_linux | 5.04 | |
ubuntu | ubuntu_linux | 5.04 | |
ubuntu | ubuntu_linux | 5.04 | |
ubuntu | ubuntu_linux | 5.10 | |
ubuntu | ubuntu_linux | 5.10 | |
ubuntu | ubuntu_linux | 5.10 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22:*:*:*:*:*:*:*", "matchCriteriaId": "B1512A96-B8E7-4DB7-A4CB-8FD3773BFC97", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "787B918D-9CCC-44FE-92AF-E8DF1E91A3C7", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23:*:*:*:*:*:*:*", "matchCriteriaId": "C116493B-2837-4531-9291-A9FF03099A97", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "525BD04B-387F-4713-BC89-472D0D0BCFD0", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kdegraphics:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "6BF92649-90CE-4E75-A938-61D0916B5A7E", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kdegraphics:3.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "2CA505B4-0C17-49C8-9533-CA8CE3AA77D8", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "37C08E0A-651F-458B-BCEC-A30DCD527E47", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "6000D6AF-C056-4BC0-A54C-72E23E52AB92", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "A7D036E4-FA49-417D-968B-9D73B16A09BA", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kpdf:3.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "BC2AB9CB-DEAB-45AB-A7CA-D19E069907EC", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kword:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "EAC32BAA-99B3-4B40-83A3-ED9E1B12B295", "vulnerable": true }, { "criteria": "cpe:2.3:a:libextractor:libextractor:*:*:*:*:*:*:*:*", "matchCriteriaId": "679D9520-DE8E-4D06-A227-3B1C1D05977D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:sp6:*:*:*:*:*:*", "matchCriteriaId": "EF8ABD90-AD2B-4FA0-A355-9D7CD6D3C486", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "9178B36F-41D5-4AE7-B9C8-56BDEADE76EB", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*", "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*", "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*", "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*", "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*", "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*", "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*", "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*", "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "5BF84240-1881-4EFB-BB2F-F9CE8AD09C7B", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*", "matchCriteriaId": "AF8AE8C4-810F-41AB-A251-5A2D4DD6884D", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*", "matchCriteriaId": "5EACF214-FA27-44FF-A431-927AB79377A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*", "matchCriteriaId": "E2B58895-0E2A-4466-9CB2-0083349A83B2", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*", "matchCriteriaId": "03F8220A-9B1C-40AA-AEAB-F9A93225FBD5", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*", "matchCriteriaId": "2311919C-7864-469D-B0F6-9B11D8D0A1C3", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*", "matchCriteriaId": "19876495-4C1A-487C-955A-C5AA46362A1F", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*", "matchCriteriaId": "D75286DD-50BC-4B72-8AC8-E20730124DC2", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*", "matchCriteriaId": "1998C972-497E-4916-B50E-FB32303EEA8E", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "A6CD3DD9-3A8A-4716-A2D1-136A790AFF94", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*", "matchCriteriaId": "6CE2020A-4FB2-4FCD-8561-7BD147CD95EB", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "08E90AFA-C262-46D0-B60E-26B67C9602D5", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:*", "matchCriteriaId": "0315FB43-D199-4734-B724-50ED031C0020", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:*:*:*:*:*:*", "matchCriteriaId": "11D69B83-4EF3-407B-8E8C-DE623F099C17", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:x86-64:*:*:*:*:*", "matchCriteriaId": "7D221688-18A0-453D-8D13-6B68011FCA13", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*", "matchCriteriaId": "597094EC-D23F-4EC4-A140-96F287679124", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86-64:*:*:*:*:*", "matchCriteriaId": "C4FCF0D3-A6CB-448E-B0D3-DA82BE02DEC8", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*", "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*", "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*", "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*", "matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*", "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C720DACC-CF4B-4A00-818C-8303A7D7DED6", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*", "matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "7458BA31-812E-40C9-BB92-8688A3BCBA56", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "D29C5A03-A7C9-4780-BB63-CF1E874D018D", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "B85EF0EE-3E61-4CA3-9F00-610AB2E1CFCF", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.2:*:*:*:*:*:*:*", "matchCriteriaId": "70440F49-AEE9-41BE-8E1A-43AB657C8E09", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:personal:*:*:*:*:*", "matchCriteriaId": "F239BA8A-6B41-4B08-8C7C-25D235812C50", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:professional:*:*:*:*:*", "matchCriteriaId": "89BA858B-9466-4640-84AE-DC5BDC65D6B8", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:s_390:*:*:*:*:*", "matchCriteriaId": "85F2D904-E830-4034-9CCB-0FF65019622C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:personal:*:*:*:*:*", "matchCriteriaId": "3EA56868-ACA1-4C65-9FFB-A68129D2428A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:professional:*:*:*:*:*", "matchCriteriaId": "1BA2E629-58C6-4BA0-A447-F8F570B35E74", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:personal:*:*:*:*:*", "matchCriteriaId": "3BEE15E9-9194-4E37-AB3B-66ECD5AC9E11", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:professional:*:*:*:*:*", "matchCriteriaId": "C89BA3B6-370B-4911-A363-935A9C9EACF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*", "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:personal:*:*:*:*:*", "matchCriteriaId": "4F1B4D15-0562-44D6-B80B-35A8F432BD41", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:professional:*:*:*:*:*", "matchCriteriaId": "D84ABF78-0D85-4E15-907E-B5ACE86EB8C7", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:x86_64:*:*:*:*:*", "matchCriteriaId": "9C7018E7-F90C-435D-A07A-05A294EA2827", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*", "matchCriteriaId": "16915004-1006-41D6-9E42-D1A5041E442D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:professional:*:*:*:*:*", "matchCriteriaId": "994ABCE2-3B9E-4E4E-83F7-CE2A79C70F64", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "100A2456-BF20-4461-8DC9-C61889322B29", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:10:*:*:*:*:*:*:*", "matchCriteriaId": "1C7D4F57-E186-497A-B390-92E5D2C7E894", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*", "matchCriteriaId": "CEC3F6F3-9A6E-4A98-A967-6776C872475C", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_hosting_edition:*:*:*:*:*:*:*", "matchCriteriaId": "FC3218DD-A565-4AB8-86FE-E7F59AC0535F", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_workgroup_edition:*:*:*:*:*:*:*", "matchCriteriaId": "97AEDB57-202F-4B53-8815-21836F177060", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_home:*:*:*:*:*:*:*:*", "matchCriteriaId": "065FF0F1-7FAC-4584-92EA-EAA87DC76FA1", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_multimedia:*:*:*:*:*:*:*:*", "matchCriteriaId": "E27180A1-9767-4CD3-978C-7538155B162D", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_personal:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAAA9376-A060-49AE-86A7-6B28E26ED5D9", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "B484D091-62DE-4EF2-AC54-26896CA8B315", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0_x86:*:*:*:*:*:*:*", "matchCriteriaId": "EC5AC26E-3F3F-4D14-BE65-82B4432AB382", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*", "matchCriteriaId": "3BD12488-1ED8-4751-ABF5-3578D54750A8", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*", "matchCriteriaId": "AE3733CF-4C88-443C-9B90-6477C9C500D0", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*", "matchCriteriaId": "9C500A75-D75E-45B4-B582-0F0DF27C3C04", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*", "matchCriteriaId": "86FD134D-A5C5-4B08-962D-70CF07C74923", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*", "matchCriteriaId": "FA84692E-F99D-4207-B4F2-799A6ADB88AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*", "matchCriteriaId": "8B0F1091-4B76-44F5-B896-6D37E2F909A2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference." } ], "id": "CVE-2005-3626", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-12-31T05:00:00.000", "references": [ { "source": "secalert@redhat.com", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "source": "secalert@redhat.com", "tags": [ "Exploit" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18147" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18303" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18312" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18313" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18329" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18332" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18334" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18335" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18338" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18349" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18373" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18375" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18380" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18385" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18387" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18389" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18398" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18407" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18414" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18416" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18423" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18425" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18428" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18436" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18448" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18463" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18517" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18534" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18554" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18582" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18642" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18644" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18674" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18675" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18679" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18908" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18913" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19230" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19377" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/25729" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-931" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-932" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-937" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-938" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-940" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-962" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "source": "secalert@redhat.com", "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/16143" }, { "source": "secalert@redhat.com", "url": "http://www.trustix.org/errata/2006/0002/" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992" }, { "source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/236-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18147" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18303" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18312" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18313" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18329" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18332" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18334" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18335" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18338" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18349" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18373" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18375" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18380" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18385" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18387" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18389" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18398" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18407" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18414" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18416" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18425" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18428" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18436" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18448" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18463" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18517" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18534" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18554" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18582" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18642" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18644" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18674" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18675" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18679" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18908" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18913" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19230" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19377" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25729" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-931" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-932" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-937" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-938" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-940" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-962" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/16143" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.trustix.org/errata/2006/0002/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/236-1/" } ], "sourceIdentifier": "secalert@redhat.com", "vendorComments": [ { "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", "lastModified": "2007-03-14T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-12-21 21:30
Modified
2025-04-09 00:30
Severity ?
Summary
The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers to execute arbitrary code via a PDF file with a crafted Type 1 font that can produce a negative value, leading to a signed-to-unsigned integer conversion error and a buffer overflow.
References
▶ | URL | Tags | |
---|---|---|---|
secalert@redhat.com | http://cgit.freedesktop.org/poppler/poppler/diff/fofi/FoFiType1.cc?id=4b4fc5c0 | ||
secalert@redhat.com | http://cgit.freedesktop.org/poppler/poppler/tree/fofi/FoFiType1.cc?id=4b4fc5c017bf147c9069bbce32fc14467bd2a81a | ||
secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00003.html | ||
secalert@redhat.com | http://secunia.com/advisories/37641 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/37781 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/37787 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/37793 | Vendor Advisory | |
secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-1680.html | ||
secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-1681.html | ||
secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-1682.html | ||
secalert@redhat.com | http://www.securityfocus.com/bid/37350 | ||
secalert@redhat.com | http://www.securitytracker.com/id?1023356 | ||
secalert@redhat.com | http://www.vupen.com/english/advisories/2009/3555 | Vendor Advisory | |
secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=541614 | ||
secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/54831 | ||
secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10996 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://cgit.freedesktop.org/poppler/poppler/diff/fofi/FoFiType1.cc?id=4b4fc5c0 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://cgit.freedesktop.org/poppler/poppler/tree/fofi/FoFiType1.cc?id=4b4fc5c017bf147c9069bbce32fc14467bd2a81a | ||
af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00003.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/37641 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/37781 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/37787 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/37793 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-1680.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-1681.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-1682.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/37350 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1023356 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/3555 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=541614 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/54831 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10996 |
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:gnome:gpdf:2.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "06B06279-EFB2-4EC1-95F2-166DC5B1BB71", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kdegraphics:3.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "40D90D14-63D3-446D-A24D-A2466AB91FAB", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kpdf:3.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "24BA4DB2-7822-49A1-AC10-F6502E93E6D8", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "73F1D25C-854F-4CDC-A50D-601B39672390", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers to execute arbitrary code via a PDF file with a crafted Type 1 font that can produce a negative value, leading to a signed-to-unsigned integer conversion error and a buffer overflow." }, { "lang": "es", "value": "La funci\u00f3n FoFiType1::parse en fofi/FoFiType1.cc en Xpdf v3.0.0, en gpdf v2.8.2, en kpdf en kdegraphics v3.3.1, y posiblemente otras liber\u00edas y versiones, no verifica el valor de retorno de la funci\u00f3n getNextLine, permite a los atacantes dependientes del contexto ejecutar c\u00f3digo de su elecci\u00f3n mediante un fichero PDF con una fuente Type 1 modificada que puede producir un valor negativo, conduciendo a un error de conversi\u00f3n de entero signed-to-unsigned y un desbordamiento de b\u00fafer." } ], "id": "CVE-2009-4035", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2009-12-21T21:30:00.217", "references": [ { "source": "secalert@redhat.com", "url": "http://cgit.freedesktop.org/poppler/poppler/diff/fofi/FoFiType1.cc?id=4b4fc5c0" }, { "source": "secalert@redhat.com", "url": "http://cgit.freedesktop.org/poppler/poppler/tree/fofi/FoFiType1.cc?id=4b4fc5c017bf147c9069bbce32fc14467bd2a81a" }, { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00003.html" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37641" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37781" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37787" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37793" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2009-1680.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2009-1681.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2009-1682.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/37350" }, { "source": "secalert@redhat.com", "url": "http://www.securitytracker.com/id?1023356" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/3555" }, { "source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=541614" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54831" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10996" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://cgit.freedesktop.org/poppler/poppler/diff/fofi/FoFiType1.cc?id=4b4fc5c0" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://cgit.freedesktop.org/poppler/poppler/tree/fofi/FoFiType1.cc?id=4b4fc5c017bf147c9069bbce32fc14467bd2a81a" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00003.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37641" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37781" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37787" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37793" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2009-1680.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2009-1681.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2009-1682.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/37350" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1023356" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/3555" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=541614" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54831" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10996" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-94" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via unknown attack vectors.
References
▶ | URL | Tags | |
---|---|---|---|
secalert@redhat.com | ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U | ||
secalert@redhat.com | http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18147 | ||
secalert@redhat.com | http://secunia.com/advisories/18380 | ||
secalert@redhat.com | http://secunia.com/advisories/18385 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18387 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18389 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18398 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18407 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18416 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18428 | ||
secalert@redhat.com | http://secunia.com/advisories/18436 | ||
secalert@redhat.com | http://secunia.com/advisories/18534 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18582 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18674 | ||
secalert@redhat.com | http://secunia.com/advisories/18675 | ||
secalert@redhat.com | http://secunia.com/advisories/18679 | ||
secalert@redhat.com | http://secunia.com/advisories/18908 | ||
secalert@redhat.com | http://secunia.com/advisories/18913 | ||
secalert@redhat.com | http://secunia.com/advisories/19230 | ||
secalert@redhat.com | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 | ||
secalert@redhat.com | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 | ||
secalert@redhat.com | http://www.debian.org/security/2005/dsa-931 | ||
secalert@redhat.com | http://www.debian.org/security/2005/dsa-932 | ||
secalert@redhat.com | http://www.debian.org/security/2005/dsa-937 | ||
secalert@redhat.com | http://www.debian.org/security/2005/dsa-938 | ||
secalert@redhat.com | http://www.debian.org/security/2005/dsa-940 | ||
secalert@redhat.com | http://www.debian.org/security/2006/dsa-936 | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.debian.org/security/2006/dsa-950 | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.debian.org/security/2006/dsa-961 | ||
secalert@redhat.com | http://www.debian.org/security/2006/dsa-962 | ||
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 | ||
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 | ||
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:012 | ||
secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2006-0160.html | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.securityfocus.com/archive/1/427053/100/0/threaded | ||
secalert@redhat.com | http://www.securityfocus.com/archive/1/427990/100/0/threaded | ||
secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10287 | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U | ||
af854a3a-2127-422b-91ae-364da2661108 | http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18147 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18380 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18385 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18387 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18389 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18398 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18407 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18416 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18428 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18436 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18534 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18582 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18674 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18675 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18679 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18908 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18913 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19230 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-931 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-932 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-937 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-938 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-940 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-936 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-950 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-961 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-962 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:012 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2006-0160.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/427053/100/0/threaded | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/427990/100/0/threaded | ||
af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10287 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:xpdf:xpdf:*:*:*:*:*:*:*:*", "matchCriteriaId": "BC1CAEC5-3851-4749-AF27-E090E3C52E35", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via unknown attack vectors." } ], "id": "CVE-2005-3628", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-12-31T05:00:00.000", "references": [ { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18147" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18380" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18385" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18387" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18389" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18398" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18407" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18416" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18428" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18436" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18534" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18582" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18674" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18675" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18679" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18908" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18913" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19230" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-931" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-932" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-937" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-938" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-940" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-961" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-962" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10287" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18147" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18380" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18385" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18387" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18389" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18398" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18407" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18416" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18428" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18436" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18534" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18582" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18674" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18675" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18679" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18908" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18913" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19230" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-931" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-932" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-937" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-938" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-940" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-961" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-962" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10287" } ], "sourceIdentifier": "secalert@redhat.com", "vendorComments": [ { "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", "lastModified": "2007-03-14T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2007-11-08 02:46
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow.
References
▶ | URL | Tags | |
---|---|---|---|
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/26503 | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27260 | Patch, Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27553 | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27573 | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27574 | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27575 | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27577 | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27578 | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27599 | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27615 | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27618 | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27619 | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27632 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27634 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27636 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27637 | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27640 | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27641 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27642 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27645 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27656 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27658 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27705 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27721 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27724 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27743 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/27856 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/28043 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/28812 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/29104 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/29604 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/30168 | ||
PSIRT-CNA@flexerasoftware.com | http://secunia.com/secunia_research/2007-88/advisory/ | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://security.gentoo.org/glsa/glsa-200711-22.xml | ||
PSIRT-CNA@flexerasoftware.com | http://security.gentoo.org/glsa/glsa-200711-34.xml | ||
PSIRT-CNA@flexerasoftware.com | http://security.gentoo.org/glsa/glsa-200805-13.xml | ||
PSIRT-CNA@flexerasoftware.com | http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882 | ||
PSIRT-CNA@flexerasoftware.com | http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html | ||
PSIRT-CNA@flexerasoftware.com | http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html | ||
PSIRT-CNA@flexerasoftware.com | http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html | ||
PSIRT-CNA@flexerasoftware.com | http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html | ||
PSIRT-CNA@flexerasoftware.com | http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html | ||
PSIRT-CNA@flexerasoftware.com | http://www.debian.org/security/2008/dsa-1480 | ||
PSIRT-CNA@flexerasoftware.com | http://www.debian.org/security/2008/dsa-1509 | ||
PSIRT-CNA@flexerasoftware.com | http://www.debian.org/security/2008/dsa-1537 | ||
PSIRT-CNA@flexerasoftware.com | http://www.kde.org/info/security/advisory-20071107-1.txt | ||
PSIRT-CNA@flexerasoftware.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:219 | ||
PSIRT-CNA@flexerasoftware.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:220 | ||
PSIRT-CNA@flexerasoftware.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:221 | ||
PSIRT-CNA@flexerasoftware.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:222 | ||
PSIRT-CNA@flexerasoftware.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:223 | ||
PSIRT-CNA@flexerasoftware.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:227 | ||
PSIRT-CNA@flexerasoftware.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:228 | ||
PSIRT-CNA@flexerasoftware.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:230 | ||
PSIRT-CNA@flexerasoftware.com | http://www.novell.com/linux/security/advisories/2007_60_pdf.html | ||
PSIRT-CNA@flexerasoftware.com | http://www.redhat.com/support/errata/RHSA-2007-1021.html | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://www.redhat.com/support/errata/RHSA-2007-1022.html | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://www.redhat.com/support/errata/RHSA-2007-1024.html | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://www.redhat.com/support/errata/RHSA-2007-1025.html | ||
PSIRT-CNA@flexerasoftware.com | http://www.redhat.com/support/errata/RHSA-2007-1026.html | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://www.redhat.com/support/errata/RHSA-2007-1027.html | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://www.redhat.com/support/errata/RHSA-2007-1029.html | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://www.redhat.com/support/errata/RHSA-2007-1030.html | Vendor Advisory | |
PSIRT-CNA@flexerasoftware.com | http://www.securityfocus.com/archive/1/483372 | ||
PSIRT-CNA@flexerasoftware.com | http://www.securityfocus.com/bid/26367 | ||
PSIRT-CNA@flexerasoftware.com | http://www.securitytracker.com/id?1018905 | ||
PSIRT-CNA@flexerasoftware.com | http://www.ubuntu.com/usn/usn-542-1 | ||
PSIRT-CNA@flexerasoftware.com | http://www.ubuntu.com/usn/usn-542-2 | ||
PSIRT-CNA@flexerasoftware.com | http://www.vupen.com/english/advisories/2007/3774 | ||
PSIRT-CNA@flexerasoftware.com | http://www.vupen.com/english/advisories/2007/3775 | ||
PSIRT-CNA@flexerasoftware.com | http://www.vupen.com/english/advisories/2007/3776 | ||
PSIRT-CNA@flexerasoftware.com | http://www.vupen.com/english/advisories/2007/3779 | ||
PSIRT-CNA@flexerasoftware.com | http://www.vupen.com/english/advisories/2007/3786 | ||
PSIRT-CNA@flexerasoftware.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/38303 | ||
PSIRT-CNA@flexerasoftware.com | https://issues.rpath.com/browse/RPL-1926 | ||
PSIRT-CNA@flexerasoftware.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10036 | ||
PSIRT-CNA@flexerasoftware.com | https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html | ||
PSIRT-CNA@flexerasoftware.com | https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html | ||
PSIRT-CNA@flexerasoftware.com | https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html | ||
PSIRT-CNA@flexerasoftware.com | https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html | ||
PSIRT-CNA@flexerasoftware.com | https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html | ||
PSIRT-CNA@flexerasoftware.com | https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26503 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27260 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27553 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27573 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27574 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27575 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27577 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27578 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27599 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27615 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27618 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27619 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27632 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27634 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27636 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27637 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27640 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27641 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27642 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27645 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27656 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27658 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27705 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27721 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27724 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27743 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27856 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/28043 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/28812 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29104 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29604 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30168 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/secunia_research/2007-88/advisory/ | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200711-22.xml | ||
af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200711-34.xml | ||
af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200805-13.xml | ||
af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2008/dsa-1480 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2008/dsa-1509 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2008/dsa-1537 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20071107-1.txt | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:219 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:220 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:221 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:222 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:223 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:227 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:228 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:230 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2007_60_pdf.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-1021.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-1022.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-1024.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-1025.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-1026.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-1027.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-1029.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-1030.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/483372 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/26367 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1018905 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-542-1 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-542-2 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/3774 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/3775 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/3776 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/3779 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/3786 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/38303 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://issues.rpath.com/browse/RPL-1926 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10036 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html | ||
af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html | ||
af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html | ||
af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html | ||
af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html | ||
af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0.1_pl1:*:*:*:*:*:*:*", "matchCriteriaId": "B0A09900-C462-4E3D-9399-0271F91DC5BD", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow." }, { "lang": "es", "value": "Un desbordamiento de enteros en el m\u00e9todo DCTStream::reset en el archivo xpdf/Stream.cc en Xpdf versi\u00f3n 3.02p11, permite a atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo PDF dise\u00f1ado, resultando en un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria." } ], "id": "CVE-2007-5392", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2007-11-08T02:46:00.000", "references": [ { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/26503" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/27260" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27553" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27573" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27574" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27575" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27577" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27578" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27599" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27615" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27618" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27619" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27632" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27634" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27636" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27637" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27640" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27641" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27642" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27645" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27656" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27658" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27705" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27721" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27724" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27743" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/27856" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/28043" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/28812" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/29104" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/29604" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://secunia.com/advisories/30168" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/secunia_research/2007-88/advisory/" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://security.gentoo.org/glsa/glsa-200711-22.xml" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.761882" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.debian.org/security/2008/dsa-1480" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.debian.org/security/2008/dsa-1509" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.debian.org/security/2008/dsa-1537" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.kde.org/info/security/advisory-20071107-1.txt" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:219" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:220" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:221" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:222" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:223" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:227" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:228" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.novell.com/linux/security/advisories/2007_60_pdf.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1021.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1024.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.redhat.com/support/errata/RHSA-2007-1025.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1026.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1029.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.securityfocus.com/archive/1/483372" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.securityfocus.com/bid/26367" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.securitytracker.com/id?1018905" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.ubuntu.com/usn/usn-542-1" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.ubuntu.com/usn/usn-542-2" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.vupen.com/english/advisories/2007/3774" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.vupen.com/english/advisories/2007/3775" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.vupen.com/english/advisories/2007/3776" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.vupen.com/english/advisories/2007/3779" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.vupen.com/english/advisories/2007/3786" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38303" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "https://issues.rpath.com/browse/RPL-1926" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10036" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/26503" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/27260" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27553" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27573" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27574" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27575" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27577" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27578" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27599" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27615" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27618" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27619" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27632" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27634" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27636" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27637" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27640" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27641" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27642" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27645" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27656" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27658" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27705" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27721" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27724" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27743" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27856" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28043" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28812" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/29104" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/29604" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/30168" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/secunia_research/2007-88/advisory/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200711-22.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.761882" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2008/dsa-1480" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2008/dsa-1509" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2008/dsa-1537" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.kde.org/info/security/advisory-20071107-1.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:219" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:220" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:221" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:222" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:223" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:227" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:228" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2007_60_pdf.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1021.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1024.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2007-1025.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1026.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1029.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/483372" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/26367" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1018905" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-542-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-542-2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/3774" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/3775" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/3776" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/3779" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/3786" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38303" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://issues.rpath.com/browse/RPL-1926" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10036" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html" } ], "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-01-10 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch | ||
cve@mitre.org | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt | ||
cve@mitre.org | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000921 | ||
cve@mitre.org | http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030241.html | ||
cve@mitre.org | http://marc.info/?t=110378596500001&r=1&w=2 | ||
cve@mitre.org | http://secunia.com/advisories/17277 | ||
cve@mitre.org | http://securitytracker.com/id?1012646 | ||
cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml | ||
cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200501-13.xml | ||
cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200501-17.xml | ||
cve@mitre.org | http://www.idefense.com/application/poi/display?id=172&type=vulnerabilities | ||
cve@mitre.org | http://www.kde.org/info/security/advisory-20041223-1.txt | ||
cve@mitre.org | http://www.novell.com/linux/security/advisories/2005_01_sr.html | ||
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-013.html | ||
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-018.html | ||
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-026.html | ||
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-034.html | ||
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-053.html | ||
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-057.html | ||
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-066.html | ||
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-354.html | ||
cve@mitre.org | http://www.securityfocus.com/bid/12070 | Patch, Vendor Advisory | |
cve@mitre.org | https://bugzilla.fedora.us/show_bug.cgi?id=2352 | ||
cve@mitre.org | https://bugzilla.fedora.us/show_bug.cgi?id=2353 | ||
cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/18641 | ||
cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10830 | ||
cve@mitre.org | https://usn.ubuntu.com/50-1/ | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt | ||
af854a3a-2127-422b-91ae-364da2661108 | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000921 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030241.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?t=110378596500001&r=1&w=2 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17277 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1012646 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200501-13.xml | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200501-17.xml | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.idefense.com/application/poi/display?id=172&type=vulnerabilities | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20041223-1.txt | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2005_01_sr.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-013.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-018.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-026.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-034.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-053.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-057.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-066.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-354.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/12070 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.fedora.us/show_bug.cgi?id=2352 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.fedora.us/show_bug.cgi?id=2353 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/18641 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10830 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/50-1/ |
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.20:*:*:*:*:*:*:*", "matchCriteriaId": "FB7653F1-70E2-423F-A6A9-30333644B506", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "9F7180B3-03AC-427C-8CAD-FE06F81C4FF1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded." } ], "id": "CVE-2004-1125", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2005-01-10T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch" }, { "source": "cve@mitre.org", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000921" }, { "source": "cve@mitre.org", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030241.html" }, { "source": "cve@mitre.org", "url": "http://marc.info/?t=110378596500001\u0026r=1\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/17277" }, { "source": "cve@mitre.org", "url": "http://securitytracker.com/id?1012646" }, { "source": "cve@mitre.org", "url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml" }, { "source": "cve@mitre.org", "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-13.xml" }, { "source": "cve@mitre.org", "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-17.xml" }, { "source": "cve@mitre.org", "url": "http://www.idefense.com/application/poi/display?id=172\u0026type=vulnerabilities" }, { "source": "cve@mitre.org", "url": "http://www.kde.org/info/security/advisory-20041223-1.txt" }, { "source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-013.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-018.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-026.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-066.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-354.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/12070" }, { "source": "cve@mitre.org", "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2352" }, { "source": "cve@mitre.org", "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18641" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10830" }, { "source": "cve@mitre.org", "url": "https://usn.ubuntu.com/50-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000921" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030241.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?t=110378596500001\u0026r=1\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17277" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1012646" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-13.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-17.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.idefense.com/application/poi/display?id=172\u0026type=vulnerabilities" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.kde.org/info/security/advisory-20041223-1.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-013.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-018.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-026.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-066.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-354.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/12070" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2352" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18641" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10830" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/50-1/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-20" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2003-07-24 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html | ||
cve@mitre.org | http://marc.info/?l=bugtraq&m=105777963019186&w=2 | ||
cve@mitre.org | http://secunia.com/advisories/9037 | ||
cve@mitre.org | http://secunia.com/advisories/9038 | ||
cve@mitre.org | http://www.kb.cert.org/vuls/id/200132 | US Government Resource | |
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2003:071 | ||
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2003-196.html | Patch, Vendor Advisory | |
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2003-197.html | Patch, Vendor Advisory | |
cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A664 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=105777963019186&w=2 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/9037 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/9038 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/200132 | US Government Resource | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2003:071 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2003-196.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2003-197.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A664 |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | acrobat | 5.0.6 | |
xpdf | xpdf | 1.1 | |
mandrakesoft | mandrake_linux | 9.0 | |
mandrakesoft | mandrake_linux | 9.1 | |
mandrakesoft | mandrake_linux_corporate_server | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | linux | 7.1 | |
redhat | linux | 7.2 | |
redhat | linux | 7.3 | |
redhat | linux | 8.0 | |
redhat | linux | 9.0 | |
redhat | linux_advanced_workstation | 2.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:acrobat:5.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "B453FA1D-0FE9-4324-9644-E167561926C2", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3B9DEF16-ECD5-4BBE-8986-52A6171B3D9F", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "33F6F859-B7B8-4072-B073-6CC8291D642E", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "C4AD30B9-8FBA-48B3-B2B2-014C950B9BAA", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "E66F7BF0-EF7C-4695-9D67-7C1A01C6F9B9", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*", "matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink." }, { "lang": "es", "value": "Varios visores de PDF, incluidos Adobe Acrobat 5.06 y Xpdf 1.01 permiten a atacantes remotos la ejecuci\u00f3n arbitraria de comandos mediante metacaracteres de shell en un hiperv\u00ednculo embebido." } ], "id": "CVE-2003-0434", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2003-07-24T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=105777963019186\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/9037" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/9038" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/200132" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:071" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-196.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-197.html" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A664" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=105777963019186\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/9037" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/9038" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/200132" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:071" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-196.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-197.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A664" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-01-27 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000886 | ||
cve@mitre.org | http://marc.info/?l=bugtraq&m=109880927526773&w=2 | ||
cve@mitre.org | http://marc.info/?l=bugtraq&m=110815379627883&w=2 | ||
cve@mitre.org | http://www.debian.org/security/2004/dsa-573 | ||
cve@mitre.org | http://www.debian.org/security/2004/dsa-581 | ||
cve@mitre.org | http://www.debian.org/security/2004/dsa-599 | ||
cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml | ||
cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2004:113 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2004:114 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2004:115 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2004:116 | ||
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2004-543.html | Patch, Vendor Advisory | |
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2004-592.html | ||
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-066.html | ||
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-354.html | ||
cve@mitre.org | http://www.securityfocus.com/bid/11501 | Patch, Vendor Advisory | |
cve@mitre.org | https://bugzilla.fedora.us/show_bug.cgi?id=2353 | ||
cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/17818 | ||
cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9714 | ||
cve@mitre.org | https://www.ubuntu.com/usn/usn-9-1/ | ||
af854a3a-2127-422b-91ae-364da2661108 | http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000886 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=109880927526773&w=2 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=110815379627883&w=2 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2004/dsa-573 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2004/dsa-581 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2004/dsa-599 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2004:113 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2004:114 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2004:115 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2004:116 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2004-543.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2004-592.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-066.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-354.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/11501 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.fedora.us/show_bug.cgi?id=2353 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/17818 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9714 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://www.ubuntu.com/usn/usn-9-1/ |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
easy_software_products | cups | 1.0.4 | |
easy_software_products | cups | 1.0.4_8 | |
easy_software_products | cups | 1.1.1 | |
easy_software_products | cups | 1.1.4 | |
easy_software_products | cups | 1.1.4_2 | |
easy_software_products | cups | 1.1.4_3 | |
easy_software_products | cups | 1.1.4_5 | |
easy_software_products | cups | 1.1.6 | |
easy_software_products | cups | 1.1.7 | |
easy_software_products | cups | 1.1.10 | |
easy_software_products | cups | 1.1.12 | |
easy_software_products | cups | 1.1.13 | |
easy_software_products | cups | 1.1.14 | |
easy_software_products | cups | 1.1.15 | |
easy_software_products | cups | 1.1.16 | |
easy_software_products | cups | 1.1.17 | |
easy_software_products | cups | 1.1.18 | |
easy_software_products | cups | 1.1.19 | |
easy_software_products | cups | 1.1.19_rc5 | |
easy_software_products | cups | 1.1.20 | |
gnome | gpdf | 0.112 | |
gnome | gpdf | 0.131 | |
kde | koffice | 1.3 | |
kde | koffice | 1.3.1 | |
kde | koffice | 1.3.2 | |
kde | koffice | 1.3.3 | |
kde | koffice | 1.3_beta1 | |
kde | koffice | 1.3_beta2 | |
kde | koffice | 1.3_beta3 | |
kde | kpdf | 3.2 | |
pdftohtml | pdftohtml | 0.32a | |
pdftohtml | pdftohtml | 0.32b | |
pdftohtml | pdftohtml | 0.33 | |
pdftohtml | pdftohtml | 0.33a | |
pdftohtml | pdftohtml | 0.34 | |
pdftohtml | pdftohtml | 0.35 | |
pdftohtml | pdftohtml | 0.36 | |
tetex | tetex | 1.0.7 | |
tetex | tetex | 2.0 | |
tetex | tetex | 2.0.1 | |
tetex | tetex | 2.0.2 | |
xpdf | xpdf | 0.90 | |
xpdf | xpdf | 0.91 | |
xpdf | xpdf | 0.92 | |
xpdf | xpdf | 0.93 | |
xpdf | xpdf | 1.0 | |
xpdf | xpdf | 1.0a | |
xpdf | xpdf | 1.1 | |
xpdf | xpdf | 2.0 | |
xpdf | xpdf | 2.1 | |
xpdf | xpdf | 2.3 | |
xpdf | xpdf | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
gentoo | linux | * | |
kde | kde | 3.2 | |
kde | kde | 3.2.1 | |
kde | kde | 3.2.2 | |
kde | kde | 3.2.3 | |
kde | kde | 3.3 | |
kde | kde | 3.3.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux_desktop | 3.0 | |
redhat | fedora_core | core_2.0 | |
redhat | linux_advanced_workstation | 2.1 | |
redhat | linux_advanced_workstation | 2.1 | |
suse | suse_linux | 8.0 | |
suse | suse_linux | 8.1 | |
suse | suse_linux | 8.2 | |
suse | suse_linux | 9.0 | |
suse | suse_linux | 9.0 | |
suse | suse_linux | 9.1 | |
suse | suse_linux | 9.2 | |
ubuntu | ubuntu_linux | 4.1 | |
ubuntu | ubuntu_linux | 4.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "68BD578F-CCAD-4515-9205-EB4F297C6DB4", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4_8:*:*:*:*:*:*:*", "matchCriteriaId": "F3182CA2-7375-43BC-A0E5-DE11D4B65EE3", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCF4C8D0-3030-4DD5-800B-76A582A4CD0C", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "734D0C2C-F71F-461A-87EE-202C6B706753", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_2:*:*:*:*:*:*:*", "matchCriteriaId": "3F0F402D-5CD0-4477-8B59-C753CECB02BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_3:*:*:*:*:*:*:*", "matchCriteriaId": "959F7AFA-ED20-434C-993F-06C2A8574662", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_5:*:*:*:*:*:*:*", "matchCriteriaId": "D4F5A0A4-2884-46CA-A846-8B954EB80CFA", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "1741CC9D-C4A8-48F9-86CF-EC20AE2A6BE7", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "35E65857-12C7-49DE-AD27-3CACD456231C", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "47CEF035-57A6-470B-916A-E5562C28E866", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "4E26BB15-4CF8-4496-A7F7-EB34C444EF72", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.13:*:*:*:*:*:*:*", "matchCriteriaId": "D414984E-4F6B-4278-8346-968587E4B18E", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.14:*:*:*:*:*:*:*", "matchCriteriaId": "33C36DCB-2FDD-44E6-85E8-875575AAE69E", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.15:*:*:*:*:*:*:*", "matchCriteriaId": "7C4B7C23-0C54-4FBA-A774-9CC1E148376E", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.16:*:*:*:*:*:*:*", "matchCriteriaId": "9FA0EF14-33E6-4D44-B86E-F04014EA3C8F", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.17:*:*:*:*:*:*:*", "matchCriteriaId": "A5428EE6-F90A-4BB6-9D8C-8B99E80AB6DF", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.18:*:*:*:*:*:*:*", "matchCriteriaId": "A786A770-919E-4E23-949D-D836F316618A", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19:*:*:*:*:*:*:*", "matchCriteriaId": "00A2249C-73DE-434E-A41F-4EDB0ADC0845", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19_rc5:*:*:*:*:*:*:*", "matchCriteriaId": "73AB4D3D-FF35-4A50-A144-3AD41F6F2E55", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.20:*:*:*:*:*:*:*", "matchCriteriaId": "FB7653F1-70E2-423F-A6A9-30333644B506", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnome:gpdf:0.112:*:*:*:*:*:*:*", "matchCriteriaId": "2E70576E-C253-4F8B-A93E-14CC2EE7114D", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnome:gpdf:0.131:*:*:*:*:*:*:*", "matchCriteriaId": "832C5512-B473-40E8-BF4F-EC6ABFE46749", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "053435DD-BFDF-4C39-9919-11C42D569085", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "E9BB1A3C-3348-4545-A513-E504B33F72AB", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "CD45E2C8-0B0E-484F-8050-94BF77798183", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "4EAA654E-9DD4-4614-92D7-EF4D676B3A18", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3_beta1:*:*:*:*:*:*:*", "matchCriteriaId": "89C96FC9-40DB-467D-A701-49F97A1B887D", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3_beta2:*:*:*:*:*:*:*", "matchCriteriaId": "76128BDC-2CA7-4AE7-8C4F-BCB3835CA938", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3_beta3:*:*:*:*:*:*:*", "matchCriteriaId": "0B2517C7-27EF-4961-91C3-CA33219AFF2E", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.32a:*:*:*:*:*:*:*", "matchCriteriaId": "EE346726-71D6-438B-B600-A7E107332816", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.32b:*:*:*:*:*:*:*", "matchCriteriaId": "87E85020-B4DB-4011-BDD0-1C8967D45A84", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.33:*:*:*:*:*:*:*", "matchCriteriaId": "8189A9AB-F685-40E2-944F-8BD3DD6FA0A2", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.33a:*:*:*:*:*:*:*", "matchCriteriaId": "C33B8585-FA5F-4210-A997-615BCEE1726F", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.34:*:*:*:*:*:*:*", "matchCriteriaId": "F4AE4C34-C497-426F-AC0D-1805A50582EF", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.35:*:*:*:*:*:*:*", "matchCriteriaId": "A2989EFF-07B9-4EF2-B6C1-59E4F52FDC92", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.36:*:*:*:*:*:*:*", "matchCriteriaId": "A3970101-5E83-49FD-BCB6-D9176D46B5A4", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*", "matchCriteriaId": "28CC6233-E207-40CC-81FF-A8670EEA4295", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.91:*:*:*:*:*:*:*", "matchCriteriaId": "64DD9B5C-3DB8-4E15-B4A6-541E4E221C1D", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.92:*:*:*:*:*:*:*", "matchCriteriaId": "0304E1E3-8766-40D0-8879-A652B4E9E72D", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.93:*:*:*:*:*:*:*", "matchCriteriaId": "188F1343-8082-4B54-8DA4-E344818ABD52", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "B95DA7DE-B786-4EE7-A3F4-C077A7986D5F", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:1.0a:*:*:*:*:*:*:*", "matchCriteriaId": "C5306C05-4A71-4175-8C22-F2DE0F2FE4C4", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3B9DEF16-ECD5-4BBE-8986-52A6171B3D9F", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "CFFDBEEC-B2C1-47F0-82D3-FC9147B590A9", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "354487CF-0086-4AE2-872B-0032E3EB89EE", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "1169B802-7279-437F-AF59-621A67DC92EC", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*", "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*", "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*", "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*", "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*", "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*", "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*", "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*", "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "82F69843-978D-4686-BC5B-1D09DA4A21BD", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "81E19472-47B4-4398-A188-CA5A5D3E7060", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*", "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*", "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*", "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*", "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889." } ], "id": "CVE-2004-0888", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-01-27T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000886" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=110815379627883\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2004/dsa-573" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2004/dsa-581" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2004/dsa-599" }, { "source": "cve@mitre.org", "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml" }, { "source": "cve@mitre.org", "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:114" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:115" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:116" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-543.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2004-592.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-066.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-354.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/11501" }, { "source": "cve@mitre.org", "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9714" }, { "source": "cve@mitre.org", "url": "https://www.ubuntu.com/usn/usn-9-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000886" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=110815379627883\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2004/dsa-573" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2004/dsa-581" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2004/dsa-599" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:114" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:115" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:116" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-543.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2004-592.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-066.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-354.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/11501" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9714" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.ubuntu.com/usn/usn-9-1/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2006-03-15 19:06
Modified
2025-04-03 01:03
Severity ?
Summary
Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed. Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://secunia.com/advisories/18948 | Patch, Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/19021 | Patch, Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/19065 | Patch, Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/19091 | Patch, Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/19164 | Patch, Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/19364 | Patch, Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/19644 | Patch, Vendor Advisory | |
cve@mitre.org | http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3.diff.gz | Patch | |
cve@mitre.org | http://www.debian.org/security/2006/dsa-1019 | Patch, Vendor Advisory | |
cve@mitre.org | http://www.debian.org/security/2006/dsa-979 | Patch, Vendor Advisory | |
cve@mitre.org | http://www.debian.org/security/2006/dsa-982 | Patch, Vendor Advisory | |
cve@mitre.org | http://www.debian.org/security/2006/dsa-983 | Patch, Vendor Advisory | |
cve@mitre.org | http://www.debian.org/security/2006/dsa-984 | Patch, Vendor Advisory | |
cve@mitre.org | http://www.debian.org/security/2006/dsa-998 | Patch, Vendor Advisory | |
cve@mitre.org | http://www.osvdb.org/23834 | ||
cve@mitre.org | http://www.securityfocus.com/bid/16748 | ||
cve@mitre.org | https://usn.ubuntu.com/270-1/ | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18948 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19021 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19065 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19091 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19164 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19364 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19644 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3.diff.gz | Patch | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-1019 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-979 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-982 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-983 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-984 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-998 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/23834 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/16748 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/270-1/ |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
gnome | gpdf | 2.8.2 | |
libextractor | libextractor | 0.3.6 | |
libextractor | libextractor | 0.3.7 | |
libextractor | libextractor | 0.3.8 | |
libextractor | libextractor | 0.3.9 | |
libextractor | libextractor | 0.3.11 | |
libextractor | libextractor | 0.4 | |
libextractor | libextractor | 0.4.1 | |
libextractor | libextractor | 0.4.2 | |
libextractor | libextractor | 0.5 | |
xpdf | xpdf | 0.90 | |
xpdf | xpdf | 0.91 | |
xpdf | xpdf | 0.92 | |
xpdf | xpdf | 0.93 | |
xpdf | xpdf | 1.0 | |
xpdf | xpdf | 1.0a | |
xpdf | xpdf | 1.1 | |
xpdf | xpdf | 2.0 | |
xpdf | xpdf | 2.1 | |
xpdf | xpdf | 2.2 | |
xpdf | xpdf | 2.3 | |
xpdf | xpdf | 3.0 | |
xpdf | xpdf | 3.0.1 | |
xpdf | xpdf | 3.0.1_pl1 | |
xpdf | xpdf | 3.0_pl2 | |
xpdf | xpdf | 3.0_pl3 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:gnome:gpdf:2.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "06B06279-EFB2-4EC1-95F2-166DC5B1BB71", "vulnerable": true }, { "criteria": "cpe:2.3:a:libextractor:libextractor:0.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "D93638AD-2023-4216-89A3-DF417EA940AD", "vulnerable": true }, { "criteria": "cpe:2.3:a:libextractor:libextractor:0.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "7D411F34-B792-4B41-9FBE-0F0222D4F099", "vulnerable": true }, { "criteria": "cpe:2.3:a:libextractor:libextractor:0.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "54B9A148-A52E-4B77-A854-7BF3C03AD490", "vulnerable": true }, { "criteria": "cpe:2.3:a:libextractor:libextractor:0.3.9:*:*:*:*:*:*:*", "matchCriteriaId": "BAEA984E-A346-42B8-ACA3-CE03D546EB3C", "vulnerable": true }, { "criteria": "cpe:2.3:a:libextractor:libextractor:0.3.11:*:*:*:*:*:*:*", "matchCriteriaId": "146D08C1-C651-4B6E-9997-474A81948764", "vulnerable": true }, { "criteria": "cpe:2.3:a:libextractor:libextractor:0.4:*:*:*:*:*:*:*", "matchCriteriaId": "4FAB7C4B-8017-42C4-AD3C-2A9846105D2A", "vulnerable": true }, { "criteria": "cpe:2.3:a:libextractor:libextractor:0.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "7B025EF7-1B61-40F0-9E03-C219C54E8E72", "vulnerable": true }, { "criteria": "cpe:2.3:a:libextractor:libextractor:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "9BF9CF5E-A531-4D75-B47E-6C81A7679BBA", "vulnerable": true }, { "criteria": "cpe:2.3:a:libextractor:libextractor:0.5:*:*:*:*:*:*:*", "matchCriteriaId": "F68AC7F5-371B-4F02-85E4-829C2B012FE4", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*", "matchCriteriaId": "28CC6233-E207-40CC-81FF-A8670EEA4295", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.91:*:*:*:*:*:*:*", "matchCriteriaId": "64DD9B5C-3DB8-4E15-B4A6-541E4E221C1D", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.92:*:*:*:*:*:*:*", "matchCriteriaId": "0304E1E3-8766-40D0-8879-A652B4E9E72D", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.93:*:*:*:*:*:*:*", "matchCriteriaId": "188F1343-8082-4B54-8DA4-E344818ABD52", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "B95DA7DE-B786-4EE7-A3F4-C077A7986D5F", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:1.0a:*:*:*:*:*:*:*", "matchCriteriaId": "C5306C05-4A71-4175-8C22-F2DE0F2FE4C4", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3B9DEF16-ECD5-4BBE-8986-52A6171B3D9F", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "CFFDBEEC-B2C1-47F0-82D3-FC9147B590A9", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "354487CF-0086-4AE2-872B-0032E3EB89EE", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "96767060-505A-42D2-A68A-6AD810DE800A", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "1169B802-7279-437F-AF59-621A67DC92EC", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "2B77866E-6818-4DE6-9457-39416871952C", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0.1_pl1:*:*:*:*:*:*:*", "matchCriteriaId": "B0A09900-C462-4E3D-9399-0271F91DC5BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0_pl2:*:*:*:*:*:*:*", "matchCriteriaId": "F6D23CF8-2B6C-4D2A-8E5E-6AACE99A7C19", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0_pl3:*:*:*:*:*:*:*", "matchCriteriaId": "9107B531-7254-4908-97F0-3BF1EA0495AC", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "5BF84240-1881-4EFB-BB2F-F9CE8AD09C7B", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*", "matchCriteriaId": "AF8AE8C4-810F-41AB-A251-5A2D4DD6884D", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*", "matchCriteriaId": "5EACF214-FA27-44FF-A431-927AB79377A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*", "matchCriteriaId": "E2B58895-0E2A-4466-9CB2-0083349A83B2", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*", "matchCriteriaId": "03F8220A-9B1C-40AA-AEAB-F9A93225FBD5", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*", "matchCriteriaId": "2311919C-7864-469D-B0F6-9B11D8D0A1C3", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*", "matchCriteriaId": "19876495-4C1A-487C-955A-C5AA46362A1F", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*", "matchCriteriaId": "D75286DD-50BC-4B72-8AC8-E20730124DC2", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*", "matchCriteriaId": "1998C972-497E-4916-B50E-FB32303EEA8E", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "A6CD3DD9-3A8A-4716-A2D1-136A790AFF94", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*", "matchCriteriaId": "6CE2020A-4FB2-4FCD-8561-7BD147CD95EB", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "08E90AFA-C262-46D0-B60E-26B67C9602D5", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed. Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature." } ], "id": "CVE-2006-1244", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 4.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2006-03-15T19:06:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18948" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/19021" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/19065" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/19091" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/19164" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/19364" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/19644" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3.diff.gz" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-1019" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-979" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-982" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-983" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-984" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-998" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/23834" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/16748" }, { "source": "cve@mitre.org", "url": "https://usn.ubuntu.com/270-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18948" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/19021" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/19065" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/19091" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/19164" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/19364" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/19644" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3.diff.gz" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-1019" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-979" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-982" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-983" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-984" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-998" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/23834" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/16748" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/270-1/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-08-16 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temporary file to be created when xpdf attempts to reconstruct the information.
References
▶ | URL | Tags | |
---|---|---|---|
secalert@redhat.com | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt | ||
secalert@redhat.com | http://secunia.com/advisories/17277 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18398 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18407 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/21339 | ||
secalert@redhat.com | http://secunia.com/advisories/25729 | ||
secalert@redhat.com | http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 | ||
secalert@redhat.com | http://www.debian.org/security/2005/dsa-780 | ||
secalert@redhat.com | http://www.debian.org/security/2006/dsa-1136 | ||
secalert@redhat.com | http://www.debian.org/security/2006/dsa-936 | Vendor Advisory | |
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2005:138 | ||
secalert@redhat.com | http://www.novell.com/linux/security/advisories/2005_19_sr.html | ||
secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2005-670.html | ||
secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2005-671.html | ||
secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2005-706.html | ||
secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2005-708.html | ||
secalert@redhat.com | http://www.securityfocus.com/archive/1/427053/100/0/threaded | ||
secalert@redhat.com | http://www.securityfocus.com/archive/1/427990/100/0/threaded | ||
secalert@redhat.com | http://www.securityfocus.com/bid/14529 | ||
secalert@redhat.com | http://www.vupen.com/english/advisories/2007/2280 | ||
secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10280 | ||
secalert@redhat.com | https://usn.ubuntu.com/163-1/ | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17277 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18398 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18407 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/21339 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/25729 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-780 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-1136 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-936 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2005:138 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2005_19_sr.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-670.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-671.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-706.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-708.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/427053/100/0/threaded | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/427990/100/0/threaded | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/14529 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/2280 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10280 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/163-1/ |
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:kde:kpdf:*:*:*:*:*:*:*:*", "matchCriteriaId": "41EF2714-DEC9-407F-9D1B-EF2A4D8B4DC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0_pl2:*:*:*:*:*:*:*", "matchCriteriaId": "F6D23CF8-2B6C-4D2A-8E5E-6AACE99A7C19", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0_pl3:*:*:*:*:*:*:*", "matchCriteriaId": "9107B531-7254-4908-97F0-3BF1EA0495AC", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "xpdf and kpdf do not properly validate the \"loca\" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a \"broken\" loca table, which causes a large temporary file to be created when xpdf attempts to reconstruct the information." } ], "id": "CVE-2005-2097", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-08-16T04:00:00.000", "references": [ { "source": "secalert@redhat.com", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17277" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18398" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18407" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/21339" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/25729" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-780" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-1136" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:138" }, { "source": "secalert@redhat.com", "url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2005-670.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2005-671.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2005-706.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2005-708.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/14529" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10280" }, { "source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/163-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17277" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18398" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18407" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/21339" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25729" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-780" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1136" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:138" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-670.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-671.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-706.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-708.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/14529" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/163-1/" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2003-01-02 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://marc.info/?l=bugtraq&m=104152282309980&w=2 | ||
cve@mitre.org | http://www.debian.org/security/2003/dsa-222 | ||
cve@mitre.org | http://www.debian.org/security/2003/dsa-226 | ||
cve@mitre.org | http://www.debian.org/security/2003/dsa-232 | ||
cve@mitre.org | http://www.idefense.com/advisory/12.23.02.txt | Exploit, Patch, Vendor Advisory | |
cve@mitre.org | http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001 | ||
cve@mitre.org | http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:002 | ||
cve@mitre.org | http://www.novell.com/linux/security/advisories/2003_002_cups.html | ||
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2002-295.html | ||
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2002-307.html | ||
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2003-037.html | ||
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2003-216.html | ||
cve@mitre.org | http://www.securityfocus.com/bid/6475 | ||
cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/10937 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=104152282309980&w=2 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2003/dsa-222 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2003/dsa-226 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2003/dsa-232 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.idefense.com/advisory/12.23.02.txt | Exploit, Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:002 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2003_002_cups.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2002-295.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2002-307.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2003-037.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2003-216.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/6475 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/10937 |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
easy_software_products | cups | 1.0.4 | |
easy_software_products | cups | 1.0.4_8 | |
easy_software_products | cups | 1.1.1 | |
easy_software_products | cups | 1.1.4 | |
easy_software_products | cups | 1.1.4_2 | |
easy_software_products | cups | 1.1.4_3 | |
easy_software_products | cups | 1.1.4_5 | |
easy_software_products | cups | 1.1.6 | |
easy_software_products | cups | 1.1.7 | |
easy_software_products | cups | 1.1.10 | |
easy_software_products | cups | 1.1.13 | |
easy_software_products | cups | 1.1.14 | |
easy_software_products | cups | 1.1.17 | |
xpdf | xpdf | 0.90 | |
xpdf | xpdf | 0.91 | |
xpdf | xpdf | 1.0 | |
xpdf | xpdf | 1.0a | |
xpdf | xpdf | 1.1 | |
xpdf | xpdf | 2.0 | |
xpdf | xpdf | 2.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "68BD578F-CCAD-4515-9205-EB4F297C6DB4", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4_8:*:*:*:*:*:*:*", "matchCriteriaId": "F3182CA2-7375-43BC-A0E5-DE11D4B65EE3", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCF4C8D0-3030-4DD5-800B-76A582A4CD0C", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "734D0C2C-F71F-461A-87EE-202C6B706753", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_2:*:*:*:*:*:*:*", "matchCriteriaId": "3F0F402D-5CD0-4477-8B59-C753CECB02BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_3:*:*:*:*:*:*:*", "matchCriteriaId": "959F7AFA-ED20-434C-993F-06C2A8574662", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_5:*:*:*:*:*:*:*", "matchCriteriaId": "D4F5A0A4-2884-46CA-A846-8B954EB80CFA", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "1741CC9D-C4A8-48F9-86CF-EC20AE2A6BE7", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "35E65857-12C7-49DE-AD27-3CACD456231C", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "47CEF035-57A6-470B-916A-E5562C28E866", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.13:*:*:*:*:*:*:*", "matchCriteriaId": "D414984E-4F6B-4278-8346-968587E4B18E", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.14:*:*:*:*:*:*:*", "matchCriteriaId": "33C36DCB-2FDD-44E6-85E8-875575AAE69E", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.17:*:*:*:*:*:*:*", "matchCriteriaId": "A5428EE6-F90A-4BB6-9D8C-8B99E80AB6DF", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*", "matchCriteriaId": "28CC6233-E207-40CC-81FF-A8670EEA4295", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.91:*:*:*:*:*:*:*", "matchCriteriaId": "64DD9B5C-3DB8-4E15-B4A6-541E4E221C1D", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "B95DA7DE-B786-4EE7-A3F4-C077A7986D5F", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:1.0a:*:*:*:*:*:*:*", "matchCriteriaId": "C5306C05-4A71-4175-8C22-F2DE0F2FE4C4", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3B9DEF16-ECD5-4BBE-8986-52A6171B3D9F", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "CFFDBEEC-B2C1-47F0-82D3-FC9147B590A9", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "354487CF-0086-4AE2-872B-0032E3EB89EE", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf." }, { "lang": "es", "value": "Desbordamiento de enteros en pdftops, usado en Xpdf 2.01 y anteriores, y CUPS antes de 1.1.18, permite a usuarios locales ejecutar c\u00f3digo arbitrario mediante una entrada ColorSpace con un n\u00famero de elementos largo, como ha sido demostrado por cups-pdf." } ], "id": "CVE-2002-1384", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2003-01-02T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=104152282309980\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2003/dsa-222" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2003/dsa-226" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2003/dsa-232" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.idefense.com/advisory/12.23.02.txt" }, { "source": "cve@mitre.org", "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001" }, { "source": "cve@mitre.org", "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:002" }, { "source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/2003_002_cups.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2002-295.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2002-307.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2003-037.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2003-216.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/6475" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10937" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=104152282309980\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2003/dsa-222" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2003/dsa-226" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2003/dsa-232" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.idefense.com/advisory/12.23.02.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:002" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2003_002_cups.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2002-295.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2002-307.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2003-037.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2003-216.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/6475" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10937" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-12-08 01:03
Modified
2025-04-03 01:03
Severity ?
Summary
Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitrary code via a PDF file with an out-of-range numComps (number of components) field.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.01pl1.patch | Patch | |
cve@mitre.org | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt | ||
cve@mitre.org | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt | ||
cve@mitre.org | ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt | ||
cve@mitre.org | ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U | ||
cve@mitre.org | ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U | ||
cve@mitre.org | ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U | ||
cve@mitre.org | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289 | ||
cve@mitre.org | http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html | ||
cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2005-868.html | Vendor Advisory | |
cve@mitre.org | http://scary.beasts.org/security/CESA-2005-003.txt | ||
cve@mitre.org | http://secunia.com/advisories/17897/ | Patch, Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/17908 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/17912 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/17916 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/17920 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/17921 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/17926 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/17929 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/17940 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/17955 | ||
cve@mitre.org | http://secunia.com/advisories/17976 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18009 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18055 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18061 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18189 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18191 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18192 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18303 | ||
cve@mitre.org | http://secunia.com/advisories/18313 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18336 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18349 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18380 | ||
cve@mitre.org | http://secunia.com/advisories/18385 | ||
cve@mitre.org | http://secunia.com/advisories/18387 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18389 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18398 | ||
cve@mitre.org | http://secunia.com/advisories/18407 | ||
cve@mitre.org | http://secunia.com/advisories/18416 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18428 | ||
cve@mitre.org | http://secunia.com/advisories/18436 | ||
cve@mitre.org | http://secunia.com/advisories/18448 | Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/18503 | ||
cve@mitre.org | http://secunia.com/advisories/18517 | ||
cve@mitre.org | http://secunia.com/advisories/18534 | ||
cve@mitre.org | http://secunia.com/advisories/18549 | ||
cve@mitre.org | http://secunia.com/advisories/18554 | ||
cve@mitre.org | http://secunia.com/advisories/18582 | ||
cve@mitre.org | http://secunia.com/advisories/18674 | ||
cve@mitre.org | http://secunia.com/advisories/18675 | ||
cve@mitre.org | http://secunia.com/advisories/18679 | ||
cve@mitre.org | http://secunia.com/advisories/18908 | ||
cve@mitre.org | http://secunia.com/advisories/18913 | ||
cve@mitre.org | http://secunia.com/advisories/19230 | ||
cve@mitre.org | http://secunia.com/advisories/19377 | ||
cve@mitre.org | http://secunia.com/advisories/19797 | ||
cve@mitre.org | http://secunia.com/advisories/19798 | ||
cve@mitre.org | http://secunia.com/advisories/25729 | ||
cve@mitre.org | http://secunia.com/advisories/26413 | ||
cve@mitre.org | http://securityreason.com/securityalert/235 | ||
cve@mitre.org | http://securityreason.com/securityalert/240 | ||
cve@mitre.org | http://securitytracker.com/id?1015309 | ||
cve@mitre.org | http://securitytracker.com/id?1015324 | ||
cve@mitre.org | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 | ||
cve@mitre.org | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 | ||
cve@mitre.org | http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 | ||
cve@mitre.org | http://www.debian.org/security/2005/dsa-931 | ||
cve@mitre.org | http://www.debian.org/security/2005/dsa-932 | ||
cve@mitre.org | http://www.debian.org/security/2006/dsa-936 | ||
cve@mitre.org | http://www.debian.org/security/2006/dsa-937 | ||
cve@mitre.org | http://www.debian.org/security/2006/dsa-950 | ||
cve@mitre.org | http://www.debian.org/security/2006/dsa-961 | ||
cve@mitre.org | http://www.debian.org/security/2006/dsa-962 | ||
cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml | ||
cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml | ||
cve@mitre.org | http://www.idefense.com/application/poi/display?id=344&type=vulnerabilities | Patch, Vendor Advisory | |
cve@mitre.org | http://www.kde.org/info/security/advisory-20051207-1.txt | ||
cve@mitre.org | http://www.kde.org/info/security/advisory-20051207-2.txt | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2006:003 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2006:004 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2006:005 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2006:006 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2006:008 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 | ||
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 | ||
cve@mitre.org | http://www.novell.com/linux/security/advisories/2005_29_sr.html | ||
cve@mitre.org | http://www.novell.com/linux/security/advisories/2006_02_sr.html | ||
cve@mitre.org | http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html | ||
cve@mitre.org | http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html | ||
cve@mitre.org | http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html | ||
cve@mitre.org | http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html | ||
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-840.html | Patch, Vendor Advisory | |
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-867.html | Vendor Advisory | |
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-878.html | Vendor Advisory | |
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2006-0160.html | ||
cve@mitre.org | http://www.securityfocus.com/archive/1/418883/100/0/threaded | ||
cve@mitre.org | http://www.securityfocus.com/archive/1/427053/100/0/threaded | ||
cve@mitre.org | http://www.securityfocus.com/archive/1/427990/100/0/threaded | ||
cve@mitre.org | http://www.securityfocus.com/bid/15725 | Patch | |
cve@mitre.org | http://www.trustix.org/errata/2005/0072/ | ||
cve@mitre.org | http://www.ubuntulinux.org/usn/usn-227-1 | ||
cve@mitre.org | http://www.vupen.com/english/advisories/2005/2755 | ||
cve@mitre.org | http://www.vupen.com/english/advisories/2005/2786 | ||
cve@mitre.org | http://www.vupen.com/english/advisories/2005/2787 | ||
cve@mitre.org | http://www.vupen.com/english/advisories/2005/2788 | ||
cve@mitre.org | http://www.vupen.com/english/advisories/2005/2789 | ||
cve@mitre.org | http://www.vupen.com/english/advisories/2005/2790 | ||
cve@mitre.org | http://www.vupen.com/english/advisories/2005/2856 | ||
cve@mitre.org | http://www.vupen.com/english/advisories/2007/2280 | ||
cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/23442 | ||
cve@mitre.org | https://issues.rpath.com/browse/RPL-1609 | ||
cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10914 | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.01pl1.patch | Patch | |
af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U | ||
af854a3a-2127-422b-91ae-364da2661108 | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2005-868.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://scary.beasts.org/security/CESA-2005-003.txt | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17897/ | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17908 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17912 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17916 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17920 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17921 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17926 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17929 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17940 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17955 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17976 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18009 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18055 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18061 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18189 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18191 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18192 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18303 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18313 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18336 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18349 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18380 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18385 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18387 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18389 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18398 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18407 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18416 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18428 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18436 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18448 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18503 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18517 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18534 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18549 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18554 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18582 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18674 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18675 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18679 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18908 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18913 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19230 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19377 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19797 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19798 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/25729 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26413 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/235 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/240 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1015309 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1015324 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-931 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-932 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-936 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-937 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-950 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-961 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-962 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.idefense.com/application/poi/display?id=344&type=vulnerabilities | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20051207-1.txt | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20051207-2.txt | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:003 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:004 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:005 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:006 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:008 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2005_29_sr.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2006_02_sr.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-840.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-867.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-878.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2006-0160.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/418883/100/0/threaded | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/427053/100/0/threaded | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/427990/100/0/threaded | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/15725 | Patch | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.trustix.org/errata/2005/0072/ | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntulinux.org/usn/usn-227-1 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2005/2755 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2005/2786 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2005/2787 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2005/2788 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2005/2789 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2005/2790 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2005/2856 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/2280 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/23442 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://issues.rpath.com/browse/RPL-1609 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10914 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "2B77866E-6818-4DE6-9457-39416871952C", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitrary code via a PDF file with an out-of-range numComps (number of components) field." } ], "id": "CVE-2005-3192", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-12-08T01:03:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.01pl1.patch" }, { "source": "cve@mitre.org", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "source": "cve@mitre.org", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt" }, { "source": "cve@mitre.org", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt" }, { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "cve@mitre.org", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289" }, { "source": "cve@mitre.org", "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2005-868.html" }, { "source": "cve@mitre.org", "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/17897/" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17908" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17912" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17916" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17920" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17921" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17926" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17929" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17940" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/17955" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17976" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18009" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18055" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18061" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18189" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18191" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18192" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18303" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18313" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18336" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18349" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18380" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18385" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18387" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18389" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18398" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18407" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18416" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18428" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18436" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18448" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18503" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18517" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18534" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18549" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18554" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18582" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18674" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18675" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18679" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18908" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18913" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/19230" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/19377" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/19797" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/19798" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/25729" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/26413" }, { "source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/235" }, { "source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/240" }, { "source": "cve@mitre.org", "url": "http://securitytracker.com/id?1015309" }, { "source": "cve@mitre.org", "url": "http://securitytracker.com/id?1015324" }, { "source": "cve@mitre.org", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "cve@mitre.org", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "cve@mitre.org", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2005/dsa-931" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2005/dsa-932" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2006/dsa-937" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2006/dsa-950" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2006/dsa-961" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2006/dsa-962" }, { "source": "cve@mitre.org", "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml" }, { "source": "cve@mitre.org", "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.idefense.com/application/poi/display?id=344\u0026type=vulnerabilities" }, { "source": "cve@mitre.org", "url": "http://www.kde.org/info/security/advisory-20051207-1.txt" }, { "source": "cve@mitre.org", "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/2005_29_sr.html" }, { "source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/2006_02_sr.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-840.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-867.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-878.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/418883/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/15725" }, { "source": "cve@mitre.org", "url": "http://www.trustix.org/errata/2005/0072/" }, { "source": "cve@mitre.org", "url": "http://www.ubuntulinux.org/usn/usn-227-1" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2005/2755" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2005/2786" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2005/2787" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2005/2788" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2005/2789" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2005/2790" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2005/2856" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23442" }, { "source": "cve@mitre.org", "url": "https://issues.rpath.com/browse/RPL-1609" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10914" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.01pl1.patch" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2005-868.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/17897/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17908" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17912" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17916" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17920" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17921" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17926" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17929" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17940" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17955" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17976" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18009" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18055" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18061" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18189" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18191" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18192" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18303" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18313" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18336" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18349" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18380" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18385" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18387" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18389" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18398" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18407" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18416" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18428" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18436" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18448" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18503" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18517" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18534" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18549" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18554" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18582" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18674" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18675" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18679" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18908" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18913" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19230" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19377" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19797" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19798" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25729" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26413" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/235" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/240" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1015309" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1015324" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-931" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-932" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-937" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-950" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-961" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-962" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.idefense.com/application/poi/display?id=344\u0026type=vulnerabilities" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.kde.org/info/security/advisory-20051207-1.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2005_29_sr.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2006_02_sr.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-840.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-867.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-878.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/418883/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/15725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.trustix.org/errata/2005/0072/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntulinux.org/usn/usn-227-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2005/2755" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2005/2786" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2005/2787" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2005/2788" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2005/2789" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2005/2790" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2005/2856" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23442" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://issues.rpath.com/browse/RPL-1609" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10914" } ], "sourceIdentifier": "cve@mitre.org", "vendorComments": [ { "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", "lastModified": "2007-03-14T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-10-20 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
xpdf PDF viewer client earlier than 0.91 does not properly launch a web browser for embedded URL's, which allows an attacker to execute arbitrary commands via a URL that contains shell metacharacters.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://marc.info/?l=bugtraq&m=96766355023239&w=2 | ||
cve@mitre.org | http://marc.info/?l=bugtraq&m=96886599829687&w=2 | ||
cve@mitre.org | http://www.calderasystems.com/support/security/advisories/CSSA-2000-031.0.txt | Patch, Vendor Advisory | |
cve@mitre.org | http://www.debian.org/security/2000/20000910a | Patch, Vendor Advisory | |
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2000-060.html | ||
cve@mitre.org | http://www.securityfocus.com/bid/1624 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=96766355023239&w=2 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=96886599829687&w=2 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.calderasystems.com/support/security/advisories/CSSA-2000-031.0.txt | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2000/20000910a | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2000-060.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/1624 | Patch, Vendor Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*", "matchCriteriaId": "28CC6233-E207-40CC-81FF-A8670EEA4295", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "xpdf PDF viewer client earlier than 0.91 does not properly launch a web browser for embedded URL\u0027s, which allows an attacker to execute arbitrary commands via a URL that contains shell metacharacters." } ], "id": "CVE-2000-0727", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 4.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2000-10-20T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=96766355023239\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=96886599829687\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-031.0.txt" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2000/20000910a" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-060.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1624" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=96766355023239\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=96886599829687\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-031.0.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2000/20000910a" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-060.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1624" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."
References
▶ | URL | Tags | |
---|---|---|---|
secalert@redhat.com | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt | ||
secalert@redhat.com | ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U | ||
secalert@redhat.com | ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U | ||
secalert@redhat.com | ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U | ||
secalert@redhat.com | http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html | Patch | |
secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2006-0177.html | Patch, Vendor Advisory | |
secalert@redhat.com | http://scary.beasts.org/security/CESA-2005-003.txt | Exploit | |
secalert@redhat.com | http://secunia.com/advisories/18147 | ||
secalert@redhat.com | http://secunia.com/advisories/18303 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18312 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18313 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18329 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18332 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18334 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18335 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18338 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18349 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18373 | ||
secalert@redhat.com | http://secunia.com/advisories/18375 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18380 | ||
secalert@redhat.com | http://secunia.com/advisories/18385 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18387 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18389 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18398 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18407 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18414 | ||
secalert@redhat.com | http://secunia.com/advisories/18416 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18423 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18425 | ||
secalert@redhat.com | http://secunia.com/advisories/18428 | ||
secalert@redhat.com | http://secunia.com/advisories/18436 | ||
secalert@redhat.com | http://secunia.com/advisories/18448 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18463 | ||
secalert@redhat.com | http://secunia.com/advisories/18517 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18534 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18554 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18582 | Patch, Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18642 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18644 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18674 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18675 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18679 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18908 | Vendor Advisory | |
secalert@redhat.com | http://secunia.com/advisories/18913 | ||
secalert@redhat.com | http://secunia.com/advisories/19230 | ||
secalert@redhat.com | http://secunia.com/advisories/19377 | ||
secalert@redhat.com | http://secunia.com/advisories/25729 | ||
secalert@redhat.com | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 | ||
secalert@redhat.com | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 | ||
secalert@redhat.com | http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 | ||
secalert@redhat.com | http://www.debian.org/security/2005/dsa-931 | ||
secalert@redhat.com | http://www.debian.org/security/2005/dsa-932 | ||
secalert@redhat.com | http://www.debian.org/security/2005/dsa-937 | ||
secalert@redhat.com | http://www.debian.org/security/2005/dsa-938 | ||
secalert@redhat.com | http://www.debian.org/security/2005/dsa-940 | ||
secalert@redhat.com | http://www.debian.org/security/2006/dsa-936 | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.debian.org/security/2006/dsa-950 | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.debian.org/security/2006/dsa-961 | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.debian.org/security/2006/dsa-962 | ||
secalert@redhat.com | http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml | ||
secalert@redhat.com | http://www.kde.org/info/security/advisory-20051207-2.txt | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:003 | ||
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:004 | ||
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:005 | ||
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:006 | ||
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:008 | ||
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 | ||
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 | ||
secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:012 | ||
secalert@redhat.com | http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html | Patch | |
secalert@redhat.com | http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html | Patch | |
secalert@redhat.com | http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html | ||
secalert@redhat.com | http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html | ||
secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2006-0160.html | Patch, Vendor Advisory | |
secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2006-0163.html | ||
secalert@redhat.com | http://www.securityfocus.com/archive/1/427053/100/0/threaded | ||
secalert@redhat.com | http://www.securityfocus.com/archive/1/427990/100/0/threaded | ||
secalert@redhat.com | http://www.securityfocus.com/bid/16143 | Patch | |
secalert@redhat.com | http://www.trustix.org/errata/2006/0002/ | ||
secalert@redhat.com | http://www.vupen.com/english/advisories/2006/0047 | ||
secalert@redhat.com | http://www.vupen.com/english/advisories/2007/2280 | ||
secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/24023 | ||
secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575 | ||
secalert@redhat.com | https://usn.ubuntu.com/236-1/ | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U | ||
af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U | ||
af854a3a-2127-422b-91ae-364da2661108 | http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html | Patch | |
af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2006-0177.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://scary.beasts.org/security/CESA-2005-003.txt | Exploit | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18147 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18303 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18312 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18313 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18329 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18332 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18334 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18335 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18338 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18349 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18373 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18375 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18380 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18385 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18387 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18389 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18398 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18407 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18414 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18416 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18423 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18425 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18428 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18436 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18448 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18463 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18517 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18534 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18554 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18582 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18642 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18644 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18674 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18675 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18679 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18908 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18913 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19230 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/19377 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/25729 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-931 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-932 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-937 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-938 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-940 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-936 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-950 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-961 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-962 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20051207-2.txt | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:003 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:004 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:005 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:006 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:008 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:012 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html | Patch | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html | Patch | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2006-0160.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2006-0163.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/427053/100/0/threaded | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/427990/100/0/threaded | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/16143 | Patch | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.trustix.org/errata/2006/0002/ | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2006/0047 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/2280 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/24023 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/236-1/ |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
easy_software_products | cups | 1.1.22 | |
easy_software_products | cups | 1.1.22_rc1 | |
easy_software_products | cups | 1.1.23 | |
easy_software_products | cups | 1.1.23_rc1 | |
kde | kdegraphics | 3.2 | |
kde | kdegraphics | 3.4.3 | |
kde | koffice | 1.4 | |
kde | koffice | 1.4.1 | |
kde | koffice | 1.4.2 | |
kde | kpdf | 3.2 | |
kde | kpdf | 3.4.3 | |
kde | kword | 1.4.2 | |
libextractor | libextractor | * | |
poppler | poppler | 0.4.2 | |
sgi | propack | 3.0 | |
tetex | tetex | 1.0.7 | |
tetex | tetex | 2.0 | |
tetex | tetex | 2.0.1 | |
tetex | tetex | 2.0.2 | |
tetex | tetex | 3.0 | |
xpdf | xpdf | 3.0 | |
conectiva | linux | 10.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 3.1 | |
gentoo | linux | * | |
mandrakesoft | mandrake_linux | 10.1 | |
mandrakesoft | mandrake_linux | 10.1 | |
mandrakesoft | mandrake_linux | 10.2 | |
mandrakesoft | mandrake_linux | 10.2 | |
mandrakesoft | mandrake_linux | 2006 | |
mandrakesoft | mandrake_linux | 2006 | |
mandrakesoft | mandrake_linux_corporate_server | 2.1 | |
mandrakesoft | mandrake_linux_corporate_server | 2.1 | |
mandrakesoft | mandrake_linux_corporate_server | 3.0 | |
mandrakesoft | mandrake_linux_corporate_server | 3.0 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux | 4.0 | |
redhat | enterprise_linux | 4.0 | |
redhat | enterprise_linux | 4.0 | |
redhat | enterprise_linux_desktop | 3.0 | |
redhat | enterprise_linux_desktop | 4.0 | |
redhat | fedora_core | core_1.0 | |
redhat | fedora_core | core_2.0 | |
redhat | fedora_core | core_3.0 | |
redhat | fedora_core | core_4.0 | |
redhat | linux | 7.3 | |
redhat | linux | 9.0 | |
redhat | linux_advanced_workstation | 2.1 | |
redhat | linux_advanced_workstation | 2.1 | |
sco | openserver | 5.0.7 | |
sco | openserver | 6.0 | |
slackware | slackware_linux | 9.0 | |
slackware | slackware_linux | 9.1 | |
slackware | slackware_linux | 10.0 | |
slackware | slackware_linux | 10.1 | |
slackware | slackware_linux | 10.2 | |
suse | suse_linux | 1.0 | |
suse | suse_linux | 9.0 | |
suse | suse_linux | 9.0 | |
suse | suse_linux | 9.0 | |
suse | suse_linux | 9.0 | |
suse | suse_linux | 9.0 | |
suse | suse_linux | 9.1 | |
suse | suse_linux | 9.1 | |
suse | suse_linux | 9.1 | |
suse | suse_linux | 9.2 | |
suse | suse_linux | 9.2 | |
suse | suse_linux | 9.2 | |
suse | suse_linux | 9.3 | |
suse | suse_linux | 9.3 | |
suse | suse_linux | 9.3 | |
suse | suse_linux | 10.0 | |
suse | suse_linux | 10.0 | |
trustix | secure_linux | 2.0 | |
trustix | secure_linux | 2.2 | |
trustix | secure_linux | 3.0 | |
turbolinux | turbolinux | 10 | |
turbolinux | turbolinux | fuji | |
turbolinux | turbolinux_appliance_server | 1.0_hosting_edition | |
turbolinux | turbolinux_appliance_server | 1.0_workgroup_edition | |
turbolinux | turbolinux_desktop | 10.0 | |
turbolinux | turbolinux_home | * | |
turbolinux | turbolinux_multimedia | * | |
turbolinux | turbolinux_personal | * | |
turbolinux | turbolinux_server | 8.0 | |
turbolinux | turbolinux_server | 10.0 | |
turbolinux | turbolinux_server | 10.0_x86 | |
turbolinux | turbolinux_workstation | 8.0 | |
ubuntu | ubuntu_linux | 4.1 | |
ubuntu | ubuntu_linux | 4.1 | |
ubuntu | ubuntu_linux | 5.04 | |
ubuntu | ubuntu_linux | 5.04 | |
ubuntu | ubuntu_linux | 5.04 | |
ubuntu | ubuntu_linux | 5.10 | |
ubuntu | ubuntu_linux | 5.10 | |
ubuntu | ubuntu_linux | 5.10 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22:*:*:*:*:*:*:*", "matchCriteriaId": "B1512A96-B8E7-4DB7-A4CB-8FD3773BFC97", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "787B918D-9CCC-44FE-92AF-E8DF1E91A3C7", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23:*:*:*:*:*:*:*", "matchCriteriaId": "C116493B-2837-4531-9291-A9FF03099A97", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "525BD04B-387F-4713-BC89-472D0D0BCFD0", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kdegraphics:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "6BF92649-90CE-4E75-A938-61D0916B5A7E", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kdegraphics:3.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "2CA505B4-0C17-49C8-9533-CA8CE3AA77D8", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "37C08E0A-651F-458B-BCEC-A30DCD527E47", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "6000D6AF-C056-4BC0-A54C-72E23E52AB92", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "A7D036E4-FA49-417D-968B-9D73B16A09BA", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kpdf:3.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "BC2AB9CB-DEAB-45AB-A7CA-D19E069907EC", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kword:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "EAC32BAA-99B3-4B40-83A3-ED9E1B12B295", "vulnerable": true }, { "criteria": "cpe:2.3:a:libextractor:libextractor:*:*:*:*:*:*:*:*", "matchCriteriaId": "679D9520-DE8E-4D06-A227-3B1C1D05977D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:sp6:*:*:*:*:*:*", "matchCriteriaId": "EF8ABD90-AD2B-4FA0-A355-9D7CD6D3C486", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "9178B36F-41D5-4AE7-B9C8-56BDEADE76EB", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*", "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*", "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*", "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*", "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*", "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*", "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*", "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*", "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "5BF84240-1881-4EFB-BB2F-F9CE8AD09C7B", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*", "matchCriteriaId": "AF8AE8C4-810F-41AB-A251-5A2D4DD6884D", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*", "matchCriteriaId": "5EACF214-FA27-44FF-A431-927AB79377A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*", "matchCriteriaId": "E2B58895-0E2A-4466-9CB2-0083349A83B2", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*", "matchCriteriaId": "03F8220A-9B1C-40AA-AEAB-F9A93225FBD5", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*", "matchCriteriaId": "2311919C-7864-469D-B0F6-9B11D8D0A1C3", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*", "matchCriteriaId": "19876495-4C1A-487C-955A-C5AA46362A1F", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*", "matchCriteriaId": "D75286DD-50BC-4B72-8AC8-E20730124DC2", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*", "matchCriteriaId": "1998C972-497E-4916-B50E-FB32303EEA8E", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "A6CD3DD9-3A8A-4716-A2D1-136A790AFF94", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*", "matchCriteriaId": "6CE2020A-4FB2-4FCD-8561-7BD147CD95EB", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "08E90AFA-C262-46D0-B60E-26B67C9602D5", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:*", "matchCriteriaId": "0315FB43-D199-4734-B724-50ED031C0020", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:*:*:*:*:*:*", "matchCriteriaId": "11D69B83-4EF3-407B-8E8C-DE623F099C17", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:x86-64:*:*:*:*:*", "matchCriteriaId": "7D221688-18A0-453D-8D13-6B68011FCA13", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*", "matchCriteriaId": "597094EC-D23F-4EC4-A140-96F287679124", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86-64:*:*:*:*:*", "matchCriteriaId": "C4FCF0D3-A6CB-448E-B0D3-DA82BE02DEC8", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*", "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*", "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*", "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*", "matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*", "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C720DACC-CF4B-4A00-818C-8303A7D7DED6", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*", "matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "7458BA31-812E-40C9-BB92-8688A3BCBA56", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "D29C5A03-A7C9-4780-BB63-CF1E874D018D", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "B85EF0EE-3E61-4CA3-9F00-610AB2E1CFCF", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.2:*:*:*:*:*:*:*", "matchCriteriaId": "70440F49-AEE9-41BE-8E1A-43AB657C8E09", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:personal:*:*:*:*:*", "matchCriteriaId": "F239BA8A-6B41-4B08-8C7C-25D235812C50", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:professional:*:*:*:*:*", "matchCriteriaId": "89BA858B-9466-4640-84AE-DC5BDC65D6B8", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:s_390:*:*:*:*:*", "matchCriteriaId": "85F2D904-E830-4034-9CCB-0FF65019622C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:personal:*:*:*:*:*", "matchCriteriaId": "3EA56868-ACA1-4C65-9FFB-A68129D2428A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:professional:*:*:*:*:*", "matchCriteriaId": "1BA2E629-58C6-4BA0-A447-F8F570B35E74", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:personal:*:*:*:*:*", "matchCriteriaId": "3BEE15E9-9194-4E37-AB3B-66ECD5AC9E11", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:professional:*:*:*:*:*", "matchCriteriaId": "C89BA3B6-370B-4911-A363-935A9C9EACF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*", "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:personal:*:*:*:*:*", "matchCriteriaId": "4F1B4D15-0562-44D6-B80B-35A8F432BD41", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:professional:*:*:*:*:*", "matchCriteriaId": "D84ABF78-0D85-4E15-907E-B5ACE86EB8C7", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:x86_64:*:*:*:*:*", "matchCriteriaId": "9C7018E7-F90C-435D-A07A-05A294EA2827", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*", "matchCriteriaId": "16915004-1006-41D6-9E42-D1A5041E442D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:professional:*:*:*:*:*", "matchCriteriaId": "994ABCE2-3B9E-4E4E-83F7-CE2A79C70F64", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "100A2456-BF20-4461-8DC9-C61889322B29", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:10:*:*:*:*:*:*:*", "matchCriteriaId": "1C7D4F57-E186-497A-B390-92E5D2C7E894", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*", "matchCriteriaId": "CEC3F6F3-9A6E-4A98-A967-6776C872475C", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_hosting_edition:*:*:*:*:*:*:*", "matchCriteriaId": "FC3218DD-A565-4AB8-86FE-E7F59AC0535F", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_workgroup_edition:*:*:*:*:*:*:*", "matchCriteriaId": "97AEDB57-202F-4B53-8815-21836F177060", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_home:*:*:*:*:*:*:*:*", "matchCriteriaId": "065FF0F1-7FAC-4584-92EA-EAA87DC76FA1", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_multimedia:*:*:*:*:*:*:*:*", "matchCriteriaId": "E27180A1-9767-4CD3-978C-7538155B162D", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_personal:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAAA9376-A060-49AE-86A7-6B28E26ED5D9", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "B484D091-62DE-4EF2-AC54-26896CA8B315", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0_x86:*:*:*:*:*:*:*", "matchCriteriaId": "EC5AC26E-3F3F-4D14-BE65-82B4432AB382", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*", "matchCriteriaId": "3BD12488-1ED8-4751-ABF5-3578D54750A8", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*", "matchCriteriaId": "AE3733CF-4C88-443C-9B90-6477C9C500D0", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*", "matchCriteriaId": "9C500A75-D75E-45B4-B582-0F0DF27C3C04", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*", "matchCriteriaId": "86FD134D-A5C5-4B08-962D-70CF07C74923", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*", "matchCriteriaId": "FA84692E-F99D-4207-B4F2-799A6ADB88AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*", "matchCriteriaId": "8B0F1091-4B76-44F5-B896-6D37E2F909A2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka \"Infinite CPU spins.\"" } ], "id": "CVE-2005-3625", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-12-31T05:00:00.000", "references": [ { "source": "secalert@redhat.com", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "source": "secalert@redhat.com", "tags": [ "Exploit" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18147" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18303" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18312" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18313" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18329" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18332" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18334" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18335" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18338" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18349" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18373" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18375" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18380" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18385" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18387" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18389" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18398" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18407" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18414" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18416" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18423" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18425" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18428" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18436" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18448" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18463" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18517" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18534" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18554" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18582" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18642" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18644" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18674" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18675" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18679" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18908" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18913" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19230" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19377" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/25729" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-931" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-932" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-937" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-938" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-940" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-962" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "source": "secalert@redhat.com", "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/16143" }, { "source": "secalert@redhat.com", "url": "http://www.trustix.org/errata/2006/0002/" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575" }, { "source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/236-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18147" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18303" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18312" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18313" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18329" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18332" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18334" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18335" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18338" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18349" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18373" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18375" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18380" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18385" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18387" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18389" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18398" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18407" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18414" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18416" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18425" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18428" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18436" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18448" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18463" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18517" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18534" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18554" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18582" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18642" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18644" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18674" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18675" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18679" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18908" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18913" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19230" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19377" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25729" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-931" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-932" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-937" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-938" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-940" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-962" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/16143" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.trustix.org/errata/2006/0002/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/236-1/" } ], "sourceIdentifier": "secalert@redhat.com", "vendorComments": [ { "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", "lastModified": "2007-03-14T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }