CVE-2005-0206

2005-04-2704:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-0206

xpdf

integer overflow

patch

vulnerability

64-bit

linux

red hat

6.7 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

79.4%

JSON

The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.

CPENameOperatorVersion
pdftohtml:pdftohtmlpdftohtmleq0.32a
easy_software_products:cupseasy software products cupseq1.1.19_rc5
xpdf:xpdfxpdfeq2.0
easy_software_products:cupseasy software products cupseq1.1.10
easy_software_products:cupseasy software products cupseq1.1.16
xpdf:xpdfxpdfeq1.0
kde:kofficekde kofficeeq1.3_beta2
sgi:propacksgi propackeq3.0
easy_software_products:cupseasy software products cupseq1.1.7
pdftohtml:pdftohtmlpdftohtmleq0.35

CPE	Name	Operator	Version
pdftohtml:pdftohtml	pdftohtml	eq	0.32a
easy_software_products:cups	easy software products cups	eq	1.1.19_rc5
xpdf:xpdf	xpdf	eq	2.0
easy_software_products:cups	easy software products cups	eq	1.1.10
easy_software_products:cups	easy software products cups	eq	1.1.16
xpdf:xpdf	xpdf	eq	1.0
kde:koffice	kde koffice	eq	1.3_beta2
sgi:propack	sgi propack	eq	3.0
easy_software_products:cups	easy software products cups	eq	1.1.7
pdftohtml:pdftohtml	pdftohtml	eq	0.35