Lucene search

K

[email protected]CVE-2005-3628

HistoryDec 31, 2005 - 5:00 a.m.

CVE-2005-3628

2005-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

35

cve-2005-3628

buffer overflow

xpdf

gpdf

kpdf

pdftohtml

poppler

tetex

cups

libextractor

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.021 Low

EPSS

Percentile

89.1%

Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via unknown attack vectors.

CPENameOperatorVersion
xpdf:xpdfxpdfeq*

References

ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U

lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html

secunia.com/advisories/18147

secunia.com/advisories/18380

secunia.com/advisories/18385

secunia.com/advisories/18387

secunia.com/advisories/18389

secunia.com/advisories/18398

secunia.com/advisories/18407

secunia.com/advisories/18416

secunia.com/advisories/18428

secunia.com/advisories/18436

secunia.com/advisories/18534

secunia.com/advisories/18582

secunia.com/advisories/18674

secunia.com/advisories/18675

secunia.com/advisories/18679

secunia.com/advisories/18908

secunia.com/advisories/18913

secunia.com/advisories/19230

slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683

slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747

www.debian.org/security/2005/dsa-931

www.debian.org/security/2005/dsa-932

www.debian.org/security/2005/dsa-937

www.debian.org/security/2005/dsa-938

www.debian.org/security/2005/dsa-940

www.debian.org/security/2006/dsa-936

www.debian.org/security/2006/dsa-950

www.debian.org/security/2006/dsa-961

www.debian.org/security/2006/dsa-962

www.mandriva.com/security/advisories?name=MDKSA-2006:010

www.mandriva.com/security/advisories?name=MDKSA-2006:011

www.mandriva.com/security/advisories?name=MDKSA-2006:012

www.redhat.com/support/errata/RHSA-2006-0160.html

www.securityfocus.com/archive/1/427053/100/0/threaded

www.securityfocus.com/archive/1/427990/100/0/threaded

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10287

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.021 Low

EPSS

Percentile

89.1%

Related for CVE-2005-3628

debiancve2 ubuntucve2 redhat5 centos8 nessus26 prion1 cve1 openvas22 debian18 osv3 gentoo1 suse1 securityvulns1 slackware2