Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistRedhatCVELIST:CVE-2005-3627
HistoryJan 06, 2006 - 10:00 p.m.

CVE-2005-3627

2006-01-0622:00:00
redhat
www.cve.org

8.9 High

AI Score

Confidence

High

0.036 Low

EPSS

Percentile

91.7%

JSON

Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via a DCTDecode stream with (1) a large “number of components” value that is not checked by DCTStream::readBaselineSOF or DCTStream::readProgressiveSOF, (2) a large “Huffman table index” value that is not checked by DCTStream::readHuffmanTables, and (3) certain uses of the scanInfo.numComps value by DCTStream::readScanInfo.

References

Related

nvd 2
cve 2
ubuntucve 2
debiancve 1
redhat 6
talos 2
debian 20
cvelist 1
nessus 43
centos 9
openvas 28
seebug 1
osv 4
prion 1
securityvulns 4
talosblog 1
gentoo 2
ubuntu 2
suse 1
slackware 2
nvd
nvd
CVE-2005-3627
2005-12-31 05:00:00
CVE-2006-0746
2006-03-09 00:02:00
cve
cve
CVE-2005-3627
2006-01-06 22:00:00
CVE-2006-0746
2006-03-09 00:02:00
ubuntucve
ubuntucve
CVE-2005-3627
2005-12-31 00:00:00
CVE-2006-0746
2006-03-09 00:00:00
debiancve
debiancve
CVE-2005-3627
2006-01-06 22:00:00
redhat
redhat
(RHSA-2006:0262) kdegraphics security update
2006-03-09 00:00:00
(RHSA-2006:0177) gpdf security update
2006-01-11 00:00:00
(RHSA-2006:0163) cups security update
2006-01-11 00:00:00
talos
talos
Poppler PDF Image Display DCTStream::readProgressiveSOF() Code Execution Vulnerability
2017-07-07 00:00:00
Poppler PDF Image Display DCTStream::readProgressiveSOF() Code Execution Vulnerability
2017-07-07 00:00:00
debian
debian
[SECURITY] [DSA 1008-1] New kpdf packages fix arbitrary code execution
2006-03-17 14:13:56
[SECURITY] [DSA 1008-1] New kpdf packages fix arbitrary code execution
2006-03-17 14:13:56
[SECURITY] [DSA 940-1] New gpdf packages fix arbitrary code execution
2006-01-13 09:12:45
cvelist
cvelist
CVE-2006-0746
2006-03-09 00:00:00
nessus
nessus
RHEL 4 : kdegraphics (RHSA-2006:0262)
2006-03-10 00:00:00
CentOS 4 : kdegraphics (CESA-2006:0262)
2006-07-05 00:00:00
Debian DSA-1008-1 : kdegraphics - buffer overflow
2006-10-14 00:00:00
centos
centos
kdegraphics security update
2006-03-09 22:05:31
gpdf security update
2006-01-12 05:08:16
cups security update
2006-01-11 22:26:57
openvas
openvas
Debian Security Advisory DSA 1008-1 (kdegraphics)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-1008-1)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200601-17 (xpdf poppler gpdf libextractor pdftohtml)
2008-09-24 00:00:00
seebug
seebug
Poppler PDF Image Display DCTStream::readProgressiveSOF() Code Execution Vulnerability(CVE-2017-2818)
2017-09-14 00:00:00
osv
osv
kpdf - buffer overflow
2006-03-17 00:00:00
pdftohtml - buffer overflows
2006-02-01 00:00:00
kdegraphics - buffer overflows
2006-01-09 00:00:00
prion
prion
Code injection
2006-03-09 00:02:00
securityvulns
securityvulns
[KDE Security Advisory] kpdf of KDE 3.3.x heap based buffer overflow
2006-03-10 00:00:00
[ GLSA 200601-17 ] Xpdf, Poppler, GPdf, libextractor, pdftohtml: Heap overflows
2006-02-01 00:00:00
MDKSA-2006:005 - Updated xpdf packages fix several vulnerabilities
2006-01-07 00:00:00
talosblog
talosblog
Vulnerability Spotlight: TALOS-2017-0311,0319,0321 - Multiple Remote Code Execution Vulnerability in Poppler PDF library
2017-07-07 08:27:00
gentoo
gentoo
Xpdf, Poppler, GPdf, libextractor, pdftohtml: Heap overflows
2006-01-30 00:00:00
KPdf, KWord: Multiple overflows in included Xpdf code
2006-01-04 00:00:00
ubuntu
ubuntu
xpdf vulnerabilities in kword, kpdf
2006-01-09 00:00:00
xpdf vulnerabilities
2006-01-06 00:00:00
suse
suse
remote code execution in xpdf,kpdf,gpdf,kword
2006-01-11 12:03:37
slackware
slackware
[slackware-security] kdegraphics
2006-02-15 00:27:14
[slackware-security] xpdf
2006-02-15 00:28:51

8.9 High

AI Score

Confidence

High

0.036 Low

EPSS

Percentile

91.7%

JSON
Related for CVELIST:CVE-2005-3627
nvd2cve2ubuntucve2debiancve1redhat6talos2debian20cvelist1nessus43centos9openvas28seebug1osv4prion1securityvulns4talosblog1gentoo2ubuntu2suse1slackware2