Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2005-3192HistoryDec 08, 2005 - 1:03 a.m.
CVE-2005-3192
2005-12-0801:03:00
Debian Security Bug Tracker
security-tracker.debian.org
11
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.184 Low
EPSS
Percentile
96.2%
Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitrary code via a PDF file with an out-of-range numComps (number of components) field.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | cups | < 1.1.23-13 | cups_1.1.23-13_all.deb |
| Debian | 11 | all | cups | < 1.1.23-13 | cups_1.1.23-13_all.deb |
| Debian | 10 | all | cups | < 1.1.23-13 | cups_1.1.23-13_all.deb |
| Debian | 999 | all | cups | < 1.1.23-13 | cups_1.1.23-13_all.deb |
| Debian | 13 | all | cups | < 1.1.23-13 | cups_1.1.23-13_all.deb |
| Debian | 12 | all | libextractor | < 0.5.8-1 | libextractor_0.5.8-1_all.deb |
| Debian | 11 | all | libextractor | < 0.5.8-1 | libextractor_0.5.8-1_all.deb |
| Debian | 10 | all | libextractor | < 0.5.8-1 | libextractor_0.5.8-1_all.deb |
| Debian | 999 | all | libextractor | < 0.5.8-1 | libextractor_0.5.8-1_all.deb |
| Debian | 13 | all | libextractor | < 0.5.8-1 | libextractor_0.5.8-1_all.deb |
Related
cve
cve
CVE-2005-3192
2005-12-08 01:03:00
ubuntucve
ubuntucve
CVE-2005-3192
2005-12-08 00:00:00
securityvulns
securityvulns
openvas
openvas
SLES9: Security update for cups
2009-10-10 00:00:00
SLES9: Security update for cups
2009-10-10 00:00:00
Gentoo Security Advisory GLSA 200512-08 (xpdf, gpdf, poppler, cups)
2008-09-24 00:00:00
nessus
nessus
Fedora Core 3 : cups-1.1.22-0.rc1.8.8 (2005-1141)
2005-12-15 00:00:00
Fedora Core 3 : tetex-2.0.2-21.5 (2005-1127)
2005-12-08 00:00:00
Fedora Core 4 : tetex-3.0-7.FC4 (2005-1126)
2005-12-08 00:00:00
gentoo
gentoo
Xpdf, GPdf, CUPS, Poppler: Multiple vulnerabilities
2005-12-16 00:00:00
KPdf, KWord: Multiple overflows in included Xpdf code
2006-01-04 00:00:00
osv
osv
koffice - several
2006-03-24 00:00:00
pdftohtml - buffer overflows
2006-02-01 00:00:00
xpdf - buffer overflows
2006-01-09 00:00:00
ubuntu
ubuntu
xpdf vulnerabilities
2005-12-12 00:00:00
redhat
redhat
(RHSA-2005:867) gpdf security update
2005-12-20 00:00:00
(RHSA-2005:878) cups security update
2005-12-20 00:00:00
(RHSA-2005:840) xpdf security update
2005-12-06 00:00:00
centos
centos
gpdf security update
2005-12-21 02:51:50
cups security update
2005-12-20 23:29:16
tetex security update
2006-01-19 21:19:14
debian
debian
[SECURITY] [DSA 937-1] New tetex-bin packages fix arbitrary code execution
2006-01-12 11:32:22
[SECURITY] [DSA 940-1] New gpdf packages fix arbitrary code execution
2006-01-13 09:12:45
[SECURITY] [DSA 937-1] New tetex-bin packages fix arbitrary code execution
2006-01-12 11:32:22
suse
suse
remote code execution in xpdf,kpdf,gpdf,kword
2006-01-11 12:03:37
slackware
slackware
[slackware-security] xpdf
2006-02-15 00:28:51
[slackware-security] kdegraphics
2006-02-15 00:27:14
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.184 Low
EPSS
Percentile
96.2%
Related for DEBIANCVE:CVE-2005-3192