Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2005-3624HistoryDec 31, 2005 - 5:00 a.m.
CVE-2005-3624
2005-12-3105:00:00
Debian Security Bug Tracker
security-tracker.debian.org
14
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.013 Low
EPSS
Percentile
85.6%
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | cups | < 1.1.22-7 | cups_1.1.22-7_all.deb |
| Debian | 11 | all | cups | < 1.1.22-7 | cups_1.1.22-7_all.deb |
| Debian | 10 | all | cups | < 1.1.22-7 | cups_1.1.22-7_all.deb |
| Debian | 999 | all | cups | < 1.1.22-7 | cups_1.1.22-7_all.deb |
| Debian | 13 | all | cups | < 1.1.22-7 | cups_1.1.22-7_all.deb |
| Debian | 12 | all | libextractor | < 0.5.9-1 | libextractor_0.5.9-1_all.deb |
| Debian | 11 | all | libextractor | < 0.5.9-1 | libextractor_0.5.9-1_all.deb |
| Debian | 10 | all | libextractor | < 0.5.9-1 | libextractor_0.5.9-1_all.deb |
| Debian | 999 | all | libextractor | < 0.5.9-1 | libextractor_0.5.9-1_all.deb |
| Debian | 13 | all | libextractor | < 0.5.9-1 | libextractor_0.5.9-1_all.deb |
Related
cve
cve
CVE-2005-3624
2005-12-31 05:00:00
CVE-2006-1244
2006-03-15 19:06:00
ubuntucve
ubuntucve
CVE-2005-3624
2005-12-31 00:00:00
CVE-2006-1244
2006-03-15 00:00:00
nessus
nessus
RHEL 4 : gpdf (RHSA-2006:0177)
2006-01-15 00:00:00
Fedora Core 4 : poppler-0.4.4-1.1 (2006-026)
2006-01-15 00:00:00
Fedora Core 3 : tetex-2.0.2-21.7.FC3 (2006-029)
2006-01-15 00:00:00
redhat
redhat
(RHSA-2006:0177) gpdf security update
2006-01-11 00:00:00
(RHSA-2006:0163) cups security update
2006-01-11 00:00:00
(RHSA-2005:868) kdegraphics security update
2005-12-20 00:00:00
prion
prion
Design/Logic Flaw
2006-03-15 19:06:00
openvas
openvas
Gentoo Security Advisory GLSA 200601-17 (xpdf poppler gpdf libextractor pdftohtml)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200601-17 (xpdf poppler gpdf libextractor pdftohtml)
2008-09-24 00:00:00
Debian: Security Advisory (DSA-938-1)
2008-01-17 00:00:00
ubuntu
ubuntu
xpdf vulnerabilities in kword, kpdf
2006-01-09 00:00:00
xpdf vulnerabilities
2006-01-06 00:00:00
securityvulns
securityvulns
MDKSA-2006:005 - Updated xpdf packages fix several vulnerabilities
2006-01-07 00:00:00
debiancve
debiancve
CVE-2006-1244
2006-03-15 19:06:00
centos
centos
gpdf security update
2006-01-12 05:08:16
cups security update
2006-01-11 22:26:57
kdegraphics security update
2005-12-21 02:55:30
gentoo
gentoo
Xpdf, Poppler, GPdf, libextractor, pdftohtml: Heap overflows
2006-01-30 00:00:00
KPdf, KWord: Multiple overflows in included Xpdf code
2006-01-04 00:00:00
osv
osv
pdftohtml - buffer overflows
2006-02-01 00:00:00
xpdf - buffer overflows
2006-01-09 00:00:00
kdegraphics - buffer overflows
2006-01-09 00:00:00
debian
debian
[SECURITY] [DSA 937-1] New tetex-bin packages fix arbitrary code execution
2006-01-12 11:32:22
[SECURITY] [DSA 940-1] New gpdf packages fix arbitrary code execution
2006-01-13 09:12:45
[SECURITY] [DSA 937-1] New tetex-bin packages fix arbitrary code execution
2006-01-12 11:32:22
suse
suse
remote code execution in xpdf,kpdf,gpdf,kword
2006-01-11 12:03:37
slackware
slackware
[slackware-security] xpdf
2006-02-15 00:28:51
[slackware-security] kdegraphics
2006-02-15 00:27:14
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.013 Low
EPSS
Percentile
85.6%
Related for DEBIANCVE:CVE-2005-3624