9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.062 Low
EPSS
Percentile
93.5%
An iDEFENSE Security Advisory reports:
Remote exploitation of a buffer overflow vulnerability in
the xpdf PDF viewer, as included in multiple Linux
distributions, could allow attackers to execute arbitrary
code as the user viewing a PDF file. The offending code
can be found in the Gfx::doImage() function in the source
file xpdf/Gfx.cc.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | xpdf | < 3.00_5 | UNKNOWN |
FreeBSD | any | noarch | kdegraphics | < 3.3.2_1 | UNKNOWN |
FreeBSD | any | noarch | gpdf | <= 2.8.1 | UNKNOWN |
FreeBSD | any | noarch | tetex-base | <= 2.0.2_6 | UNKNOWN |
FreeBSD | any | noarch | cups-base | <= 1.1.22.0 | UNKNOWN |
FreeBSD | any | noarch | koffice | <= 1.3.5,1 | UNKNOWN |
FreeBSD | any | noarch | pdftohtml | < 0.36_1 | UNKNOWN |