Lucene search

[email protected]NVD:CVE-2005-0064

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-0064

2005-05-0204:00:00

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.096 Low

EPSS

Percentile

94.8%

JSON

Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value.

Affected configurations

NVD

Node

xpdfxpdfMatch0.2

xpdfxpdfMatch0.3

xpdfxpdfMatch0.4

xpdfxpdfMatch0.5

xpdfxpdfMatch0.5a

xpdfxpdfMatch0.6

xpdfxpdfMatch0.7

xpdfxpdfMatch0.7a

xpdfxpdfMatch0.80

xpdfxpdfMatch0.90

xpdfxpdfMatch0.91

xpdfxpdfMatch0.91a

xpdfxpdfMatch0.91b

xpdfxpdfMatch0.91c

xpdfxpdfMatch0.92

xpdfxpdfMatch0.92a

xpdfxpdfMatch0.92b

xpdfxpdfMatch0.92c

xpdfxpdfMatch0.92d

xpdfxpdfMatch0.92e

xpdfxpdfMatch0.93

xpdfxpdfMatch0.93a

xpdfxpdfMatch0.93b

xpdfxpdfMatch0.93c

xpdfxpdfMatch1.0

xpdfxpdfMatch1.0a

xpdfxpdfMatch1.1

xpdfxpdfMatch2.0

xpdfxpdfMatch2.1

xpdfxpdfMatch2.2

xpdfxpdfMatch2.3

xpdfxpdfMatch3.0

References

ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt

distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000921

marc.info/?l=bugtraq&m=110625368019554&w=2

secunia.com/advisories/17277

www.debian.org/security/2005/dsa-645

www.debian.org/security/2005/dsa-648

www.idefense.com/application/poi/display?id=186&type=vulnerabilities

www.mandriva.com/security/advisories?name=MDKSA-2005:016

www.mandriva.com/security/advisories?name=MDKSA-2005:017

www.mandriva.com/security/advisories?name=MDKSA-2005:018

www.mandriva.com/security/advisories?name=MDKSA-2005:019

www.mandriva.com/security/advisories?name=MDKSA-2005:020

www.mandriva.com/security/advisories?name=MDKSA-2005:021

www.redhat.com/support/errata/RHSA-2005-026.html

www.redhat.com/support/errata/RHSA-2005-034.html

www.redhat.com/support/errata/RHSA-2005-053.html

www.redhat.com/support/errata/RHSA-2005-057.html

www.redhat.com/support/errata/RHSA-2005-059.html

www.redhat.com/support/errata/RHSA-2005-066.html

www.trustix.org/errata/2005/0003/

bugzilla.fedora.us/show_bug.cgi?id=2352

bugzilla.fedora.us/show_bug.cgi?id=2353

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11781

security.gentoo.org/glsa/200501-28

security.gentoo.org/glsa/200502-10

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.096 Low

EPSS

Percentile

94.8%

JSON

Related for NVD:CVE-2005-0064

nessus23 gentoo6 openvas23 redhat7 debian4 debiancve1 ubuntu1 osv2 cve1 securityvulns3 freebsd1 fedora1 altlinux1 ubuntucve1 cvelist1 oraclelinux1 cert1