Lucene search

[email protected]NVD:CVE-2005-3628

HistoryDec 31, 2005 - 5:00 a.m.

CVE-2005-3628

2005-12-3105:00:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.3

Confidence

Low

EPSS

0.021

Percentile

89.2%

JSON

Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via unknown attack vectors.

Affected configurations

Nvd

Node

xpdfxpdf

VendorProductVersionCPE
xpdfxpdf*cpe:2.3:a:xpdf:xpdf:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
xpdf	xpdf	*	cpe:2.3:a:xpdf:xpdf::::::::

References

ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U

lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html

secunia.com/advisories/18147

secunia.com/advisories/18380

secunia.com/advisories/18385

secunia.com/advisories/18387

secunia.com/advisories/18389

secunia.com/advisories/18398

secunia.com/advisories/18407

secunia.com/advisories/18416

secunia.com/advisories/18428

secunia.com/advisories/18436

secunia.com/advisories/18534

secunia.com/advisories/18582

secunia.com/advisories/18674

secunia.com/advisories/18675

secunia.com/advisories/18679

secunia.com/advisories/18908

secunia.com/advisories/18913

secunia.com/advisories/19230

slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683

slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747

www.debian.org/security/2005/dsa-931

www.debian.org/security/2005/dsa-932

www.debian.org/security/2005/dsa-937

www.debian.org/security/2005/dsa-938

www.debian.org/security/2005/dsa-940

www.debian.org/security/2006/dsa-936

www.debian.org/security/2006/dsa-950

www.debian.org/security/2006/dsa-961

www.debian.org/security/2006/dsa-962

www.mandriva.com/security/advisories?name=MDKSA-2006:010

www.mandriva.com/security/advisories?name=MDKSA-2006:011

www.mandriva.com/security/advisories?name=MDKSA-2006:012

www.redhat.com/support/errata/RHSA-2006-0160.html

www.securityfocus.com/archive/1/427053/100/0/threaded

www.securityfocus.com/archive/1/427990/100/0/threaded

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10287

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.3

Confidence

Low

EPSS

0.021

Percentile

89.2%

JSON

Related for NVD:CVE-2005-3628

debiancve2 ubuntucve2 cvelist2 cve2 centos8 nessus26 redhat5 prion1 nvd1 openvas22 debian18 osv4 suse1 securityvulns1 gentoo1 slackware2