Lucene search

[email protected]NVD:CVE-2006-0301

HistoryJan 30, 2006 - 10:03 p.m.

CVE-2006-0301

2006-01-3022:03:00

CWE-119

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

Low

0.02 Low

EPSS

Percentile

88.8%

JSON

Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap.

Affected configurations

NVD

Node

xpdfxpdf

References

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt

rhn.redhat.com/errata/RHSA-2006-0206.html

secunia.com/advisories/18274

secunia.com/advisories/18677

secunia.com/advisories/18707

secunia.com/advisories/18825

secunia.com/advisories/18826

secunia.com/advisories/18834

secunia.com/advisories/18837

secunia.com/advisories/18838

secunia.com/advisories/18839

secunia.com/advisories/18860

secunia.com/advisories/18862

secunia.com/advisories/18864

secunia.com/advisories/18875

secunia.com/advisories/18882

secunia.com/advisories/18908

secunia.com/advisories/18913

secunia.com/advisories/18983

secunia.com/advisories/19377

securityreason.com/securityalert/470

securitytracker.com/id?1015576

slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683

slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747

www.debian.org/security/2006/dsa-971

www.debian.org/security/2006/dsa-972

www.debian.org/security/2006/dsa-974

www.gentoo.org/security/en/glsa/glsa-200602-04.xml

www.gentoo.org/security/en/glsa/glsa-200602-05.xml

www.gentoo.org/security/en/glsa/glsa-200602-12.xml

www.kde.org/info/security/advisory-20060202-1.txt

www.mandriva.com/security/advisories?name=MDKSA-2006:030

www.mandriva.com/security/advisories?name=MDKSA-2006:031

www.mandriva.com/security/advisories?name=MDKSA-2006:032

www.redhat.com/archives/fedora-announce-list/2006-February/msg00039.html

www.redhat.com/support/errata/RHSA-2006-0201.html

www.securityfocus.com/archive/1/423899/100/0/threaded

www.securityfocus.com/archive/1/427990/100/0/threaded

www.ubuntu.com/usn/usn-249-1

www.vupen.com/english/advisories/2006/0389

www.vupen.com/english/advisories/2006/0422

bugzilla.novell.com/show_bug.cgi?id=141242

bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179046

exchange.xforce.ibmcloud.com/vulnerabilities/24391

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10850

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

Low

0.02 Low

EPSS

Percentile

88.8%

JSON

Related for NVD:CVE-2006-0301

debian6 ubuntucve2 osv4 altlinux1 openvas24 nessus19 gentoo3 cve2 freebsd1 centos2 debiancve2 prion2 redhat2 ubuntu1 cvelist2 oraclelinux3 nvd1 slackware2