Multiple Product Xpdf/kpdf StreamPredictor Function numComps Field Overflow DoS

2005-12-05T06:19:13
ID OSVDB:21462
Type osvdb
Reporter OSVDB
Modified 2005-12-05T06:19:13

Description

Solution Description

Upgrade to version 3.01pl1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Vendor URL: http://www.foolabs.com/xpdf/ Vendor URL: http://poppler.freedesktop.org/ Vendor Specific News/Changelog Entry: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342287 Vendor Specific News/Changelog Entry: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342292 Vendor Specific News/Changelog Entry: https://gnunet.org/svn/Extractor/ChangeLog Vendor Specific News/Changelog Entry: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342294 Vendor Specific News/Changelog Entry: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289 Vendor Specific News/Changelog Entry: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342281 Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Security Tracker: 1015309 Security Tracker: 1015324 Secunia Advisory ID:17908 Secunia Advisory ID:18061 Secunia Advisory ID:18055 Secunia Advisory ID:17976 Secunia Advisory ID:18147 Secunia Advisory ID:18582 Secunia Advisory ID:18675 Secunia Advisory ID:18908 Secunia Advisory ID:17912 Secunia Advisory ID:17920 Secunia Advisory ID:17916 Secunia Advisory ID:17959 Secunia Advisory ID:18336 Secunia Advisory ID:18398 Secunia Advisory ID:18380 Secunia Advisory ID:18407 Secunia Advisory ID:18534 Secunia Advisory ID:18549 Secunia Advisory ID:18674 Secunia Advisory ID:19230 Secunia Advisory ID:17921 Secunia Advisory ID:17956 Secunia Advisory ID:18192 Secunia Advisory ID:18189 Secunia Advisory ID:18313 Secunia Advisory ID:18349 Secunia Advisory ID:18428 Secunia Advisory ID:18448 Secunia Advisory ID:18517 Secunia Advisory ID:18554 Secunia Advisory ID:18679 Secunia Advisory ID:18913 Secunia Advisory ID:19798 Secunia Advisory ID:19797 Secunia Advisory ID:25729 Secunia Advisory ID:17897 Secunia Advisory ID:17929 Secunia Advisory ID:17940 Secunia Advisory ID:18009 Secunia Advisory ID:18191 Secunia Advisory ID:18389 Secunia Advisory ID:18385 Secunia Advisory ID:18416 Secunia Advisory ID:18387 Secunia Advisory ID:18436 Secunia Advisory ID:18503 Secunia Advisory ID:26413 Related OSVDB ID: 21463 RedHat RHSA: RHSA-2005:840 RedHat RHSA: RHSA-2005:867 RedHat RHSA: RHSA-2005:868 RedHat RHSA: RHSA-2006:0160 RedHat RHSA: RHSA-2005:878 Other Advisory URL: http://www.debian.org/security/2006/dsa-940 Other Advisory URL: http://www.debian.org/security/2006/dsa-938 Other Advisory URL: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 Other Advisory URL: http://www.idefense.com/application/poi/display?id=342&type=vulnerabilities Other Advisory URL: http://www.idefense.com/application/poi/display?id=343&type=vulnerabilities Other Advisory URL: http://www.ubuntulinux.org/usn/usn-227-1/ Other Advisory URL: http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:005 Other Advisory URL: http://www.novell.com/linux/security/advisories/2006_01_sr.html Other Advisory URL: http://www.debian.org/security/2006/dsa-950 Other Advisory URL: http://www.debian.org/security/2006/dsa-961 Other Advisory URL: http://lists.rpath.com/pipermail/security-announce/2007-August/000221.html Other Advisory URL: http://www.trustix.org/errata/2005/0072/ Other Advisory URL: http://www.debian.org/security/2006/dsa-937 Other Advisory URL: http://www.novell.com/linux/security/advisories/2006_02_sr.html Other Advisory URL: http://www.idefense.com/application/poi/display?id=344&type=vulnerabilities Other Advisory URL: http://security.gentoo.org/glsa/glsa-200512-08.xml Other Advisory URL: ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-12/0221.html Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-12/0224.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-12/0075.html Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-12/0225.html CVE-2005-3191 CVE-2005-3192