7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.02 Low
EPSS
Percentile
87.4%
The xpdf package is an X Window System-based viewer for Portable Document
Format (PDF) files.
A heap based buffer overflow bug was discovered in Xpdf. An attacker could
construct a carefully crafted PDF file that could cause Xpdf to crash or
possibly execute arbitrary code when opened. The Common Vulnerabilities and
Exposures project assigned the name CVE-2006-0301 to this issue.
Users of Xpdf should upgrade to this updated package, which contains a
backported patch to resolve these issues.
Red Hat would like to thank Dirk Mueller for reporting this issue and
providing a patch.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | ia64 | xpdf | < 3.00-11.12 | xpdf-3.00-11.12.ia64.rpm |
RedHat | any | i386 | xpdf | < 3.00-11.12 | xpdf-3.00-11.12.i386.rpm |
RedHat | any | ppc | xpdf | < 3.00-11.12 | xpdf-3.00-11.12.ppc.rpm |
RedHat | any | src | xpdf | < 3.00-11.12 | xpdf-3.00-11.12.src.rpm |
RedHat | any | s390x | xpdf | < 3.00-11.12 | xpdf-3.00-11.12.s390x.rpm |
RedHat | any | x86_64 | xpdf | < 3.00-11.12 | xpdf-3.00-11.12.x86_64.rpm |
RedHat | any | s390 | xpdf | < 3.00-11.12 | xpdf-3.00-11.12.s390.rpm |