9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.062 Low
EPSS
Percentile
93.5%
Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and
other products that share code such as tetex-bin and kpdf in KDE 3.2.x to
3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of
service (application crash) and possibly execute arbitrary code via a
crafted PDF file that causes the boundaries of a maskColors array to be
exceeded.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 6.06 | noarch | cupsys | < 1.2.0-0ubuntu5 | UNKNOWN |
ubuntu | 6.10 | noarch | cupsys | < 1.2.0-0ubuntu5 | UNKNOWN |
ubuntu | 7.04 | noarch | cupsys | < 1.2.0-0ubuntu5 | UNKNOWN |
ubuntu | 6.06 | noarch | gpdf | < 2.10.0-2 | UNKNOWN |
ubuntu | 6.10 | noarch | gpdf | < 2.10.0-2 | UNKNOWN |
ubuntu | 6.06 | noarch | kdegraphics | < 3.5.2-0ubuntu6 | UNKNOWN |
ubuntu | 6.10 | noarch | kdegraphics | < 3.5.2-0ubuntu6 | UNKNOWN |
ubuntu | 7.04 | noarch | kdegraphics | < 3.5.2-0ubuntu6 | UNKNOWN |
ubuntu | 6.06 | noarch | koffice | < 1.5.0-0ubuntu9.2 | UNKNOWN |
ubuntu | 6.10 | noarch | koffice | < 1.5.2-0ubuntu2.2 | UNKNOWN |