Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.1
CVSSv2

CVE-2005-3191

Published: 07/12/2005 Updated: 19/10/2018
CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9
VMScore: 454
Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Subscribe to Xpdf

Vulnerability Summary

Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and previous versions, as used in products such as (a) Poppler, (b) teTeX, (c) KDE kpdf, (d) pdftohtml, (e) KOffice KWord, (f) CUPS, and (g) libextractor allow user-assisted malicious users to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with an out-of-range number of components (numComps), which is used as an array index.

Vulnerable Product Search on Vulmon Subscribe to Product

xpdf xpdf 1.0

xpdf xpdf 1.0a

xpdf xpdf 3.0_pl2

xpdf xpdf 3.0_pl3

xpdf xpdf 0.92

xpdf xpdf 0.93

xpdf xpdf 3.0

xpdf xpdf 3.0.1

xpdf xpdf 1.1

xpdf xpdf 2.0

xpdf xpdf 0.90

xpdf xpdf 0.91

xpdf xpdf 2.1

xpdf xpdf 2.2

xpdf xpdf 2.3

Vendor Advisories

Debian CVElist Bug Report Logs: gpdf: source taken from xpdf may introduce heap-overflow vulnerabilities
Debian Bug report logs - #342286 gpdf: source taken from xpdf may introduce heap-overflow vulnerabilities Package: gpdf; Maintainer for gpdf is (unknown); Reported by: Paul Szabo <psz@mathsusydeduau> Date: Tue, 6 Dec 2005 19:48:06 UTC Severity: grave Fixed in version gpdf/2100-2 Done: Filip Van Raemdonck <mecha ...
Ubuntu Security Notice: xpdf/cupsys/tetex-bin/kdegraphics/koffice vulnerabilities
infamous41md discovered several integer overflows in the XPDF code, which is present in xpdf, the Poppler library, tetex-bin, KOffice, and kpdf By tricking an user into opening a specially crafted PDF file, an attacker could exploit this to execute arbitrary code with the privileges of the application that processes the document ...
Red Hat: tetex security update
Synopsis tetex security update Type/Severity Security Advisory: Moderate Topic Updated tetex packages that fix several integer overflows are now availableThis update has been rated as having moderate security impact by the RedHat Security Response Team Description TeTeX is an implementati ...
Red Hat: xpdf security update
Synopsis xpdf security update Type/Severity Security Advisory: Important Topic An updated xpdf package that fixes several security issues is now availableThis update has been rated as having important security impact by the RedHat Security Response Team[Updated 20 Dec 2005]The initial fix for these issues ...
Red Hat: gpdf security update
Synopsis gpdf security update Type/Severity Security Advisory: Important Topic An updated gpdf package that fixes several security issues is now availablefor Red Hat Enterprise Linux 4This update has been rated as having important security impact by the RedHat Security Response Team Description ...
Red Hat: kdegraphics security update
Synopsis kdegraphics security update Type/Severity Security Advisory: Important Topic Updated kdegraphics packages that resolve several security issues in kpdfare now availableThis update has been rated as having important security impact by the RedHat Security Response Team Description T ...
Red Hat: cups security update
Synopsis cups security update Type/Severity Security Advisory: Important Topic Updated CUPS packages that fix multiple security issues are now availablefor Red Hat Enterprise LinuxThis update has been rated as having important security impact by the RedHat Security Response Team Description ...
Debian Security Advisories: DSA-940-1 gpdf -- buffer overflows
"infamous41md" and Chris Evans discovered several heap based buffer overflows in xpdf, the Portable Document Format (PDF) suite, which is also present in gpdf, the GNOME version of the Portable Document Format viewer, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code The old stable ...
Debian Security Advisories: DSA-931-1 xpdf -- buffer overflows
"infamous41md" and Chris Evans discovered several heap based buffer overflows in xpdf, the Portable Document Format (PDF) suite, that can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code For the old stable distribution (woody) these problems have been fixed in version 100-38 For the stable d ...
Debian Security Advisories: DSA-962-1 pdftohtml -- buffer overflows
"infamous41md" and Chris Evans discovered several heap based buffer overflows in xpdf which are also present in pdftohtml, a utility that translates PDF documents into HTML format, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code The old stable distribution (woody) does not contai ...
Debian Security Advisories: DSA-961-1 pdfkit.framework -- buffer overflows
"infamous41md" and Chris Evans discovered several heap based buffer overflows in xpdf which are also present in pdfkitframework, the GNUstep framework for rendering PDF content, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code The old stable distribution (woody) does not contain ...
Debian Security Advisories: DSA-950-1 cupsys -- buffer overflows
"infamous41md" and Chris Evans discovered several heap based buffer overflows in xpdf which are also present in CUPS, the Common UNIX Printing System, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code For the old stable distribution (woody) these problems have been fixed in version ...
Debian Security Advisories: DSA-938-1 koffice -- buffer overflows
"infamous41md" and chris Evans discovered several heap based buffer overflows in xpdf, the Portable Document Format (PDF) suite, which is also present in koffice, the KDE Office Suite, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code The old stable distribution (woody) does not co ...

References

CWE-119http://www.idefense.com/application/poi/display?id=343&type=vulnerabilitieshttp://www.idefense.com/application/poi/display?id=342&type=vulnerabilitieshttp://www.redhat.com/support/errata/RHSA-2005-840.htmlhttp://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289http://www.securityfocus.com/bid/15726http://www.securityfocus.com/bid/15727http://securitytracker.com/id?1015309http://securitytracker.com/id?1015324http://secunia.com/advisories/17912http://secunia.com/advisories/17916http://secunia.com/advisories/17920http://secunia.com/advisories/17921http://secunia.com/advisories/17929http://secunia.com/advisories/17940http://www.kde.org/info/security/advisory-20051207-1.txthttp://www.ubuntulinux.org/usn/usn-227-1http://secunia.com/advisories/17908http://secunia.com/advisories/17976http://secunia.com/advisories/18009http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.htmlhttp://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.htmlhttp://www.gentoo.org/security/en/glsa/glsa-200512-08.xmlhttp://secunia.com/advisories/18055http://secunia.com/advisories/18061http://www.redhat.com/support/errata/RHSA-2005-867.htmlhttp://www.redhat.com/support/errata/RHSA-2005-878.htmlhttp://secunia.com/advisories/17897http://secunia.com/advisories/17926http://rhn.redhat.com/errata/RHSA-2005-868.htmlhttp://secunia.com/advisories/18191http://secunia.com/advisories/18192http://secunia.com/advisories/18189http://www.kde.org/info/security/advisory-20051207-2.txthttp://www.gentoo.org/security/en/glsa/glsa-200601-02.xmlhttp://www.trustix.org/errata/2005/0072/http://secunia.com/advisories/18313http://secunia.com/advisories/18336http://www.debian.org/security/2005/dsa-931http://www.debian.org/security/2005/dsa-932http://www.debian.org/security/2005/dsa-937http://www.debian.org/security/2005/dsa-938http://www.debian.org/security/2005/dsa-940http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.htmlhttp://secunia.com/advisories/18387http://secunia.com/advisories/18416http://secunia.com/advisories/18349http://secunia.com/advisories/18385http://secunia.com/advisories/18389http://secunia.com/advisories/18448http://www.debian.org/security/2006/dsa-936http://www.debian.org/security/2006/dsa-950http://www.redhat.com/support/errata/RHSA-2006-0160.htmlhttp://www.novell.com/linux/security/advisories/2006_02_sr.htmlhttp://secunia.com/advisories/18398http://secunia.com/advisories/18407http://secunia.com/advisories/18534http://secunia.com/advisories/18549http://secunia.com/advisories/18582ftp://patches.sgi.com/support/free/security/advisories/20051201-01-Uftp://patches.sgi.com/support/free/security/advisories/20060101-01-Uhttp://secunia.com/advisories/18303http://secunia.com/advisories/18517http://secunia.com/advisories/18554http://www.debian.org/security/2006/dsa-961http://www.debian.org/security/2006/dsa-962http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.htmlhttp://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.htmlhttp://secunia.com/advisories/17955http://secunia.com/advisories/18674http://secunia.com/advisories/18675http://secunia.com/advisories/18679http://secunia.com/advisories/18908http://secunia.com/advisories/18913ftp://patches.sgi.com/support/free/security/advisories/20060201-01-Uhttp://secunia.com/advisories/19230ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txthttp://secunia.com/advisories/19377http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683http://secunia.com/advisories/18503http://secunia.com/advisories/18147http://secunia.com/advisories/18380http://secunia.com/advisories/18428http://secunia.com/advisories/18436http://www.novell.com/linux/security/advisories/2005_29_sr.htmlftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txtftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txthttp://secunia.com/advisories/19797http://secunia.com/advisories/19798https://issues.rpath.com/browse/RPL-1609http://www.mandriva.com/security/advisories?name=MDKSA-2006:003http://www.mandriva.com/security/advisories?name=MDKSA-2006:004http://www.mandriva.com/security/advisories?name=MDKSA-2006:005http://www.mandriva.com/security/advisories?name=MDKSA-2006:006http://www.mandriva.com/security/advisories?name=MDKSA-2006:008http://www.mandriva.com/security/advisories?name=MDKSA-2006:012http://www.mandriva.com/security/advisories?name=MDKSA-2006:011http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1http://secunia.com/advisories/25729http://secunia.com/advisories/26413http://securityreason.com/securityalert/233http://securityreason.com/securityalert/234http://www.vupen.com/english/advisories/2005/2790http://www.vupen.com/english/advisories/2005/2786http://www.vupen.com/english/advisories/2005/2787http://www.vupen.com/english/advisories/2007/2280http://www.vupen.com/english/advisories/2005/2788http://www.vupen.com/english/advisories/2005/2789http://www.vupen.com/english/advisories/2005/2856http://www.mandriva.com/security/advisories?name=MDKSA-2006:010https://exchange.xforce.ibmcloud.com/vulnerabilities/23444https://exchange.xforce.ibmcloud.com/vulnerabilities/23443https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9760http://www.securityfocus.com/archive/1/427990/100/0/threadedhttp://www.securityfocus.com/archive/1/427053/100/0/threadedhttp://www.securityfocus.com/archive/1/418883/100/0/threadedhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342286https://usn.ubuntu.com/227-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook