Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows malicious users to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
kde kdegraphics 3.2 |
||
kde kdegraphics 3.4.3 |
||
easy software products cups 1.1.22 |
||
easy software products cups 1.1.22_rc1 |
||
kde kpdf 3.2 |
||
kde kpdf 3.4.3 |
||
tetex tetex 2.0.2 |
||
tetex tetex 3.0 |
||
kde koffice 1.4 |
||
sgi propack 3.0 |
||
tetex tetex 1.0.7 |
||
libextractor libextractor |
||
kde koffice 1.4.1 |
||
kde koffice 1.4.2 |
||
tetex tetex 2.0 |
||
tetex tetex 2.0.1 |
||
easy software products cups 1.1.23 |
||
easy software products cups 1.1.23_rc1 |
||
kde kword 1.4.2 |
||
poppler poppler 0.4.2 |
||
xpdf xpdf 3.0 |
||
conectiva linux 10.0 |
||
debian debian linux 3.0 |
||
debian debian linux 3.1 |
||
mandrakesoft mandrake linux 10.1 |
||
mandrakesoft mandrake linux 10.2 |
||
redhat enterprise linux 2.1 |
||
redhat enterprise linux 3.0 |
||
redhat enterprise linux 4.0 |
||
redhat fedora core core_3.0 |
||
redhat fedora core core_4.0 |
||
redhat linux 7.3 |
||
slackware slackware linux 10.1 |
||
mandrakesoft mandrake linux corporate server 2.1 |
||
redhat enterprise linux desktop 3.0 |
||
redhat enterprise linux desktop 4.0 |
||
redhat linux advanced workstation 2.1 |
||
sco openserver 5.0.7 |
||
suse suse linux 1.0 |
||
suse suse linux 10.0 |
||
suse suse linux 9.1 |
||
trustix secure linux 2.0 |
||
trustix secure linux 2.2 |
||
turbolinux turbolinux home |
||
turbolinux turbolinux multimedia |
||
ubuntu ubuntu linux 4.1 |
||
ubuntu ubuntu linux 5.04 |
||
gentoo linux |
||
mandrakesoft mandrake linux corporate server 3.0 |
||
redhat fedora core core_1.0 |
||
redhat fedora core core_2.0 |
||
sco openserver 6.0 |
||
slackware slackware linux 10.0 |
||
suse suse linux 9.0 |
||
suse suse linux 9.2 |
||
trustix secure linux 3.0 |
||
turbolinux turbolinux 10 |
||
turbolinux turbolinux personal |
||
turbolinux turbolinux server 10.0 |
||
ubuntu ubuntu linux 5.10 |
||
slackware slackware linux 10.2 |
||
suse suse linux 9.3 |
||
turbolinux turbolinux fuji |
||
turbolinux turbolinux appliance server 1.0_hosting_edition |
||
turbolinux turbolinux server 10.0_x86 |
||
turbolinux turbolinux server 8.0 |
||
mandrakesoft mandrake linux 2006 |
||
redhat linux 9.0 |
||
slackware slackware linux 9.0 |
||
slackware slackware linux 9.1 |
||
turbolinux turbolinux appliance server 1.0_workgroup_edition |
||
turbolinux turbolinux desktop 10.0 |
||
turbolinux turbolinux workstation 8.0 |
Vulmon