Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2005-3627

Published: 31/12/2005 Updated: 19/10/2018
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Xpdf

Vulnerability Summary

Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows malicious users to modify memory and possibly execute arbitrary code via a DCTDecode stream with (1) a large "number of components" value that is not checked by DCTStream::readBaselineSOF or DCTStream::readProgressiveSOF, (2) a large "Huffman table index" value that is not checked by DCTStream::readHuffmanTables, and (3) certain uses of the scanInfo.numComps value by DCTStream::readScanInfo.

Vulnerable Product Search on Vulmon Subscribe to Product

xpdf xpdf

Vendor Advisories

Debian CVElist Bug Report Logs: gpdf: source taken from xpdf may introduce heap-overflow vulnerabilities
Debian Bug report logs - #342286 gpdf: source taken from xpdf may introduce heap-overflow vulnerabilities Package: gpdf; Maintainer for gpdf is (unknown); Reported by: Paul Szabo <psz@mathsusydeduau> Date: Tue, 6 Dec 2005 19:48:06 UTC Severity: grave Fixed in version gpdf/2100-2 Done: Filip Van Raemdonck <mecha ...
Ubuntu Security Notice: kdegraphics, koffice vulnerabilities
USN-236-1 fixed several vulnerabilities in xpdf kpdf and kword contain copies of xpdf code and are thus vulnerable to the same issues ...
Ubuntu Security Notice: xpdf, poppler, cupsys, tetex-bin vulnerabilities
Chris Evans discovered several integer overflows in the XPDF code, which is present in xpdf, the Poppler library, and tetex-bin By tricking an user into opening a specially crafted PDF file, an attacker could exploit this to execute arbitrary code with the privileges of the application that processes the document ...
Red Hat: tetex security update
Synopsis tetex security update Type/Severity Security Advisory: Moderate Topic Updated tetex packages that fix several integer overflows are now availableThis update has been rated as having moderate security impact by the RedHat Security Response Team Description TeTeX is an implementati ...
Red Hat: cups security update
Synopsis cups security update Type/Severity Security Advisory: Important Topic Updated CUPS packages that fix multiple security issues are now availablefor Red Hat Enterprise LinuxThis update has been rated as having important security impact by the RedHat Security Response Team Description ...
Red Hat: gpdf security update
Synopsis gpdf security update Type/Severity Security Advisory: Important Topic An updated gpdf package that fixes several security issues is now availablefor Red Hat Enterprise Linux 4This update has been rated as having important security impact by the RedHat Security Response Team Description ...
Red Hat: xpdf security update
Synopsis xpdf security update Type/Severity Security Advisory: Important Topic An updated xpdf package that fixes several security issues is now availableThis update has been rated as having important security impact by the RedHat Security Response Team[Updated 20 Dec 2005]The initial fix for these issues ...
Red Hat: kdegraphics security update
Synopsis kdegraphics security update Type/Severity Security Advisory: Important Topic Updated kdegraphics packages that resolve several security issues in kpdfare now availableThis update has been rated as having important security impact by the RedHat Security Response Team Description T ...
Debian Security Advisories: DSA-940-1 gpdf -- buffer overflows
"infamous41md" and Chris Evans discovered several heap based buffer overflows in xpdf, the Portable Document Format (PDF) suite, which is also present in gpdf, the GNOME version of the Portable Document Format viewer, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code The old stable ...
Debian Security Advisories: DSA-931-1 xpdf -- buffer overflows
"infamous41md" and Chris Evans discovered several heap based buffer overflows in xpdf, the Portable Document Format (PDF) suite, that can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code For the old stable distribution (woody) these problems have been fixed in version 100-38 For the stable d ...
Debian Security Advisories: DSA-962-1 pdftohtml -- buffer overflows
"infamous41md" and Chris Evans discovered several heap based buffer overflows in xpdf which are also present in pdftohtml, a utility that translates PDF documents into HTML format, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code The old stable distribution (woody) does not contai ...
Debian Security Advisories: DSA-961-1 pdfkit.framework -- buffer overflows
"infamous41md" and Chris Evans discovered several heap based buffer overflows in xpdf which are also present in pdfkitframework, the GNUstep framework for rendering PDF content, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code The old stable distribution (woody) does not contain ...
Debian Security Advisories: DSA-950-1 cupsys -- buffer overflows
"infamous41md" and Chris Evans discovered several heap based buffer overflows in xpdf which are also present in CUPS, the Common UNIX Printing System, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code For the old stable distribution (woody) these problems have been fixed in version ...
Debian Security Advisories: DSA-938-1 koffice -- buffer overflows
"infamous41md" and chris Evans discovered several heap based buffer overflows in xpdf, the Portable Document Format (PDF) suite, which is also present in koffice, the KDE Office Suite, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code The old stable distribution (woody) does not co ...

References

CWE-119NVD-CWE-noinfohttp://scary.beasts.org/security/CESA-2005-003.txthttp://www.kde.org/info/security/advisory-20051207-2.txthttp://www.gentoo.org/security/en/glsa/glsa-200601-02.xmlhttp://www.securityfocus.com/bid/16143http://secunia.com/advisories/18303http://secunia.com/advisories/18312http://secunia.com/advisories/18313http://secunia.com/advisories/18329http://secunia.com/advisories/18332http://secunia.com/advisories/18334http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.htmlhttp://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.htmlhttp://secunia.com/advisories/18335http://www.debian.org/security/2005/dsa-931http://www.debian.org/security/2005/dsa-932http://www.debian.org/security/2005/dsa-937http://www.debian.org/security/2005/dsa-938http://www.debian.org/security/2005/dsa-940http://rhn.redhat.com/errata/RHSA-2006-0177.htmlhttp://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.htmlhttp://secunia.com/advisories/18387http://secunia.com/advisories/18416http://secunia.com/advisories/18338http://secunia.com/advisories/18349http://secunia.com/advisories/18375http://secunia.com/advisories/18385http://secunia.com/advisories/18389http://secunia.com/advisories/18423http://secunia.com/advisories/18448http://www.debian.org/security/2006/dsa-936http://www.debian.org/security/2006/dsa-950http://www.redhat.com/support/errata/RHSA-2006-0160.htmlhttp://secunia.com/advisories/18398http://secunia.com/advisories/18407http://secunia.com/advisories/18534http://secunia.com/advisories/18582ftp://patches.sgi.com/support/free/security/advisories/20051201-01-Uftp://patches.sgi.com/support/free/security/advisories/20060101-01-Uhttp://secunia.com/advisories/18517http://secunia.com/advisories/18554http://www.debian.org/security/2006/dsa-961http://www.debian.org/security/2006/dsa-962http://www.gentoo.org/security/en/glsa/glsa-200601-17.xmlhttp://secunia.com/advisories/18642http://secunia.com/advisories/18644http://secunia.com/advisories/18674http://secunia.com/advisories/18675http://secunia.com/advisories/18679http://secunia.com/advisories/18908http://secunia.com/advisories/18913http://www.redhat.com/support/errata/RHSA-2006-0163.htmlftp://patches.sgi.com/support/free/security/advisories/20060201-01-Uhttp://www.trustix.org/errata/2006/0002/http://secunia.com/advisories/19230ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txthttp://secunia.com/advisories/19377http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.htmlhttp://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.htmlhttp://secunia.com/advisories/18425http://secunia.com/advisories/18463http://secunia.com/advisories/18147http://secunia.com/advisories/18373http://secunia.com/advisories/18380http://secunia.com/advisories/18414http://secunia.com/advisories/18428http://secunia.com/advisories/18436http://www.mandriva.com/security/advisories?name=MDKSA-2006:003http://www.mandriva.com/security/advisories?name=MDKSA-2006:004http://www.mandriva.com/security/advisories?name=MDKSA-2006:005http://www.mandriva.com/security/advisories?name=MDKSA-2006:006http://www.mandriva.com/security/advisories?name=MDKSA-2006:008http://www.mandriva.com/security/advisories?name=MDKSA-2006:012http://www.mandriva.com/security/advisories?name=MDKSA-2006:011http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1http://secunia.com/advisories/25729http://www.vupen.com/english/advisories/2007/2280http://www.vupen.com/english/advisories/2006/0047http://www.mandriva.com/security/advisories?name=MDKSA-2006:010https://exchange.xforce.ibmcloud.com/vulnerabilities/24025https://exchange.xforce.ibmcloud.com/vulnerabilities/24024https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10200https://usn.ubuntu.com/236-1/http://www.securityfocus.com/archive/1/427990/100/0/threadedhttp://www.securityfocus.com/archive/1/427053/100/0/threadedhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342286https://nvd.nist.govhttps://usn.ubuntu.com/236-2/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race conditionCVE-2024-4249CVE-2024-4244CVE-2023-20198TCPCVE-2022-48648CVE-2022-48636CVE-2024-21345SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook