Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2005-2097HistoryAug 16, 2005 - 4:00 a.m.
CVE-2005-2097
2005-08-1604:00:00
Debian Security Bug Tracker
security-tracker.debian.org
24
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
EPSS
0.001
Percentile
28.4%
xpdf and kpdf do not properly validate the “loca” table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a “broken” loca table, which causes a large temporary file to be created when xpdf attempts to reconstruct the information.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | cups | < 1.1.22-7 | cups_1.1.22-7_all.deb |
| Debian | 11 | all | cups | < 1.1.22-7 | cups_1.1.22-7_all.deb |
| Debian | 999 | all | cups | < 1.1.22-7 | cups_1.1.22-7_all.deb |
| Debian | 13 | all | cups | < 1.1.22-7 | cups_1.1.22-7_all.deb |
| Debian | 12 | all | libextractor | < 0.5.8-1 | libextractor_0.5.8-1_all.deb |
| Debian | 11 | all | libextractor | < 0.5.8-1 | libextractor_0.5.8-1_all.deb |
| Debian | 999 | all | libextractor | < 0.5.8-1 | libextractor_0.5.8-1_all.deb |
| Debian | 13 | all | libextractor | < 0.5.8-1 | libextractor_0.5.8-1_all.deb |
| Debian | 12 | all | poppler | < 0.4.0-1 | poppler_0.4.0-1_all.deb |
| Debian | 11 | all | poppler | < 0.4.0-1 | poppler_0.4.0-1_all.deb |
Related
openvas
openvas
Debian Security Advisory DSA 1136-1 (gpdf)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200508-08 (xpdf kpdf gpdf)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200508-08 (xpdf kpdf gpdf)
2008-09-24 00:00:00
debian
debian
[SECURITY] [DSA 780-1] New kpdf packages fix denial of service
2005-08-22 09:39:21
[SECURITY] [DSA 1136-1] New gpdf packages fix denial of service
2006-08-02 16:22:27
[SECURITY] [DSA 780-1] New kpdf packages fix denial of service
2005-08-22 09:39:21
redhat
redhat
(RHSA-2005:706) cups security update
2005-08-09 00:00:00
(RHSA-2005:671) kdegraphics security update
2005-08-09 00:00:00
(RHSA-2005:670) xpdf security update
2005-08-09 00:00:00
nessus
nessus
Mandrake Linux Security Advisory : xpdf (MDKSA-2005:134)
2005-10-05 00:00:00
Fedora Core 3 : xpdf-3.00-10.6.FC3 (2005-730)
2005-08-18 00:00:00
Debian DSA-1136-1 : gpdf - wrong input sanitising
2006-10-14 00:00:00
securityvulns
securityvulns
[USN-163-1] xpdf vulnerability
2005-08-10 00:00:00
cvelist
cvelist
CVE-2005-2097
2005-08-16 04:00:00
centos
centos
xpdf security update
2005-08-09 18:41:04
gpdf security update
2005-08-10 19:14:14
cups security update
2005-08-09 17:51:43
nvd
nvd
CVE-2005-2097
2005-08-16 04:00:00
cve
cve
CVE-2005-2097
2005-08-16 04:00:00
osv
osv
kdegraphics - wrong input sanitising
2005-08-22 00:00:00
ubuntu
ubuntu
xpdf vulnerability
2005-08-10 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package xpdf version 3.00-alt6pl3
2005-08-15 00:00:00
freebsd
freebsd
xpdf -- disk fill DoS vulnerability
2005-08-09 00:00:00
ubuntucve
ubuntucve
CVE-2005-2097
2005-08-16 00:00:00
gentoo
gentoo
Xpdf, Kpdf, GPdf: Denial of Service vulnerability
2005-08-16 00:00:00
oraclelinux
oraclelinux
kdegraphics security update
2006-11-30 00:00:00
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
EPSS
0.001
Percentile
28.4%
Related for DEBIANCVE:CVE-2005-2097