Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2005-3624HistoryJan 06, 2006 - 10:00 p.m.
CVE-2005-3624
2006-01-0622:00:00
Debian Security Bug Tracker
security-tracker.debian.org
14
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.013 Low
EPSS
Percentile
85.8%
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | cups | < 1.1.22-7 | cups_1.1.22-7_all.deb |
| Debian | 11 | all | cups | < 1.1.22-7 | cups_1.1.22-7_all.deb |
| Debian | 999 | all | cups | < 1.1.22-7 | cups_1.1.22-7_all.deb |
| Debian | 13 | all | cups | < 1.1.22-7 | cups_1.1.22-7_all.deb |
| Debian | 12 | all | libextractor | < 0.5.9-1 | libextractor_0.5.9-1_all.deb |
| Debian | 11 | all | libextractor | < 0.5.9-1 | libextractor_0.5.9-1_all.deb |
| Debian | 999 | all | libextractor | < 0.5.9-1 | libextractor_0.5.9-1_all.deb |
| Debian | 13 | all | libextractor | < 0.5.9-1 | libextractor_0.5.9-1_all.deb |
| Debian | 12 | all | poppler | < 0.4.4-1 | poppler_0.4.4-1_all.deb |
| Debian | 11 | all | poppler | < 0.4.4-1 | poppler_0.4.4-1_all.deb |
Related
cvelist
cvelist
CVE-2005-3624
2006-01-06 22:00:00
CVE-2006-1244
2006-03-15 19:00:00
nvd
nvd
CVE-2005-3624
2005-12-31 05:00:00
CVE-2006-1244
2006-03-15 19:06:00
cve
cve
CVE-2005-3624
2006-01-06 22:00:00
CVE-2006-1244
2006-03-15 19:06:00
ubuntucve
ubuntucve
CVE-2005-3624
2005-12-31 00:00:00
CVE-2006-1244
2006-03-15 00:00:00
nessus
nessus
Fedora Core 3 : tetex-2.0.2-21.7.FC3 (2005-029)
2012-09-24 00:00:00
Ubuntu 5.04 / 5.10 : kdegraphics, koffice vulnerabilities (USN-236-2)
2006-01-21 00:00:00
CentOS 3 / 4 : cups (CESA-2006:0163)
2006-07-03 00:00:00
securityvulns
securityvulns
MDKSA-2006:005 - Updated xpdf packages fix several vulnerabilities
2006-01-07 00:00:00
debiancve
debiancve
CVE-2006-1244
2006-03-15 19:06:00
ubuntu
ubuntu
xpdf vulnerabilities
2006-01-06 00:00:00
xpdf vulnerabilities in kword, kpdf
2006-01-09 00:00:00
redhat
redhat
(RHSA-2006:0163) cups security update
2006-01-11 00:00:00
(RHSA-2006:0177) gpdf security update
2006-01-11 00:00:00
(RHSA-2005:868) kdegraphics security update
2005-12-20 00:00:00
prion
prion
Design/Logic Flaw
2006-03-15 19:06:00
openvas
openvas
Gentoo Security Advisory GLSA 200601-17 (xpdf poppler gpdf libextractor pdftohtml)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200601-17 (xpdf poppler gpdf libextractor pdftohtml)
2008-09-24 00:00:00
Debian: Security Advisory (DSA-938-1)
2008-01-17 00:00:00
centos
centos
cups security update
2006-01-11 22:26:57
gpdf security update
2006-01-12 05:08:16
xpdf security update
2005-12-07 00:42:21
gentoo
gentoo
Xpdf, Poppler, GPdf, libextractor, pdftohtml: Heap overflows
2006-01-30 00:00:00
KPdf, KWord: Multiple overflows in included Xpdf code
2006-01-04 00:00:00
debian
debian
[SECURITY] [DSA 937-1] New tetex-bin packages fix arbitrary code execution
2006-01-12 11:32:22
[SECURITY] [DSA 940-1] New gpdf packages fix arbitrary code execution
2006-01-13 09:12:45
[SECURITY] [DSA 940-1] New gpdf packages fix arbitrary code execution
2006-01-13 09:12:45
osv
osv
pdftohtml - buffer overflows
2006-02-01 00:00:00
kdegraphics - buffer overflows
2006-01-09 00:00:00
xpdf - buffer overflows
2006-01-09 00:00:00
suse
suse
remote code execution in xpdf,kpdf,gpdf,kword
2006-01-11 12:03:37
slackware
slackware
[slackware-security] xpdf
2006-02-15 00:28:51
[slackware-security] kdegraphics
2006-02-15 00:27:14
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.013 Low
EPSS
Percentile
85.8%
Related for DEBIANCVE:CVE-2005-3624