Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2005-3625HistoryJan 06, 2006 - 10:00 p.m.
CVE-2005-3625
2006-01-0622:00:00
Debian Security Bug Tracker
security-tracker.debian.org
14
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.006 Low
EPSS
Percentile
78.7%
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka “Infinite CPU spins.”
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | cups | < 1.1.22-7 | cups_1.1.22-7_all.deb |
| Debian | 11 | all | cups | < 1.1.22-7 | cups_1.1.22-7_all.deb |
| Debian | 999 | all | cups | < 1.1.22-7 | cups_1.1.22-7_all.deb |
| Debian | 13 | all | cups | < 1.1.22-7 | cups_1.1.22-7_all.deb |
| Debian | 12 | all | libextractor | < 0.5.9-1 | libextractor_0.5.9-1_all.deb |
| Debian | 11 | all | libextractor | < 0.5.9-1 | libextractor_0.5.9-1_all.deb |
| Debian | 999 | all | libextractor | < 0.5.9-1 | libextractor_0.5.9-1_all.deb |
| Debian | 13 | all | libextractor | < 0.5.9-1 | libextractor_0.5.9-1_all.deb |
| Debian | 12 | all | poppler | < 0.4.4-1 | poppler_0.4.4-1_all.deb |
| Debian | 11 | all | poppler | < 0.4.4-1 | poppler_0.4.4-1_all.deb |
Related
cvelist
cvelist
CVE-2005-3625
2006-01-06 22:00:00
nvd
nvd
CVE-2005-3625
2005-12-31 05:00:00
ubuntucve
ubuntucve
CVE-2005-3625
2005-12-31 00:00:00
cve
cve
CVE-2005-3625
2006-01-06 22:00:00
nessus
nessus
Fedora Core 4 : tetex-3.0-9.FC4 (2006-028)
2006-01-15 00:00:00
Fedora Core 4 : tetex-3.0-9.FC4 (2005-028)
2012-09-24 00:00:00
Fedora Core 3 : cups-1.1.22-0.rc1.8.9 (2006-011)
2012-09-24 00:00:00
securityvulns
securityvulns
MDKSA-2006:005 - Updated xpdf packages fix several vulnerabilities
2006-01-07 00:00:00
redhat
redhat
(RHSA-2006:0163) cups security update
2006-01-11 00:00:00
(RHSA-2006:0177) gpdf security update
2006-01-11 00:00:00
(RHSA-2005:868) kdegraphics security update
2005-12-20 00:00:00
ubuntu
ubuntu
xpdf vulnerabilities
2006-01-06 00:00:00
xpdf vulnerabilities in kword, kpdf
2006-01-09 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200601-17 (xpdf poppler gpdf libextractor pdftohtml)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200601-17 (xpdf poppler gpdf libextractor pdftohtml)
2008-09-24 00:00:00
Debian: Security Advisory (DSA-938-1)
2008-01-17 00:00:00
centos
centos
cups security update
2006-01-11 22:26:57
gpdf security update
2006-01-12 05:08:16
xpdf security update
2005-12-07 00:42:21
gentoo
gentoo
Xpdf, Poppler, GPdf, libextractor, pdftohtml: Heap overflows
2006-01-30 00:00:00
KPdf, KWord: Multiple overflows in included Xpdf code
2006-01-04 00:00:00
debian
debian
[SECURITY] [DSA 937-1] New tetex-bin packages fix arbitrary code execution
2006-01-12 11:32:22
[SECURITY] [DSA 940-1] New gpdf packages fix arbitrary code execution
2006-01-13 09:12:45
[SECURITY] [DSA 938-1] New koffice packages fix arbitrary code execution
2006-01-12 14:15:14
osv
osv
pdftohtml - buffer overflows
2006-02-01 00:00:00
kdegraphics - buffer overflows
2006-01-09 00:00:00
xpdf - buffer overflows
2006-01-09 00:00:00
suse
suse
remote code execution in xpdf,kpdf,gpdf,kword
2006-01-11 12:03:37
slackware
slackware
[slackware-security] xpdf
2006-02-15 00:28:51
[slackware-security] kdegraphics
2006-02-15 00:27:14
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.006 Low
EPSS
Percentile
78.7%
Related for DEBIANCVE:CVE-2005-3625