Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2005-3628HistoryJan 23, 2006 - 10:00 p.m.
CVE-2005-3628
2006-01-2322:00:00
Debian Security Bug Tracker
security-tracker.debian.org
14
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.021 Low
EPSS
Percentile
89.2%
Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via unknown attack vectors.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | cups | < 1.1.22-7 | cups_1.1.22-7_all.deb |
| Debian | 11 | all | cups | < 1.1.22-7 | cups_1.1.22-7_all.deb |
| Debian | 999 | all | cups | < 1.1.22-7 | cups_1.1.22-7_all.deb |
| Debian | 13 | all | cups | < 1.1.22-7 | cups_1.1.22-7_all.deb |
| Debian | 12 | all | libextractor | < 0.5.9-1 | libextractor_0.5.9-1_all.deb |
| Debian | 11 | all | libextractor | < 0.5.9-1 | libextractor_0.5.9-1_all.deb |
| Debian | 999 | all | libextractor | < 0.5.9-1 | libextractor_0.5.9-1_all.deb |
| Debian | 13 | all | libextractor | < 0.5.9-1 | libextractor_0.5.9-1_all.deb |
| Debian | 12 | all | xpdf | < 3.01-4 | xpdf_3.01-4_all.deb |
| Debian | 11 | all | xpdf | < 3.01-4 | xpdf_3.01-4_all.deb |
Related
nvd
nvd
CVE-2005-3628
2005-12-31 05:00:00
CVE-2006-1244
2006-03-15 19:06:00
cve
cve
CVE-2005-3628
2006-01-23 22:00:00
CVE-2006-1244
2006-03-15 19:06:00
cvelist
cvelist
CVE-2005-3628
2006-01-23 22:00:00
CVE-2006-1244
2006-03-15 19:00:00
ubuntucve
ubuntucve
CVE-2005-3628
2005-12-31 00:00:00
CVE-2006-1244
2006-03-15 00:00:00
redhat
redhat
(RHSA-2005:867) gpdf security update
2005-12-20 00:00:00
(RHSA-2005:878) cups security update
2005-12-20 00:00:00
(RHSA-2005:840) xpdf security update
2005-12-06 00:00:00
prion
prion
Design/Logic Flaw
2006-03-15 19:06:00
nessus
nessus
RHEL 4 : gpdf (RHSA-2005:867)
2005-12-30 00:00:00
RHEL 3 / 4 : cups (RHSA-2005:878)
2005-12-30 00:00:00
CentOS 4 : gpdf (CESA-2005:867)
2006-07-05 00:00:00
centos
centos
cups security update
2005-12-20 23:29:16
gpdf security update
2005-12-21 02:51:50
tetex security update
2006-01-30 00:51:00
debiancve
debiancve
CVE-2006-1244
2006-03-15 19:06:00
openvas
openvas
Debian: Security Advisory (DSA-938-1)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-962-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 938-1 (koffice)
2008-01-17 00:00:00
debian
debian
[SECURITY] [DSA 938-1] New koffice packages fix arbitrary code execution
2006-01-12 14:15:14
[SECURITY] [DSA 940-1] New gpdf packages fix arbitrary code execution
2006-01-13 09:12:45
[SECURITY] [DSA 938-1] New koffice packages fix arbitrary code execution
2006-01-12 14:15:14
osv
osv
pdftohtml - buffer overflows
2006-02-01 00:00:00
kdegraphics - buffer overflows
2006-01-09 00:00:00
xpdf - buffer overflows
2006-01-09 00:00:00
securityvulns
securityvulns
suse
suse
remote code execution in xpdf,kpdf,gpdf,kword
2006-01-11 12:03:37
gentoo
gentoo
KPdf, KWord: Multiple overflows in included Xpdf code
2006-01-04 00:00:00
slackware
slackware
[slackware-security] kdegraphics
2006-02-15 00:27:14
[slackware-security] xpdf
2006-02-15 00:28:51
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.021 Low
EPSS
Percentile
89.2%
Related for DEBIANCVE:CVE-2005-3628