Lucene search

K

[email protected]NVD:CVE-2005-3628

HistoryDec 31, 2005 - 5:00 a.m.

CVE-2005-3628

2005-12-3105:00:00

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.3 High

AI Score

Confidence

Low

0.021 Low

EPSS

Percentile

89.2%

Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via unknown attack vectors.

Affected configurations

NVD

Node

xpdfxpdf

References

ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U

lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html

secunia.com/advisories/18147

secunia.com/advisories/18380

secunia.com/advisories/18385

secunia.com/advisories/18387

secunia.com/advisories/18389

secunia.com/advisories/18398

secunia.com/advisories/18407

secunia.com/advisories/18416

secunia.com/advisories/18428

secunia.com/advisories/18436

secunia.com/advisories/18534

secunia.com/advisories/18582

secunia.com/advisories/18674

secunia.com/advisories/18675

secunia.com/advisories/18679

secunia.com/advisories/18908

secunia.com/advisories/18913

secunia.com/advisories/19230

slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683

slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747

www.debian.org/security/2005/dsa-931

www.debian.org/security/2005/dsa-932

www.debian.org/security/2005/dsa-937

www.debian.org/security/2005/dsa-938

www.debian.org/security/2005/dsa-940

www.debian.org/security/2006/dsa-936

www.debian.org/security/2006/dsa-950

www.debian.org/security/2006/dsa-961

www.debian.org/security/2006/dsa-962

www.mandriva.com/security/advisories?name=MDKSA-2006:010

www.mandriva.com/security/advisories?name=MDKSA-2006:011

www.mandriva.com/security/advisories?name=MDKSA-2006:012

www.redhat.com/support/errata/RHSA-2006-0160.html

www.securityfocus.com/archive/1/427053/100/0/threaded

www.securityfocus.com/archive/1/427990/100/0/threaded

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10287

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.3 High

AI Score

Confidence

Low

0.021 Low

EPSS

Percentile

89.2%

Related for NVD:CVE-2005-3628

cve2 cvelist2 debiancve2 ubuntucve2 nessus26 redhat5 prion1 centos8 nvd1 openvas22 debian18 osv3 securityvulns1 suse1 gentoo1 slackware2