Action not permitted
Modal body text goes here.
Modal Title
Modal Body
ghsa-xj67-863c-2vj3
Vulnerability from github
Published
2022-05-03 03:14
Modified
2022-05-03 03:14
Details
Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitrary code via a PDF file with an out-of-range numComps (number of components) field.
{ affected: [], aliases: [ "CVE-2005-3192", ], database_specific: { cwe_ids: [ "CWE-119", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2005-12-08T01:03:00Z", severity: "HIGH", }, details: "Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitrary code via a PDF file with an out-of-range numComps (number of components) field.", id: "GHSA-xj67-863c-2vj3", modified: "2022-05-03T03:14:26Z", published: "2022-05-03T03:14:26Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-3192", }, { type: "WEB", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/23442", }, { type: "WEB", url: "https://issues.rpath.com/browse/RPL-1609", }, { type: "WEB", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10914", }, { type: "WEB", url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289", }, { type: "WEB", url: "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html", }, { type: "WEB", url: "http://rhn.redhat.com/errata/RHSA-2005-868.html", }, { type: "WEB", url: "http://scary.beasts.org/security/CESA-2005-003.txt", }, { type: "WEB", url: "http://secunia.com/advisories/17897", }, { type: "WEB", url: "http://secunia.com/advisories/17908", }, { type: "WEB", url: "http://secunia.com/advisories/17912", }, { type: "WEB", url: "http://secunia.com/advisories/17916", }, { type: "WEB", url: "http://secunia.com/advisories/17920", }, { type: "WEB", url: "http://secunia.com/advisories/17921", }, { type: "WEB", url: "http://secunia.com/advisories/17926", }, { type: "WEB", url: "http://secunia.com/advisories/17929", }, { type: "WEB", url: "http://secunia.com/advisories/17940", }, { type: "WEB", url: "http://secunia.com/advisories/17955", }, { type: "WEB", url: "http://secunia.com/advisories/17976", }, { type: "WEB", url: "http://secunia.com/advisories/18009", }, { type: "WEB", url: "http://secunia.com/advisories/18055", }, { type: "WEB", url: "http://secunia.com/advisories/18061", }, { type: "WEB", url: "http://secunia.com/advisories/18189", }, { type: "WEB", url: "http://secunia.com/advisories/18191", }, { type: "WEB", url: "http://secunia.com/advisories/18192", }, { type: "WEB", url: "http://secunia.com/advisories/18303", }, { type: "WEB", url: "http://secunia.com/advisories/18313", }, { type: "WEB", url: "http://secunia.com/advisories/18336", }, { type: "WEB", url: "http://secunia.com/advisories/18349", }, { type: "WEB", url: "http://secunia.com/advisories/18380", }, { type: "WEB", url: "http://secunia.com/advisories/18385", }, { type: "WEB", url: "http://secunia.com/advisories/18387", }, { type: "WEB", url: "http://secunia.com/advisories/18389", }, { type: "WEB", url: "http://secunia.com/advisories/18398", }, { type: "WEB", url: "http://secunia.com/advisories/18407", }, { type: "WEB", url: "http://secunia.com/advisories/18416", }, { type: "WEB", url: "http://secunia.com/advisories/18428", }, { type: "WEB", url: "http://secunia.com/advisories/18436", }, { type: "WEB", url: "http://secunia.com/advisories/18448", }, { type: "WEB", url: "http://secunia.com/advisories/18503", }, { type: "WEB", url: "http://secunia.com/advisories/18517", }, { type: "WEB", url: "http://secunia.com/advisories/18534", }, { type: "WEB", url: "http://secunia.com/advisories/18549", }, { type: "WEB", url: "http://secunia.com/advisories/18554", }, { type: "WEB", url: "http://secunia.com/advisories/18582", }, { type: "WEB", url: "http://secunia.com/advisories/18674", }, { type: "WEB", url: "http://secunia.com/advisories/18675", }, { type: "WEB", url: "http://secunia.com/advisories/18679", }, { type: "WEB", url: "http://secunia.com/advisories/18908", }, { type: "WEB", url: "http://secunia.com/advisories/18913", }, { type: "WEB", url: "http://secunia.com/advisories/19230", }, { type: "WEB", url: "http://secunia.com/advisories/19377", }, { type: "WEB", url: "http://secunia.com/advisories/19797", }, { type: "WEB", url: "http://secunia.com/advisories/19798", }, { type: "WEB", url: "http://secunia.com/advisories/25729", }, { type: "WEB", url: "http://secunia.com/advisories/26413", }, { type: "WEB", url: "http://securityreason.com/securityalert/235", }, { type: "WEB", url: "http://securityreason.com/securityalert/240", }, { type: "WEB", url: "http://securitytracker.com/id?1015309", }, { type: "WEB", url: "http://securitytracker.com/id?1015324", }, { type: "WEB", url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683", }, { type: "WEB", url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747", }, { type: "WEB", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1", }, { type: "WEB", url: "http://www.debian.org/security/2005/dsa-931", }, { type: "WEB", url: "http://www.debian.org/security/2005/dsa-932", }, { type: "WEB", url: "http://www.debian.org/security/2006/dsa-936", }, { type: "WEB", url: "http://www.debian.org/security/2006/dsa-937", }, { type: "WEB", url: "http://www.debian.org/security/2006/dsa-950", }, { type: "WEB", url: "http://www.debian.org/security/2006/dsa-961", }, { type: "WEB", url: "http://www.debian.org/security/2006/dsa-962", }, { type: "WEB", url: "http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml", }, { type: "WEB", url: "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml", }, { type: "WEB", url: "http://www.idefense.com/application/poi/display?id=344&type=vulnerabilities", }, { type: "WEB", url: "http://www.kde.org/info/security/advisory-20051207-1.txt", }, { type: "WEB", url: "http://www.kde.org/info/security/advisory-20051207-2.txt", }, { type: "WEB", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003", }, { type: "WEB", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004", }, { type: "WEB", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005", }, { type: "WEB", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006", }, { type: "WEB", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008", }, { type: "WEB", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010", }, { type: "WEB", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011", }, { type: "WEB", url: "http://www.novell.com/linux/security/advisories/2005_29_sr.html", }, { type: "WEB", url: "http://www.novell.com/linux/security/advisories/2006_02_sr.html", }, { type: "WEB", url: "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html", }, { type: "WEB", url: "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html", }, { type: "WEB", url: "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html", }, { type: "WEB", url: "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html", }, { type: "WEB", url: "http://www.redhat.com/support/errata/RHSA-2005-840.html", }, { type: "WEB", url: "http://www.redhat.com/support/errata/RHSA-2005-867.html", }, { type: "WEB", url: "http://www.redhat.com/support/errata/RHSA-2005-878.html", }, { type: "WEB", url: "http://www.redhat.com/support/errata/RHSA-2006-0160.html", }, { type: "WEB", url: "http://www.securityfocus.com/archive/1/418883/100/0/threaded", }, { type: "WEB", url: "http://www.securityfocus.com/archive/1/427053/100/0/threaded", }, { type: "WEB", url: "http://www.securityfocus.com/archive/1/427990/100/0/threaded", }, { type: "WEB", url: "http://www.securityfocus.com/bid/15725", }, { type: "WEB", url: "http://www.trustix.org/errata/2005/0072", }, { type: "WEB", url: "http://www.ubuntulinux.org/usn/usn-227-1", }, { type: "WEB", url: "http://www.vupen.com/english/advisories/2005/2755", }, { type: "WEB", url: "http://www.vupen.com/english/advisories/2005/2786", }, { type: "WEB", url: "http://www.vupen.com/english/advisories/2005/2787", }, { type: "WEB", url: "http://www.vupen.com/english/advisories/2005/2788", }, { type: "WEB", url: "http://www.vupen.com/english/advisories/2005/2789", }, { type: "WEB", url: "http://www.vupen.com/english/advisories/2005/2790", }, { type: "WEB", url: "http://www.vupen.com/english/advisories/2005/2856", }, { type: "WEB", url: "http://www.vupen.com/english/advisories/2007/2280", }, ], schema_version: "1.4.0", severity: [], }
cve-2005-3192
Vulnerability from cvelistv5
Published
2005-12-08 01:00
Modified
2024-08-07 23:01
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitrary code via a PDF file with an out-of-range numComps (number of components) field.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T23:01:59.286Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "17929", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/17929", }, { name: "19797", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/19797", }, { name: "xpdf-streampredictor-bo(23442)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/23442", }, { name: "SCOSA-2006.20", tags: [ "vendor-advisory", "x_refsource_SCO", "x_transferred", ], url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt", }, { name: "DSA-932", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2005/dsa-932", }, { name: "18349", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18349", }, { name: "SCOSA-2006.15", tags: [ "vendor-advisory", "x_refsource_SCO", "x_transferred", ], url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt", }, { name: "18055", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18055", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://scary.beasts.org/security/CESA-2005-003.txt", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.kde.org/info/security/advisory-20051207-1.txt", }, { name: "18503", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18503", }, { name: "oval:org.mitre.oval:def:10914", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10914", }, { name: "18549", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18549", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.kde.org/info/security/advisory-20051207-2.txt", }, { name: "18679", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18679", }, { name: "18189", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18189", }, { name: "26413", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/26413", }, { name: "17940", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/17940", }, { name: "18303", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18303", }, { name: "DSA-931", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2005/dsa-931", }, { name: "18554", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18554", }, { name: "MDKSA-2006:003", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289", }, { name: "19230", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/19230", }, { name: "102972", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1", }, { name: "DSA-962", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2006/dsa-962", }, { name: "1015309", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1015309", }, { name: "18398", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18398", }, { name: "FLSA-2006:176751", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/427053/100/0/threaded", }, { name: "SUSE-SA:2006:001", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html", }, { name: "DSA-936", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2006/dsa-936", }, { name: "17916", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/17916", }, { name: "RHSA-2005:840", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2005-840.html", }, { name: "ADV-2005-2789", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2005/2789", }, { name: "RHSA-2005:867", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2005-867.html", }, { name: "18674", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18674", }, { name: "MDKSA-2006:005", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005", }, { name: "18313", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18313", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://issues.rpath.com/browse/RPL-1609", }, { name: "RHSA-2005:868", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2005-868.html", }, { name: "20051201-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", "x_transferred", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U", }, { name: "20060101-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", "x_transferred", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U", }, { name: "18448", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18448", }, { name: "18436", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18436", }, { name: "18428", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18428", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.01pl1.patch", }, { name: "18380", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18380", }, { name: "GLSA-200512-08", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml", }, { name: "FEDORA-2005-1126", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html", }, { name: "18416", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18416", }, { name: "ADV-2007-2280", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2007/2280", }, { name: "GLSA-200601-02", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml", }, { name: "FEDORA-2005-1142", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html", }, { name: "18336", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18336", }, { name: "18061", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18061", }, { name: "18407", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18407", }, { name: "18009", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18009", }, { name: "17908", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/17908", }, { name: "USN-227-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntulinux.org/usn/usn-227-1", }, { name: "18517", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18517", }, { name: "18582", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18582", }, { name: "SUSE-SR:2006:002", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://www.novell.com/linux/security/advisories/2006_02_sr.html", }, { name: "18534", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18534", }, { name: "20051205 Multiple Vendor xpdf StreamPredictor Heap Overflow Vulnerability", tags: [ "third-party-advisory", "x_refsource_IDEFENSE", "x_transferred", ], url: "http://www.idefense.com/application/poi/display?id=344&type=vulnerabilities", }, { name: "SSA:2006-045-09", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred", ], url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683", }, { name: "TSLSA-2005-0072", tags: [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred", ], url: "http://www.trustix.org/errata/2005/0072/", }, { name: "FEDORA-2005-1127", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html", }, { name: "20051207 [KDE Security Advisory] multiple buffer overflows in kpdf/koffice", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/418883/100/0/threaded", }, { name: "18908", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18908", }, { name: "25729", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/25729", }, { name: "ADV-2005-2786", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2005/2786", }, { name: "MDKSA-2006:006", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006", }, { name: "ADV-2005-2788", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2005/2788", }, { name: "17926", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/17926", }, { name: "19798", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/19798", }, { name: "ADV-2005-2755", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2005/2755", }, { name: "15725", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/15725", }, { name: "MDKSA-2006:008", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008", }, { name: "18191", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18191", }, { name: "20060201-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", "x_transferred", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U", }, { name: "RHSA-2006:0160", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2006-0160.html", }, { name: "17912", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/17912", }, { name: "MDKSA-2006:010", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010", }, { name: "17921", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/17921", }, { name: "MDKSA-2006:004", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004", }, { name: "ADV-2005-2790", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2005/2790", }, { name: "18389", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18389", }, { name: "18192", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18192", }, { name: "ADV-2005-2856", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2005/2856", }, { name: "SSA:2006-045-04", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred", ], url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747", }, { name: "19377", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/19377", }, { name: "FLSA:175404", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/427990/100/0/threaded", }, { name: "DSA-961", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2006/dsa-961", }, { name: "235", tags: [ "third-party-advisory", "x_refsource_SREASON", "x_transferred", ], url: "http://securityreason.com/securityalert/235", }, { name: "SCOSA-2006.21", tags: [ "vendor-advisory", "x_refsource_SCO", "x_transferred", ], url: "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt", }, { name: "18675", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18675", }, { name: "1015324", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1015324", }, { name: "18913", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18913", }, { name: "SUSE-SR:2005:029", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://www.novell.com/linux/security/advisories/2005_29_sr.html", }, { name: "DSA-937", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2006/dsa-937", }, { name: "ADV-2005-2787", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2005/2787", }, { name: "RHSA-2005:878", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2005-878.html", }, { name: "FEDORA-2005-1141", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html", }, { name: "17920", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/17920", }, { name: "DSA-950", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2006/dsa-950", }, { name: "17955", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/17955", }, { name: "17897", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/17897/", }, { name: "17976", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/17976", }, { name: "18387", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18387", }, { name: "240", tags: [ "third-party-advisory", "x_refsource_SREASON", "x_transferred", ], url: "http://securityreason.com/securityalert/240", }, { name: "MDKSA-2006:011", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011", }, { name: "18385", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18385", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2005-12-05T00:00:00", descriptions: [ { lang: "en", value: "Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitrary code via a PDF file with an out-of-range numComps (number of components) field.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-19T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "17929", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/17929", }, { name: "19797", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/19797", }, { name: "xpdf-streampredictor-bo(23442)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/23442", }, { name: "SCOSA-2006.20", tags: [ "vendor-advisory", "x_refsource_SCO", ], url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt", }, { name: "DSA-932", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2005/dsa-932", }, { name: "18349", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18349", }, { name: "SCOSA-2006.15", tags: [ "vendor-advisory", "x_refsource_SCO", ], url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt", }, { name: "18055", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18055", }, { tags: [ "x_refsource_MISC", ], url: "http://scary.beasts.org/security/CESA-2005-003.txt", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.kde.org/info/security/advisory-20051207-1.txt", }, { name: "18503", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18503", }, { name: "oval:org.mitre.oval:def:10914", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10914", }, { name: "18549", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18549", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.kde.org/info/security/advisory-20051207-2.txt", }, { name: "18679", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18679", }, { name: "18189", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18189", }, { name: "26413", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/26413", }, { name: "17940", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/17940", }, { name: "18303", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18303", }, { name: "DSA-931", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2005/dsa-931", }, { name: "18554", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18554", }, { name: "MDKSA-2006:003", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003", }, { tags: [ "x_refsource_MISC", ], url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289", }, { name: "19230", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/19230", }, { name: "102972", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1", }, { name: "DSA-962", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2006/dsa-962", }, { name: "1015309", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1015309", }, { name: "18398", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18398", }, { name: "FLSA-2006:176751", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://www.securityfocus.com/archive/1/427053/100/0/threaded", }, { name: "SUSE-SA:2006:001", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html", }, { name: "DSA-936", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2006/dsa-936", }, { name: "17916", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/17916", }, { name: "RHSA-2005:840", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2005-840.html", }, { name: "ADV-2005-2789", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2005/2789", }, { name: "RHSA-2005:867", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2005-867.html", }, { name: "18674", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18674", }, { name: "MDKSA-2006:005", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005", }, { name: "18313", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18313", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://issues.rpath.com/browse/RPL-1609", }, { name: "RHSA-2005:868", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2005-868.html", }, { name: "20051201-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U", }, { name: "20060101-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U", }, { name: "18448", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18448", }, { name: "18436", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18436", }, { name: "18428", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18428", }, { tags: [ "x_refsource_CONFIRM", ], url: "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.01pl1.patch", }, { name: "18380", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18380", }, { name: "GLSA-200512-08", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml", }, { name: "FEDORA-2005-1126", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html", }, { name: "18416", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18416", }, { name: "ADV-2007-2280", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2007/2280", }, { name: "GLSA-200601-02", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml", }, { name: "FEDORA-2005-1142", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html", }, { name: "18336", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18336", }, { name: "18061", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18061", }, { name: "18407", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18407", }, { name: "18009", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18009", }, { name: "17908", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/17908", }, { name: "USN-227-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntulinux.org/usn/usn-227-1", }, { name: "18517", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18517", }, { name: "18582", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18582", }, { name: "SUSE-SR:2006:002", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://www.novell.com/linux/security/advisories/2006_02_sr.html", }, { name: "18534", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18534", }, { name: "20051205 Multiple Vendor xpdf StreamPredictor Heap Overflow Vulnerability", tags: [ "third-party-advisory", "x_refsource_IDEFENSE", ], url: "http://www.idefense.com/application/poi/display?id=344&type=vulnerabilities", }, { name: "SSA:2006-045-09", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", ], url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683", }, { name: "TSLSA-2005-0072", tags: [ "vendor-advisory", "x_refsource_TRUSTIX", ], url: "http://www.trustix.org/errata/2005/0072/", }, { name: "FEDORA-2005-1127", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html", }, { name: "20051207 [KDE Security Advisory] multiple buffer overflows in kpdf/koffice", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/418883/100/0/threaded", }, { name: "18908", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18908", }, { name: "25729", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/25729", }, { name: "ADV-2005-2786", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2005/2786", }, { name: "MDKSA-2006:006", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006", }, { name: "ADV-2005-2788", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2005/2788", }, { name: "17926", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/17926", }, { name: "19798", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/19798", }, { name: "ADV-2005-2755", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2005/2755", }, { name: "15725", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/15725", }, { name: "MDKSA-2006:008", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008", }, { name: "18191", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18191", }, { name: "20060201-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U", }, { name: "RHSA-2006:0160", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2006-0160.html", }, { name: "17912", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/17912", }, { name: "MDKSA-2006:010", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010", }, { name: "17921", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/17921", }, { name: "MDKSA-2006:004", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004", }, { name: "ADV-2005-2790", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2005/2790", }, { name: "18389", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18389", }, { name: "18192", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18192", }, { name: "ADV-2005-2856", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2005/2856", }, { name: "SSA:2006-045-04", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", ], url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747", }, { name: "19377", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/19377", }, { name: "FLSA:175404", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://www.securityfocus.com/archive/1/427990/100/0/threaded", }, { name: "DSA-961", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2006/dsa-961", }, { name: "235", tags: [ "third-party-advisory", "x_refsource_SREASON", ], url: "http://securityreason.com/securityalert/235", }, { name: "SCOSA-2006.21", tags: [ "vendor-advisory", "x_refsource_SCO", ], url: "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt", }, { name: "18675", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18675", }, { name: "1015324", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1015324", }, { name: "18913", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18913", }, { name: "SUSE-SR:2005:029", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://www.novell.com/linux/security/advisories/2005_29_sr.html", }, { name: "DSA-937", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2006/dsa-937", }, { name: "ADV-2005-2787", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2005/2787", }, { name: "RHSA-2005:878", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2005-878.html", }, { name: "FEDORA-2005-1141", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html", }, { name: "17920", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/17920", }, { name: "DSA-950", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2006/dsa-950", }, { name: "17955", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/17955", }, { name: "17897", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/17897/", }, { name: "17976", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/17976", }, { name: "18387", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18387", }, { name: "240", tags: [ "third-party-advisory", "x_refsource_SREASON", ], url: "http://securityreason.com/securityalert/240", }, { name: "MDKSA-2006:011", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011", }, { name: "18385", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18385", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2005-3192", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitrary code via a PDF file with an out-of-range numComps (number of components) field.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "17929", refsource: "SECUNIA", url: "http://secunia.com/advisories/17929", }, { name: "19797", refsource: "SECUNIA", url: "http://secunia.com/advisories/19797", }, { name: "xpdf-streampredictor-bo(23442)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/23442", }, { name: "SCOSA-2006.20", refsource: "SCO", url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt", }, { name: "DSA-932", refsource: "DEBIAN", url: "http://www.debian.org/security/2005/dsa-932", }, { name: "18349", refsource: "SECUNIA", url: "http://secunia.com/advisories/18349", }, { name: "SCOSA-2006.15", refsource: "SCO", url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt", }, { name: "18055", refsource: "SECUNIA", url: "http://secunia.com/advisories/18055", }, { name: "http://scary.beasts.org/security/CESA-2005-003.txt", refsource: "MISC", url: "http://scary.beasts.org/security/CESA-2005-003.txt", }, { name: "http://www.kde.org/info/security/advisory-20051207-1.txt", refsource: "CONFIRM", url: "http://www.kde.org/info/security/advisory-20051207-1.txt", }, { name: "18503", refsource: "SECUNIA", url: "http://secunia.com/advisories/18503", }, { name: "oval:org.mitre.oval:def:10914", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10914", }, { name: "18549", refsource: "SECUNIA", url: "http://secunia.com/advisories/18549", }, { name: "http://www.kde.org/info/security/advisory-20051207-2.txt", refsource: "CONFIRM", url: "http://www.kde.org/info/security/advisory-20051207-2.txt", }, { name: "18679", refsource: "SECUNIA", url: "http://secunia.com/advisories/18679", }, { name: "18189", refsource: "SECUNIA", url: "http://secunia.com/advisories/18189", }, { name: "26413", refsource: "SECUNIA", url: "http://secunia.com/advisories/26413", }, { name: "17940", refsource: "SECUNIA", url: "http://secunia.com/advisories/17940", }, { name: "18303", refsource: "SECUNIA", url: "http://secunia.com/advisories/18303", }, { name: "DSA-931", refsource: "DEBIAN", url: "http://www.debian.org/security/2005/dsa-931", }, { name: "18554", refsource: "SECUNIA", url: "http://secunia.com/advisories/18554", }, { name: "MDKSA-2006:003", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003", }, { name: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289", refsource: "MISC", url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289", }, { name: "19230", refsource: "SECUNIA", url: "http://secunia.com/advisories/19230", }, { name: "102972", refsource: "SUNALERT", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1", }, { name: "DSA-962", refsource: "DEBIAN", url: "http://www.debian.org/security/2006/dsa-962", }, { name: "1015309", refsource: "SECTRACK", url: "http://securitytracker.com/id?1015309", }, { name: "18398", refsource: "SECUNIA", url: "http://secunia.com/advisories/18398", }, { name: "FLSA-2006:176751", refsource: "FEDORA", url: "http://www.securityfocus.com/archive/1/427053/100/0/threaded", }, { name: "SUSE-SA:2006:001", refsource: "SUSE", url: "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html", }, { name: "DSA-936", refsource: "DEBIAN", url: "http://www.debian.org/security/2006/dsa-936", }, { name: "17916", refsource: "SECUNIA", url: "http://secunia.com/advisories/17916", }, { name: "RHSA-2005:840", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2005-840.html", }, { name: "ADV-2005-2789", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2005/2789", }, { name: "RHSA-2005:867", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2005-867.html", }, { name: "18674", refsource: "SECUNIA", url: "http://secunia.com/advisories/18674", }, { name: "MDKSA-2006:005", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005", }, { name: "18313", refsource: "SECUNIA", url: "http://secunia.com/advisories/18313", }, { name: "https://issues.rpath.com/browse/RPL-1609", refsource: "CONFIRM", url: "https://issues.rpath.com/browse/RPL-1609", }, { name: "RHSA-2005:868", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2005-868.html", }, { name: "20051201-01-U", refsource: "SGI", url: "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U", }, { name: "20060101-01-U", refsource: "SGI", url: "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U", }, { name: "18448", refsource: "SECUNIA", url: "http://secunia.com/advisories/18448", }, { name: "18436", refsource: "SECUNIA", url: "http://secunia.com/advisories/18436", }, { name: "18428", refsource: "SECUNIA", url: "http://secunia.com/advisories/18428", }, { name: "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.01pl1.patch", refsource: "CONFIRM", url: "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.01pl1.patch", }, { name: "18380", refsource: "SECUNIA", url: "http://secunia.com/advisories/18380", }, { name: "GLSA-200512-08", refsource: "GENTOO", url: "http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml", }, { name: "FEDORA-2005-1126", refsource: "FEDORA", url: "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html", }, { name: "18416", refsource: "SECUNIA", url: "http://secunia.com/advisories/18416", }, { name: "ADV-2007-2280", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2007/2280", }, { name: "GLSA-200601-02", refsource: "GENTOO", url: "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml", }, { name: "FEDORA-2005-1142", refsource: "FEDORA", url: "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html", }, { name: "18336", refsource: "SECUNIA", url: "http://secunia.com/advisories/18336", }, { name: "18061", refsource: "SECUNIA", url: "http://secunia.com/advisories/18061", }, { name: "18407", refsource: "SECUNIA", url: "http://secunia.com/advisories/18407", }, { name: "18009", refsource: "SECUNIA", url: "http://secunia.com/advisories/18009", }, { name: "17908", refsource: "SECUNIA", url: "http://secunia.com/advisories/17908", }, { name: "USN-227-1", refsource: "UBUNTU", url: "http://www.ubuntulinux.org/usn/usn-227-1", }, { name: "18517", refsource: "SECUNIA", url: "http://secunia.com/advisories/18517", }, { name: "18582", refsource: "SECUNIA", url: "http://secunia.com/advisories/18582", }, { name: "SUSE-SR:2006:002", refsource: "SUSE", url: "http://www.novell.com/linux/security/advisories/2006_02_sr.html", }, { name: "18534", refsource: "SECUNIA", url: "http://secunia.com/advisories/18534", }, { name: "20051205 Multiple Vendor xpdf StreamPredictor Heap Overflow Vulnerability", refsource: "IDEFENSE", url: "http://www.idefense.com/application/poi/display?id=344&type=vulnerabilities", }, { name: "SSA:2006-045-09", refsource: "SLACKWARE", url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683", }, { name: "TSLSA-2005-0072", refsource: "TRUSTIX", url: "http://www.trustix.org/errata/2005/0072/", }, { name: "FEDORA-2005-1127", refsource: "FEDORA", url: "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html", }, { name: "20051207 [KDE Security Advisory] multiple buffer overflows in kpdf/koffice", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/418883/100/0/threaded", }, { name: "18908", refsource: "SECUNIA", url: "http://secunia.com/advisories/18908", }, { name: "25729", refsource: "SECUNIA", url: "http://secunia.com/advisories/25729", }, { name: "ADV-2005-2786", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2005/2786", }, { name: "MDKSA-2006:006", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006", }, { name: "ADV-2005-2788", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2005/2788", }, { name: "17926", refsource: "SECUNIA", url: "http://secunia.com/advisories/17926", }, { name: "19798", refsource: "SECUNIA", url: "http://secunia.com/advisories/19798", }, { name: "ADV-2005-2755", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2005/2755", }, { name: "15725", refsource: "BID", url: "http://www.securityfocus.com/bid/15725", }, { name: "MDKSA-2006:008", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008", }, { name: "18191", refsource: "SECUNIA", url: "http://secunia.com/advisories/18191", }, { name: "20060201-01-U", refsource: "SGI", url: "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U", }, { name: "RHSA-2006:0160", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2006-0160.html", }, { name: "17912", refsource: "SECUNIA", url: "http://secunia.com/advisories/17912", }, { name: "MDKSA-2006:010", refsource: "MANDRAKE", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010", }, { name: "17921", refsource: "SECUNIA", url: "http://secunia.com/advisories/17921", }, { name: "MDKSA-2006:004", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004", }, { name: "ADV-2005-2790", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2005/2790", }, { name: "18389", refsource: "SECUNIA", url: "http://secunia.com/advisories/18389", }, { name: "18192", refsource: "SECUNIA", url: "http://secunia.com/advisories/18192", }, { name: "ADV-2005-2856", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2005/2856", }, { name: "SSA:2006-045-04", refsource: "SLACKWARE", url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747", }, { name: "19377", refsource: "SECUNIA", url: "http://secunia.com/advisories/19377", }, { name: "FLSA:175404", refsource: "FEDORA", url: "http://www.securityfocus.com/archive/1/427990/100/0/threaded", }, { name: "DSA-961", refsource: "DEBIAN", url: "http://www.debian.org/security/2006/dsa-961", }, { name: "235", refsource: "SREASON", url: "http://securityreason.com/securityalert/235", }, { name: "SCOSA-2006.21", refsource: "SCO", url: "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt", }, { name: "18675", refsource: "SECUNIA", url: "http://secunia.com/advisories/18675", }, { name: "1015324", refsource: "SECTRACK", url: "http://securitytracker.com/id?1015324", }, { name: "18913", refsource: "SECUNIA", url: "http://secunia.com/advisories/18913", }, { name: "SUSE-SR:2005:029", refsource: "SUSE", url: "http://www.novell.com/linux/security/advisories/2005_29_sr.html", }, { name: "DSA-937", refsource: "DEBIAN", url: "http://www.debian.org/security/2006/dsa-937", }, { name: "ADV-2005-2787", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2005/2787", }, { name: "RHSA-2005:878", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2005-878.html", }, { name: "FEDORA-2005-1141", refsource: "FEDORA", url: "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html", }, { name: "17920", refsource: "SECUNIA", url: "http://secunia.com/advisories/17920", }, { name: "DSA-950", refsource: "DEBIAN", url: "http://www.debian.org/security/2006/dsa-950", }, { name: "17955", refsource: "SECUNIA", url: "http://secunia.com/advisories/17955", }, { name: "17897", refsource: "SECUNIA", url: "http://secunia.com/advisories/17897/", }, { name: "17976", refsource: "SECUNIA", url: "http://secunia.com/advisories/17976", }, { name: "18387", refsource: "SECUNIA", url: "http://secunia.com/advisories/18387", }, { name: "240", refsource: "SREASON", url: "http://securityreason.com/securityalert/240", }, { name: "MDKSA-2006:011", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011", }, { name: "18385", refsource: "SECUNIA", url: "http://secunia.com/advisories/18385", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2005-3192", datePublished: "2005-12-08T01:00:00", dateReserved: "2005-10-14T00:00:00", dateUpdated: "2024-08-07T23:01:59.286Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.