[Forgot Password]
Login  Register Subscribe

23631

 
 

123478

 
 

98218

 
 

909

 
 

79224

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2005-3624

Date: (C)2005-12-31   (M)2017-12-06 


The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.

CVSS Score: 5.0Access Vector: NETWORK
Exploit Score: 10.0Access Complexity: LOW
Impact Score: 2.9Authentication: NONE
 Confidentiality: NONE
 Integrity: PARTIAL
 Availability: NONE





Reference:
SUNALERT-102972
BID-16143
SECUNIA-18147
SECUNIA-18303
SECUNIA-18312
SECUNIA-18313
SECUNIA-18329
SECUNIA-18332
SECUNIA-18334
SECUNIA-18338
SECUNIA-18349
SECUNIA-18373
SECUNIA-18375
SECUNIA-18380
SECUNIA-18385
SECUNIA-18387
SECUNIA-18389
SECUNIA-18398
SECUNIA-18407
SECUNIA-18414
SECUNIA-18416
SECUNIA-18423
SECUNIA-18425
SECUNIA-18428
SECUNIA-18436
SECUNIA-18448
SECUNIA-18463
SECUNIA-18517
SECUNIA-18534
SECUNIA-18554
SECUNIA-18582
SECUNIA-18642
SECUNIA-18644
SECUNIA-18674
SECUNIA-18675
SECUNIA-18679
SECUNIA-18908
SECUNIA-18913
SECUNIA-19230
SECUNIA-19377
20051201-01-U
2006-0002
20060101-01-U
20060201-01-U
SECUNIA-25729
ADV-2006-0047
ADV-2007-2280
DSA-931
DSA-932
DSA-936
DSA-937
DSA-938
DSA-940
DSA-950
DSA-961
DSA-962
FEDORA-2005-025
FEDORA-2005-026
FLSA-2006:176751
FLSA:175404
GLSA-200601-02
GLSA-200601-17
MDKSA-2006:003
MDKSA-2006:004
MDKSA-2006:005
MDKSA-2006:006
MDKSA-2006:008
MDKSA-2006:010
MDKSA-2006:011
MDKSA-2006:012
RHSA-2006:0160
RHSA-2006:0163
RHSA-2006:0177
SCOSA-2006.15
SSA:2006-045-04
SSA:2006-045-09
SUSE-SA:2006:001
USN-236-1
http://scary.beasts.org/security/CESA-2005-003.txt
http://www.kde.org/info/security/advisory-20051207-2.txt
xpdf-ccitt-faxstream-bo(24022)

CPE    23
cpe:/o:redhat:enterprise_linux_desktop:3.0
cpe:/o:slackware:slackware_linux:9.1
cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1
cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0
...
CWE    1
CWE-189

© 2013 SecPod Technologies