[Forgot Password]
Login  Register Subscribe

24128

 
 

131615

 
 

112965

 
 

909

 
 

87854

 
 

136

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2005-3624Date: (C)2005-12-31   (M)2018-02-19


The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: PARTIAL
Availability: NONE
  
Reference:
SUNALERT-102972
BID-16143
SECUNIA-18147
SECUNIA-18303
SECUNIA-18312
SECUNIA-18313
SECUNIA-18329
SECUNIA-18332
SECUNIA-18334
SECUNIA-18338
SECUNIA-18349
SECUNIA-18373
SECUNIA-18375
SECUNIA-18380
SECUNIA-18385
SECUNIA-18387
SECUNIA-18389
SECUNIA-18398
SECUNIA-18407
SECUNIA-18414
SECUNIA-18416
SECUNIA-18423
SECUNIA-18425
SECUNIA-18428
SECUNIA-18436
SECUNIA-18448
SECUNIA-18463
SECUNIA-18517
SECUNIA-18534
SECUNIA-18554
SECUNIA-18582
SECUNIA-18642
SECUNIA-18644
SECUNIA-18674
SECUNIA-18675
SECUNIA-18679
SECUNIA-18908
SECUNIA-18913
SECUNIA-19230
SECUNIA-19377
20051201-01-U
2006-0002
20060101-01-U
20060201-01-U
SECUNIA-25729
ADV-2006-0047
ADV-2007-2280
DSA-931
DSA-932
DSA-936
DSA-937
DSA-938
DSA-940
DSA-950
DSA-961
DSA-962
FEDORA-2005-025
FEDORA-2005-026
FLSA-2006:176751
FLSA:175404
GLSA-200601-02
GLSA-200601-17
MDKSA-2006:003
MDKSA-2006:004
MDKSA-2006:005
MDKSA-2006:006
MDKSA-2006:008
MDKSA-2006:010
MDKSA-2006:011
MDKSA-2006:012
RHSA-2006:0160
RHSA-2006:0163
RHSA-2006:0177
SCOSA-2006.15
SSA:2006-045-04
SSA:2006-045-09
SUSE-SA:2006:001
USN-236-1
http://scary.beasts.org/security/CESA-2005-003.txt
http://www.kde.org/info/security/advisory-20051207-2.txt
xpdf-ccitt-faxstream-bo(24022)

CPE    23
cpe:/o:debian:debian_linux:3.1
cpe:/a:kde:koffice:1.4
cpe:/o:mandrakesoft:mandrake_linux:2006
cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1
...
CWE    1
CWE-189

© SecPod Technologies