[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-0301Date: (C)2006-01-30   (M)2023-12-22


Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1015576
SECUNIA-18274
SECUNIA-18677
SECUNIA-18707
SECUNIA-18825
SECUNIA-18826
SECUNIA-18834
SECUNIA-18837
SECUNIA-18838
SECUNIA-18839
SECUNIA-18860
SECUNIA-18862
SECUNIA-18864
SECUNIA-18875
SECUNIA-18882
SECUNIA-18908
SECUNIA-18913
SECUNIA-18983
SECUNIA-19377
http://www.securityfocus.com/archive/1/423899/100/0/threaded
SREASON-470
ADV-2006-0389
ADV-2006-0422
DSA-971
DSA-972
DSA-974
FEDORA-2006-103
FLSA:175404
GLSA-200602-04
GLSA-200602-05
GLSA-200602-12
MDKSA-2006:030
MDKSA-2006:031
MDKSA-2006:032
RHSA-2006:0201
RHSA-2006:0206
SCOSA-2006.15
SSA:2006-045-04
SSA:2006-045-09
USN-249-1
http://www.kde.org/info/security/advisory-20060202-1.txt
https://bugzilla.novell.com/show_bug.cgi?id=141242
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179046
oval:org.mitre.oval:def:10850
xpdf-splash-bo(24391)

CWE    1
CWE-119

© SecPod Technologies