[Forgot Password]
Login  Register Subscribe

23631

 
 

126941

 
 

98503

 
 

909

 
 

79321

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2006-0301

Date: (C)2006-01-30   (M)2017-10-11 


Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap.

CVSS Score: 7.5Access Vector: NETWORK
Exploit Score: 10.0Access Complexity: LOW
Impact Score: 6.4Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: PARTIAL
 Availability: PARTIAL





Reference:
SECTRACK-1015576
SECUNIA-18274
SECUNIA-18677
SECUNIA-18707
SECUNIA-18825
SECUNIA-18826
SECUNIA-18834
SECUNIA-18837
SECUNIA-18838
SECUNIA-18839
SECUNIA-18860
SECUNIA-18862
SECUNIA-18864
SECUNIA-18875
SECUNIA-18882
SECUNIA-18908
SECUNIA-18913
SECUNIA-18983
SECUNIA-19377
http://www.securityfocus.com/archive/1/423899/100/0/threaded
SREASON-470
ADV-2006-0389
ADV-2006-0422
DSA-971
DSA-972
DSA-974
FEDORA-2006-103
FLSA:175404
GLSA-200602-04
GLSA-200602-05
GLSA-200602-12
MDKSA-2006:030
MDKSA-2006:031
MDKSA-2006:032
RHSA-2006:0201
RHSA-2006:0206
SCOSA-2006.15
SSA:2006-045-04
SSA:2006-045-09
USN-249-1
http://www.kde.org/info/security/advisory-20060202-1.txt
https://bugzilla.novell.com/show_bug.cgi?id=141242
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179046
xpdf-splash-bo(24391)

CWE    1
CWE-119

© 2013 SecPod Technologies