[Forgot Password]
Login  Register Subscribe

24128

 
 

131573

 
 

111017

 
 

909

 
 

86402

 
 

136

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2006-0301Date: (C)2006-01-30   (M)2018-02-19


Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : CVSS Score : 7.5
Exploit Score: Exploit Score: 10.0
Impact Score: Impact Score: 6.4
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: Access Vector: NETWORK
Attack Complexity: Access Complexity: LOW
Privileges Required: Authentication: NONE
User Interaction: Confidentiality: PARTIAL
Scope: Integrity: PARTIAL
Confidentiality: Availability: PARTIAL
Integrity:  
Availability:  
  
Reference:
SECTRACK-1015576
SECUNIA-18274
SECUNIA-18677
SECUNIA-18707
SECUNIA-18825
SECUNIA-18826
SECUNIA-18834
SECUNIA-18837
SECUNIA-18838
SECUNIA-18839
SECUNIA-18860
SECUNIA-18862
SECUNIA-18864
SECUNIA-18875
SECUNIA-18882
SECUNIA-18908
SECUNIA-18913
SECUNIA-18983
SECUNIA-19377
http://www.securityfocus.com/archive/1/423899/100/0/threaded
SREASON-470
ADV-2006-0389
ADV-2006-0422
DSA-971
DSA-972
DSA-974
FEDORA-2006-103
FLSA:175404
GLSA-200602-04
GLSA-200602-05
GLSA-200602-12
MDKSA-2006:030
MDKSA-2006:031
MDKSA-2006:032
RHSA-2006:0201
RHSA-2006:0206
SCOSA-2006.15
SSA:2006-045-04
SSA:2006-045-09
USN-249-1
http://www.kde.org/info/security/advisory-20060202-1.txt
https://bugzilla.novell.com/show_bug.cgi?id=141242
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179046
xpdf-splash-bo(24391)

CWE    1
CWE-119

© SecPod Technologies