cpe:/a:xpdf:xpdf CVE-2006-0301 2006-01-30T17:03:00.000-05:00 2017-10-10T21:30:37.063-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2006-01-31T10:19:00.000-05:00 ALLOWS_USER_ACCESS SECTRACK 1015576 SECUNIA 18274 SECUNIA 18677 SECUNIA 18707 SECUNIA 18825 SECUNIA 18826 SECUNIA 18834 SECUNIA 18837 SECUNIA 18838 SECUNIA 18839 SECUNIA 18860 SECUNIA 18862 SECUNIA 18864 SECUNIA 18875 SECUNIA 18882 SECUNIA 18908 SECUNIA 18913 SECUNIA 18983 SECUNIA 19377 BUGTRAQ 20060202 [KDE Security Advisory] kpdf/xpdf heap based buffer overflow SREASON 470 VUPEN ADV-2006-0389 VUPEN ADV-2006-0422 DEBIAN DSA-971 DEBIAN DSA-972 DEBIAN DSA-974 FEDORA FEDORA-2006-103 FEDORA FLSA:175404 GENTOO GLSA-200602-04 GENTOO GLSA-200602-05 GENTOO GLSA-200602-12 MANDRIVA MDKSA-2006:030 MANDRIVA MDKSA-2006:031 MANDRIVA MDKSA-2006:032 REDHAT RHSA-2006:0201 REDHAT RHSA-2006:0206 SCO SCOSA-2006.15 SLACKWARE SSA:2006-045-04 SLACKWARE SSA:2006-045-09 UBUNTU USN-249-1 MISC http://www.kde.org/info/security/advisory-20060202-1.txt CONFIRM https://bugzilla.novell.com/show_bug.cgi?id=141242 MISC https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179046 XF xpdf-splash-bo(24391) Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap.