Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2097

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2005-2097
Last Modified 07 Mar 2011 09:23:23
Published 16 Aug 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-2097

Summary

xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temporary file to be created when xpdf attempts to reconstruct the information.

Vulnerable Systems

Application

  • Kde Kpdf

  • Xpdf 3.0

  • Xpdf 3.0 Pl2

  • Xpdf 3.0 Pl3


References

VUPEN - ADV-2007-2280

UBUNTU - USN-163-1

BID - 14529

FEDORA - FLSA:175404

FEDORA - FLSA-2006:176751

REDHAT - RHSA-2005:708

REDHAT - RHSA-2005:706

REDHAT - RHSA-2005:671

REDHAT - RHSA-2005:670

SUSE - SUSE-SR:2005:019

MANDRIVA - MDKSA-2005:138

DEBIAN - DSA-936

DEBIAN - DSA-1136

DEBIAN - DSA-780

SECUNIA - 21339

SECUNIA - 18407

SECUNIA - 18398

SECUNIA - 17277

SCO - SCOSA-2005.42

SUNALERT - 102972

SECUNIA - 25729


Last Updated: 27 May 2016 10:40:24