Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3192

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-3192
Last Modified 17 Oct 2011 12:00:00
Published 07 Dec 2005 08:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3192

Summary

Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitrary code via a PDF file with an out-of-range numComps (number of components) field.

Vulnerable Systems

Application

  • Xpdf 3.0.1


References

XF - xpdf-streampredictor-bo(23442)

BID - 15725

REDHAT - RHSA-2005:840

IDEFENSE - 20051205 Multiple Vendor xpdf StreamPredictor Heap Overflow Vulnerability

SECUNIA - 17897

CONFIRM - ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.01pl1.patch

VUPEN - ADV-2007-2280

VUPEN - ADV-2005-2856

VUPEN - ADV-2005-2790

VUPEN - ADV-2005-2789

VUPEN - ADV-2005-2788

VUPEN - ADV-2005-2787

VUPEN - ADV-2005-2786

VUPEN - ADV-2005-2755

UBUNTU - USN-227-1

TRUSTIX - TSLSA-2005-0072

BUGTRAQ - 20051207 [KDE Security Advisory] multiple buffer overflows in kpdf/koffice

REDHAT - RHSA-2005:878

REDHAT - RHSA-2005:867

FEDORA - FEDORA-2005-1142

FEDORA - FEDORA-2005-1141

MANDRIVA - MDKSA-2006:010

CONFIRM - http://www.kde.org/info/security/advisory-20051207-2.txt

CONFIRM - http://www.kde.org/info/security/advisory-20051207-1.txt

GENTOO - GLSA-200601-02

GENTOO - GLSA-200512-08

DEBIAN - DSA-950

DEBIAN - DSA-936

DEBIAN - DSA-932

DEBIAN - DSA-931

SECTRACK - 1015324

SECTRACK - 1015309

SECUNIA - 18448

SECUNIA - 18416

SECUNIA - 18389

SECUNIA - 18387

SECUNIA - 18385

SECUNIA - 18349

SECUNIA - 18336

SECUNIA - 18313

SECUNIA - 18192

SECUNIA - 18191

SECUNIA - 18189

SECUNIA - 18061

SECUNIA - 18055

SECUNIA - 18009

SECUNIA - 17976

SECUNIA - 17940

SECUNIA - 17929

SECUNIA - 17926

SECUNIA - 17921

SECUNIA - 17920

SECUNIA - 17916

SECUNIA - 17912

SECUNIA - 17908

MISC - http://scary.beasts.org/security/CESA-2005-003.txt

REDHAT - RHSA-2005:868

SUSE - SUSE-SA:2006:001

MISC - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289

CONFIRM - https://issues.rpath.com/browse/RPL-1609

FEDORA - FLSA:175404

FEDORA - FLSA-2006:176751

REDHAT - RHSA-2006:0160

FEDORA - FEDORA-2005-1127

FEDORA - FEDORA-2005-1126

SUSE - SUSE-SR:2006:002

SUSE - SUSE-SR:2005:029

MANDRIVA - MDKSA-2006:011

MANDRIVA - MDKSA-2006:008

MANDRIVA - MDKSA-2006:006

MANDRIVA - MDKSA-2006:005

MANDRIVA - MDKSA-2006:004

MANDRIVA - MDKSA-2006:003

DEBIAN - DSA-962

DEBIAN - DSA-961

DEBIAN - DSA-937

SUNALERT - 102972

SLACKWARE - SSA:2006-045-04

SLACKWARE - SSA:2006-045-09

SREASON - 240

SREASON - 235

SECUNIA - 26413

SECUNIA - 25729

SECUNIA - 19798

SECUNIA - 19797

SECUNIA - 19377

SECUNIA - 19230

SECUNIA - 18913

SECUNIA - 18908

SECUNIA - 18679

SECUNIA - 18675

SECUNIA - 18674

SECUNIA - 18582

SECUNIA - 18554

SECUNIA - 18549

SECUNIA - 18534

SECUNIA - 18517

SECUNIA - 18503

SECUNIA - 18436

SECUNIA - 18428

SECUNIA - 18407

SECUNIA - 18398

SECUNIA - 18380

SECUNIA - 18303

SECUNIA - 17955

SGI - 20060201-01-U

SGI - 20060101-01-U

SGI - 20051201-01-U

SCO - SCOSA-2006.21

SCO - SCOSA-2006.20

SCO - SCOSA-2006.15


Last Updated: 27 May 2016 10:40:50