Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0301

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-0301
Last Modified 07 Mar 2011 12:00:00
Published 30 Jan 2006 05:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0301

Summary

Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap.

Vulnerable Systems

Application

  • Xpdf


References

XF - xpdf-splash-bo(24391)

UBUNTU - USN-249-1

FEDORA - FLSA:175404

BUGTRAQ - 20060202 [KDE Security Advisory] kpdf/xpdf heap based buffer overflow

REDHAT - RHSA-2006:0201

FEDORA - FEDORA-2006-103

MISC - http://www.kde.org/info/security/advisory-20060202-1.txt

GENTOO - GLSA-200602-12

GENTOO - GLSA-200602-05

GENTOO - GLSA-200602-04

DEBIAN - DSA-974

DEBIAN - DSA-972

DEBIAN - DSA-971

SLACKWARE - SSA:2006-045-04

SLACKWARE - SSA:2006-045-09

SECTRACK - 1015576

SECUNIA - 19377

SECUNIA - 18983

SECUNIA - 18913

SECUNIA - 18908

SECUNIA - 18882

SECUNIA - 18864

SECUNIA - 18862

SECUNIA - 18860

SECUNIA - 18839

SECUNIA - 18838

SECUNIA - 18837

SECUNIA - 18834

SECUNIA - 18826

SECUNIA - 18825

SECUNIA - 18707

SECUNIA - 18677

REDHAT - RHSA-2006:0206

SCO - SCOSA-2006.15

MISC - https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179046

CONFIRM - https://bugzilla.novell.com/show_bug.cgi?id=141242

VUPEN - ADV-2006-0422

VUPEN - ADV-2006-0389

MANDRIVA - MDKSA-2006:032

MANDRIVA - MDKSA-2006:031

MANDRIVA - MDKSA-2006:030

SREASON - 470

SECUNIA - 18875

SECUNIA - 18274


Last Updated: 27 May 2016 10:41:36