Showing 1 - 6 of 6

CVE-2005-3627

Status Candidate

Overview

Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via a DCTDecode stream with (1) a large "number of components" value that is not checked by DCTStream::readBaselineSOF or DCTStream::readProgressiveSOF, (2) a large "Huffman table index" value that is not checked by DCTStream::readHuffmanTables, and (3) certain uses of the scanInfo.numComps value by DCTStream::readScanInfo.

Related Files

Debian Linux Security Advisory 962-1: Posted Feb 2, 2006; Authored by Debian | Site debian.org; Debian Security Advisory DSA 962-1 - infamous41md and Chris Evans discovered several heap based buffer overflows in xpdf which are also present in pdftohtml, a utility that translates PDF documents into HTML format, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code.; tags | advisory, denial of service, overflow, arbitrary; systems | linux, debian; advisories | CVE-2005-3191, CVE-2005-3192, CVE-2005-3193, CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, CVE-2005-3627, CVE-2005-3628; SHA-256 | 6fa70a3b6a6f9fb83291fc505e7022559c6acf11137079cda7a3ba7a7d9cb364; Download | Favorite | View

Debian Linux Security Advisory 961-1: Posted Feb 2, 2006; Authored by Debian | Site debian.org; Debian Security Advisory DSA 961-1 - infamous41md and Chris Evans discovered several heap based buffer overflows in xpdf which are also present in pdfkit.framework, the GNUstep framework for rendering PDF content, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code.; tags | advisory, denial of service, overflow, arbitrary; systems | linux, debian; advisories | CVE-2005-3191, CVE-2005-3192, CVE-2005-3193, CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, CVE-2005-3627, CVE-2005-3628; SHA-256 | 5043533427927678e995928343a8d90491370c45eda0582ade3e70b36444ccb4; Download | Favorite | View

Debian Linux Security Advisory 937-1: Posted Jan 15, 2006; Authored by Debian | Site debian.org; Debian Security Advisory DSA 937-1 - infamous41md and Chris Evans discovered several heap based buffer overflows in xpdf, the Portable Document Format (PDF) suite, which is also present in tetex-bin, the binary files of teTeX, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code.; tags | advisory, denial of service, overflow, arbitrary; systems | linux, debian; advisories | CVE-2005-3191, CVE-2005-3192, CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, CVE-2005-3627, CVE-2005-3628; SHA-256 | cdc9ec56d3dcb6f9b94ad26d56a66168bd2d076d82981f4c60ca29a34219df94; Download | Favorite | View

Debian Linux Security Advisory 936-1: Posted Jan 12, 2006; Authored by Debian | Site debian.org; Debian Security Advisory DSA 936-1 - infamous41md and Chris Evans discovered several heap based buffer overflows in xpdf, the Portable Document Format (PDF) suite, which is also present in libextractor, a library to extract arbitrary meta-data from files, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code.; tags | advisory, denial of service, overflow, arbitrary; systems | linux, debian; advisories | CVE-2005-3191, CVE-2005-3192, CVE-2005-3193, CVE-2005-2097, CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, CVE-2005-3627, CVE-2005-3628; SHA-256 | 05aa3a9e1b59b0e2922805f67a2a0515ad4a563507ef62f6b197bfe5c1fadfe6; Download | Favorite | View

Debian Linux Security Advisory 931-1: Posted Jan 10, 2006; Authored by Debian | Site debian.org; Debian Security Advisory DSA 931-1 - infamous41md and Chris Evans discovered several heap based buffer overflows in xpdf, the Portable Document Format (PDF) suite, that can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code.; tags | advisory, denial of service, overflow, arbitrary; systems | linux, debian; advisories | CVE-2005-3191, CVE-2005-3192, CVE-2005-3193, CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, CVE-2005-3627, CVE-2005-3628; SHA-256 | a51d43d11bcb80943a4cc66dcd5742c251907b7bee80f5542ce88d1aaa097349; Download | Favorite | View

Ubuntu Security Notice 236-1: Posted Jan 8, 2006; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice USN-236-1 - Chris Evans discovered several integer overflows in the XPDF code, which is present in xpdf, the Poppler library, and tetex-bin. By tricking an user into opening a specially crafted PDF file, an attacker could exploit this to execute arbitrary code with the privileges of the application that processes the document.; tags | advisory, overflow, arbitrary; systems | linux, ubuntu; advisories | CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, CVE-2005-3627; SHA-256 | 4e65f9e03fe3b5f4069685320e3f496dda2bbf8632badd271b76c8ae64247791; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 232 files
Ubuntu 59 files
Debian 27 files
Valentin Lobstein 11 files
LiquidWorm 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
Yevhenii Butenko 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,318)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,567)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,456)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

CVE-2005-3627

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems