CVE-2005-3628

Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via unknown attack vectors.
References
Link Resource
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html Patch Vendor Advisory
http://secunia.com/advisories/18147
http://secunia.com/advisories/18380
http://secunia.com/advisories/18385 Patch Vendor Advisory
http://secunia.com/advisories/18387 Patch Vendor Advisory
http://secunia.com/advisories/18389 Patch Vendor Advisory
http://secunia.com/advisories/18398 Patch Vendor Advisory
http://secunia.com/advisories/18407 Patch Vendor Advisory
http://secunia.com/advisories/18416 Patch Vendor Advisory
http://secunia.com/advisories/18428
http://secunia.com/advisories/18436
http://secunia.com/advisories/18534 Patch Vendor Advisory
http://secunia.com/advisories/18582 Patch Vendor Advisory
http://secunia.com/advisories/18674
http://secunia.com/advisories/18675
http://secunia.com/advisories/18679
http://secunia.com/advisories/18908
http://secunia.com/advisories/18913
http://secunia.com/advisories/19230
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
http://www.debian.org/security/2005/dsa-931
http://www.debian.org/security/2005/dsa-932
http://www.debian.org/security/2005/dsa-937
http://www.debian.org/security/2005/dsa-938
http://www.debian.org/security/2005/dsa-940
http://www.debian.org/security/2006/dsa-936 Patch Vendor Advisory
http://www.debian.org/security/2006/dsa-950 Patch Vendor Advisory
http://www.debian.org/security/2006/dsa-961
http://www.debian.org/security/2006/dsa-962
http://www.mandriva.com/security/advisories?name=MDKSA-2006:010
http://www.mandriva.com/security/advisories?name=MDKSA-2006:011
http://www.mandriva.com/security/advisories?name=MDKSA-2006:012
http://www.redhat.com/support/errata/RHSA-2006-0160.html Patch Vendor Advisory
http://www.securityfocus.com/archive/1/427053/100/0/threaded
http://www.securityfocus.com/archive/1/427990/100/0/threaded
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10287
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html Patch Vendor Advisory
http://secunia.com/advisories/18147
http://secunia.com/advisories/18380
http://secunia.com/advisories/18385 Patch Vendor Advisory
http://secunia.com/advisories/18387 Patch Vendor Advisory
http://secunia.com/advisories/18389 Patch Vendor Advisory
http://secunia.com/advisories/18398 Patch Vendor Advisory
http://secunia.com/advisories/18407 Patch Vendor Advisory
http://secunia.com/advisories/18416 Patch Vendor Advisory
http://secunia.com/advisories/18428
http://secunia.com/advisories/18436
http://secunia.com/advisories/18534 Patch Vendor Advisory
http://secunia.com/advisories/18582 Patch Vendor Advisory
http://secunia.com/advisories/18674
http://secunia.com/advisories/18675
http://secunia.com/advisories/18679
http://secunia.com/advisories/18908
http://secunia.com/advisories/18913
http://secunia.com/advisories/19230
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
http://www.debian.org/security/2005/dsa-931
http://www.debian.org/security/2005/dsa-932
http://www.debian.org/security/2005/dsa-937
http://www.debian.org/security/2005/dsa-938
http://www.debian.org/security/2005/dsa-940
http://www.debian.org/security/2006/dsa-936 Patch Vendor Advisory
http://www.debian.org/security/2006/dsa-950 Patch Vendor Advisory
http://www.debian.org/security/2006/dsa-961
http://www.debian.org/security/2006/dsa-962
http://www.mandriva.com/security/advisories?name=MDKSA-2006:010
http://www.mandriva.com/security/advisories?name=MDKSA-2006:011
http://www.mandriva.com/security/advisories?name=MDKSA-2006:012
http://www.redhat.com/support/errata/RHSA-2006-0160.html Patch Vendor Advisory
http://www.securityfocus.com/archive/1/427053/100/0/threaded
http://www.securityfocus.com/archive/1/427990/100/0/threaded
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10287
Configurations

Configuration 1 (hide)

cpe:2.3:a:xpdf:xpdf:*:*:*:*:*:*:*:*

History

21 Nov 2024, 00:02

Type Values Removed Values Added
References () ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U - () ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U -
References () http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html - Patch, Vendor Advisory () http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html - Patch, Vendor Advisory
References () http://secunia.com/advisories/18147 - () http://secunia.com/advisories/18147 -
References () http://secunia.com/advisories/18380 - () http://secunia.com/advisories/18380 -
References () http://secunia.com/advisories/18385 - Patch, Vendor Advisory () http://secunia.com/advisories/18385 - Patch, Vendor Advisory
References () http://secunia.com/advisories/18387 - Patch, Vendor Advisory () http://secunia.com/advisories/18387 - Patch, Vendor Advisory
References () http://secunia.com/advisories/18389 - Patch, Vendor Advisory () http://secunia.com/advisories/18389 - Patch, Vendor Advisory
References () http://secunia.com/advisories/18398 - Patch, Vendor Advisory () http://secunia.com/advisories/18398 - Patch, Vendor Advisory
References () http://secunia.com/advisories/18407 - Patch, Vendor Advisory () http://secunia.com/advisories/18407 - Patch, Vendor Advisory
References () http://secunia.com/advisories/18416 - Patch, Vendor Advisory () http://secunia.com/advisories/18416 - Patch, Vendor Advisory
References () http://secunia.com/advisories/18428 - () http://secunia.com/advisories/18428 -
References () http://secunia.com/advisories/18436 - () http://secunia.com/advisories/18436 -
References () http://secunia.com/advisories/18534 - Patch, Vendor Advisory () http://secunia.com/advisories/18534 - Patch, Vendor Advisory
References () http://secunia.com/advisories/18582 - Patch, Vendor Advisory () http://secunia.com/advisories/18582 - Patch, Vendor Advisory
References () http://secunia.com/advisories/18674 - () http://secunia.com/advisories/18674 -
References () http://secunia.com/advisories/18675 - () http://secunia.com/advisories/18675 -
References () http://secunia.com/advisories/18679 - () http://secunia.com/advisories/18679 -
References () http://secunia.com/advisories/18908 - () http://secunia.com/advisories/18908 -
References () http://secunia.com/advisories/18913 - () http://secunia.com/advisories/18913 -
References () http://secunia.com/advisories/19230 - () http://secunia.com/advisories/19230 -
References () http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 - () http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 -
References () http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 - () http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 -
References () http://www.debian.org/security/2005/dsa-931 - () http://www.debian.org/security/2005/dsa-931 -
References () http://www.debian.org/security/2005/dsa-932 - () http://www.debian.org/security/2005/dsa-932 -
References () http://www.debian.org/security/2005/dsa-937 - () http://www.debian.org/security/2005/dsa-937 -
References () http://www.debian.org/security/2005/dsa-938 - () http://www.debian.org/security/2005/dsa-938 -
References () http://www.debian.org/security/2005/dsa-940 - () http://www.debian.org/security/2005/dsa-940 -
References () http://www.debian.org/security/2006/dsa-936 - Patch, Vendor Advisory () http://www.debian.org/security/2006/dsa-936 - Patch, Vendor Advisory
References () http://www.debian.org/security/2006/dsa-950 - Patch, Vendor Advisory () http://www.debian.org/security/2006/dsa-950 - Patch, Vendor Advisory
References () http://www.debian.org/security/2006/dsa-961 - () http://www.debian.org/security/2006/dsa-961 -
References () http://www.debian.org/security/2006/dsa-962 - () http://www.debian.org/security/2006/dsa-962 -
References () http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 - () http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 -
References () http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 - () http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 -
References () http://www.mandriva.com/security/advisories?name=MDKSA-2006:012 - () http://www.mandriva.com/security/advisories?name=MDKSA-2006:012 -
References () http://www.redhat.com/support/errata/RHSA-2006-0160.html - Patch, Vendor Advisory () http://www.redhat.com/support/errata/RHSA-2006-0160.html - Patch, Vendor Advisory
References () http://www.securityfocus.com/archive/1/427053/100/0/threaded - () http://www.securityfocus.com/archive/1/427053/100/0/threaded -
References () http://www.securityfocus.com/archive/1/427990/100/0/threaded - () http://www.securityfocus.com/archive/1/427990/100/0/threaded -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10287 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10287 -

Information

Published : 2005-12-31 05:00

Updated : 2024-11-21 00:02


NVD link : CVE-2005-3628

Mitre link : CVE-2005-3628

CVE.ORG link : CVE-2005-3628


JSON object : View

Products Affected

xpdf

  • xpdf