CVE-2005-3192 Information

Feb 14, 2021 cve

Description

Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01 as used in products such as (1) Poppler (2) teTeX (3) KDE kpdf and (4) pdftohtml (5) KOffice KWord (6) CUPS and (7) libextractor allows remote attackers to execute arbitrary code via a PDF file with an out-of-range numComps (number of components) field.

Reference

ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.01pl1.patch ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289 http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html http://rhn.redhat.com/errata/RHSA-2005-868.html http://scary.beasts.org/security/CESA-2005-003.txt http://secunia.com/advisories/17897/ http://secunia.com/advisories/17908 http://secunia.com/advisories/17912 http://secunia.com/advisories/17916 http://secunia.com/advisories/17920 http://secunia.com/advisories/17921 http://secunia.com/advisories/17926 http://secunia.com/advisories/17929 http://secunia.com/advisories/17940 http://secunia.com/advisories/17955 http://secunia.com/advisories/17976 http://secunia.com/advisories/18009 http://secunia.com/advisories/18055 http://secunia.com/advisories/18061 http://secunia.com/advisories/18189 http://secunia.com/advisories/18191 http://secunia.com/advisories/18192 http://secunia.com/advisories/18303 http://secunia.com/advisories/18313 http://secunia.com/advisories/18336 http://secunia.com/advisories/18349 http://secunia.com/advisories/18380 http://secunia.com/advisories/18385 http://secunia.com/advisories/18387 http://secunia.com/advisories/18389 http://secunia.com/advisories/18398 http://secunia.com/advisories/18407 http://secunia.com/advisories/18416 http://secunia.com/advisories/18428 http://secunia.com/advisories/18436 http://secunia.com/advisories/18448 http://secunia.com/advisories/18503 http://secunia.com/advisories/18517 http://secunia.com/advisories/18534 http://secunia.com/advisories/18549 http://secunia.com/advisories/18554 http://secunia.com/advisories/18582 http://secunia.com/advisories/18674 http://secunia.com/advisories/18675 http://secunia.com/advisories/18679 http://secunia.com/advisories/18908 http://secunia.com/advisories/18913 http://secunia.com/advisories/19230 http://secunia.com/advisories/19377 http://secunia.com/advisories/19797 http://secunia.com/advisories/19798 http://secunia.com/advisories/25729 http://secunia.com/advisories/26413 http://securityreason.com/securityalert/235 http://securityreason.com/securityalert/240 http://securitytracker.com/id?1015309 http://securitytracker.com/id?1015324 http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 http://www.debian.org/security/2005/dsa-931 http://www.debian.org/security/2005/dsa-932 http://www.debian.org/security/2006/dsa-936 http://www.debian.org/security/2006/dsa-937 http://www.debian.org/security/2006/dsa-950 http://www.debian.org/security/2006/dsa-961 http://www.debian.org/security/2006/dsa-962 http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml http://www.idefense.com/application/poi/display?id=344&type=vulnerabilities http://www.kde.org/info/security/advisory-20051207-1.txt http://www.kde.org/info/security/advisory-20051207-2.txt http://www.mandriva.com/security/advisories?name=MDKSA-2006:003 http://www.mandriva.com/security/advisories?name=MDKSA-2006:004 http://www.mandriva.com/security/advisories?name=MDKSA-2006:005 http://www.mandriva.com/security/advisories?name=MDKSA-2006:006 http://www.mandriva.com/security/advisories?name=MDKSA-2006:008 http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 http://www.novell.com/linux/security/advisories/2005_29_sr.html http://www.novell.com/linux/security/advisories/2006_02_sr.html http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html http://www.redhat.com/support/errata/RHSA-2005-840.html http://www.redhat.com/support/errata/RHSA-2005-867.html http://www.redhat.com/support/errata/RHSA-2005-878.html http://www.redhat.com/support/errata/RHSA-2006-0160.html http://www.securityfocus.com/archive/1/418883/100/0/threaded http://www.securityfocus.com/archive/1/427053/100/0/threaded http://www.securityfocus.com/archive/1/427990/100/0/threaded http://www.securityfocus.com/bid/15725 http://www.trustix.org/errata/2005/0072/ http://www.ubuntulinux.org/usn/usn-227-1 http://www.vupen.com/english/advisories/2005/2755 http://www.vupen.com/english/advisories/2005/2786 http://www.vupen.com/english/advisories/2005/2787 http://www.vupen.com/english/advisories/2005/2788 http://www.vupen.com/english/advisories/2005/2789 http://www.vupen.com/english/advisories/2005/2790 http://www.vupen.com/english/advisories/2005/2856 http://www.vupen.com/english/advisories/2007/2280 https://exchange.xforce.ibmcloud.com/vulnerabilities/23442 https://issues.rpath.com/browse/RPL-1609 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10914

Share on: