CVE-2005-3193 Information

Feb 14, 2021 cve

Description

Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier as used in products such as (1) Poppler (2) teTeX (3) KDE kpdf (4) CUPS and (5) libextractor allows user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with large size values that cause insufficient memory to be allocated.

Reference

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html http://rhn.redhat.com/errata/RHSA-2005-868.html http://secunia.com/advisories/17897 http://secunia.com/advisories/17912 http://secunia.com/advisories/17916 http://secunia.com/advisories/17920 http://secunia.com/advisories/17926 http://secunia.com/advisories/17929 http://secunia.com/advisories/17940 http://secunia.com/advisories/17955 http://secunia.com/advisories/17956 http://secunia.com/advisories/17959 http://secunia.com/advisories/17976 http://secunia.com/advisories/18009 http://secunia.com/advisories/18055 http://secunia.com/advisories/18061 http://secunia.com/advisories/18147 http://secunia.com/advisories/18189 http://secunia.com/advisories/18191 http://secunia.com/advisories/18192 http://secunia.com/advisories/18303 http://secunia.com/advisories/18313 http://secunia.com/advisories/18336 http://secunia.com/advisories/18349 http://secunia.com/advisories/18380 http://secunia.com/advisories/18385 http://secunia.com/advisories/18387 http://secunia.com/advisories/18389 http://secunia.com/advisories/18398 http://secunia.com/advisories/18407 http://secunia.com/advisories/18416 http://secunia.com/advisories/18448 http://secunia.com/advisories/18517 http://secunia.com/advisories/18520 http://secunia.com/advisories/18534 http://secunia.com/advisories/18554 http://secunia.com/advisories/18582 http://secunia.com/advisories/18674 http://secunia.com/advisories/18675 http://secunia.com/advisories/18679 http://secunia.com/advisories/18908 http://secunia.com/advisories/18913 http://secunia.com/advisories/19125 http://secunia.com/advisories/19230 http://secunia.com/advisories/19377 http://secunia.com/advisories/19797 http://secunia.com/advisories/19798 http://secunia.com/advisories/25729 http://secunia.com/advisories/26413 http://securityreason.com/securityalert/236 http://securitytracker.com/id?1015309 http://securitytracker.com/id?1015324 http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 http://www.debian.org/security/2005/dsa-931 http://www.debian.org/security/2005/dsa-932 http://www.debian.org/security/2005/dsa-937 http://www.debian.org/security/2005/dsa-938 http://www.debian.org/security/2005/dsa-940 http://www.debian.org/security/2006/dsa-936 http://www.debian.org/security/2006/dsa-950 http://www.debian.org/security/2006/dsa-961 http://www.debian.org/security/2006/dsa-962 http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml http://www.gentoo.org/security/en/glsa/glsa-200603-02.xml http://www.idefense.com/application/poi/display?id=345&type=vulnerabilities&flashstatus=true http://www.kde.org/info/security/advisory-20051207-1.txt http://www.kde.org/info/security/advisory-20051207-2.txt http://www.mandriva.com/security/advisories?name=MDKSA-2006:003 http://www.mandriva.com/security/advisories?name=MDKSA-2006:004 http://www.mandriva.com/security/advisories?name=MDKSA-2006:005 http://www.mandriva.com/security/advisories?name=MDKSA-2006:006 http://www.mandriva.com/security/advisories?name=MDKSA-2006:008 http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 http://www.mandriva.com/security/advisories?name=MDKSA-2006:012 http://www.novell.com/linux/security/advisories/2005_29_sr.html http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00014.html http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00022.html http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00073.html http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00043.html http://www.redhat.com/support/errata/RHSA-2005-840.html http://www.redhat.com/support/errata/RHSA-2005-867.html http://www.redhat.com/support/errata/RHSA-2005-878.html http://www.redhat.com/support/errata/RHSA-2006-0160.html http://www.securityfocus.com/archive/1/418883/100/0/threaded http://www.securityfocus.com/archive/1/427053/100/0/threaded http://www.securityfocus.com/archive/1/427990/100/0/threaded http://www.securityfocus.com/bid/15721 http://www.trustix.org/errata/2005/0072/ http://www.ubuntulinux.org/usn/usn-227-1 http://www.vupen.com/english/advisories/2005/2787 http://www.vupen.com/english/advisories/2005/2789 http://www.vupen.com/english/advisories/2005/2790 http://www.vupen.com/english/advisories/2005/2856 http://www.vupen.com/english/advisories/2007/2280 https://exchange.xforce.ibmcloud.com/vulnerabilities/23441 https://issues.rpath.com/browse/RPL-1609 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A11440

Share on: