CVE-2006-0301 Information

Feb 14, 2021 cve

Description

Heap-based buffer overflow in Splash.cc in xpdf as used in other products such as (1) poppler (2) kdegraphics (3) gpdf (4) pdfkit.framework and others allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap.

Reference

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt http://rhn.redhat.com/errata/RHSA-2006-0206.html http://secunia.com/advisories/18274 http://secunia.com/advisories/18677 http://secunia.com/advisories/18707 http://secunia.com/advisories/18825 http://secunia.com/advisories/18826 http://secunia.com/advisories/18834 http://secunia.com/advisories/18837 http://secunia.com/advisories/18838 http://secunia.com/advisories/18839 http://secunia.com/advisories/18860 http://secunia.com/advisories/18862 http://secunia.com/advisories/18864 http://secunia.com/advisories/18875 http://secunia.com/advisories/18882 http://secunia.com/advisories/18908 http://secunia.com/advisories/18913 http://secunia.com/advisories/18983 http://secunia.com/advisories/19377 http://securityreason.com/securityalert/470 http://securitytracker.com/id?1015576 http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 http://www.debian.org/security/2006/dsa-971 http://www.debian.org/security/2006/dsa-972 http://www.debian.org/security/2006/dsa-974 http://www.gentoo.org/security/en/glsa/glsa-200602-04.xml http://www.gentoo.org/security/en/glsa/glsa-200602-05.xml http://www.gentoo.org/security/en/glsa/glsa-200602-12.xml http://www.kde.org/info/security/advisory-20060202-1.txt http://www.mandriva.com/security/advisories?name=MDKSA-2006:030 http://www.mandriva.com/security/advisories?name=MDKSA-2006:031 http://www.mandriva.com/security/advisories?name=MDKSA-2006:032 http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00039.html http://www.redhat.com/support/errata/RHSA-2006-0201.html http://www.securityfocus.com/archive/1/423899/100/0/threaded http://www.securityfocus.com/archive/1/427990/100/0/threaded http://www.ubuntu.com/usn/usn-249-1 http://www.vupen.com/english/advisories/2006/0389 http://www.vupen.com/english/advisories/2006/0422 https://bugzilla.novell.com/show_bug.cgi?id=141242 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179046 https://exchange.xforce.ibmcloud.com/vulnerabilities/24391 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10850

Share on: