This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Xpdf First view 2005-01-10
Product Xpdf Last view 2007-01-08
Version 3.0 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:xpdf:xpdf

Activity : Overall

Related : CVE

  Date Alert Description
6.8 2007-01-08 CVE-2007-0104

The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.

7.6 2006-03-15 CVE-2006-1244

Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed. Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature.

5 2005-12-31 CVE-2005-3626

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.

10 2005-12-31 CVE-2005-3625

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."

5 2005-12-31 CVE-2005-3624

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.

5.1 2005-12-06 CVE-2005-3193

Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and (5) libextractor allows user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with large size values that cause insufficient memory to be allocated.

5.1 2005-12-06 CVE-2005-3191

Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KDE kpdf, (d) pdftohtml, (e) KOffice KWord, (f) CUPS, and (g) libextractor allow user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with an out-of-range number of components (numComps), which is used as an array index.

2.1 2005-08-16 CVE-2005-2097

xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temporary file to be created when xpdf attempts to reconstruct the information.

7.5 2005-05-02 CVE-2005-0064

Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value.

7.5 2005-04-27 CVE-2005-0206

The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.

10 2005-01-27 CVE-2004-0889

Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.

10 2005-01-27 CVE-2004-0888

Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889.

9.3 2005-01-10 CVE-2004-1125

Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded.

CWE : Common Weakness Enumeration

%idName
28% (2) CWE-399 Resource Management Errors
28% (2) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
28% (2) CWE-20 Improper Input Validation
14% (1) CWE-189 Numeric Errors

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-47 Buffer Overflow via Parameter Expansion

Open Source Vulnerability Database (OSVDB)

id Description
44330 CUPS on Red Hat 64-bit pdftops Crafted PDF File Handling Overflow
32871 Multiple Products Adobe PDF Specification Invalid Tree Node DoS
32870 Multiple Products Adobe PDF Specification Malformed Catalog Dictionary DoS
23834 Multiple Products Xpdf/kpdf Multiple Unspecified Issues
22236 Multiple Products Xpdf/kpdf Stream.cc DCTDecode Stream Processing Multiple Fu...
22235 Multiple Products Xpdf/kpdf Crafted FlateDecode Stream NULL Dereference DoS
22234 Multiple Products Xpdf/kpdf Crafted CCITTFaxDecode / DCTDecode Stream DoS
22233 Multiple Products Xpdf/kpdf Stream.cc CCITTFaxStream::CCITTFaxStream Function...
21463 Multiple Products Xpdf/kpdf JPXStream.cc JPXStream::readCodestream Function O...
21462 Multiple Products Xpdf/kpdf StreamPredictor Function numComps Field Overflow DoS
18693 GNOME gpdf Temporary File Disk Space Consumption DoS
18667 KDE kpdf Temporary File Disk Space Consumption DoS
18666 Xpdf Temporary File Disk Space Consumption DoS
16894 Xpdf Integer Overflow Patch 64 Bit Architecture Failure
13149 Xpdf Multiple Unspecified Remote Overflows
13050 Xpdf Decrypt::makeFileKey2() keyLength Overflow
12554 Multiple Vendor pdf Gfx::doImage() Function Overflow
11034 Xpdf Page Size Remote Overflow
11033 Xpdf indexHigh Color Size Remote Overflow

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2009-10-10 Name : SLES9: Security update for Cups
File : nvt/sles9p5020714.nasl
2009-10-10 Name : SLES9: Security update for CUPS
File : nvt/sles9p5014529.nasl
2009-10-10 Name : SLES9: Security update for cups
File : nvt/sles9p5012225.nasl
2009-10-10 Name : SLES9: Security update for cups
File : nvt/sles9p5011363.nasl
2009-04-09 Name : Mandriva Update for xpdf MDKSA-2007:021 (xpdf)
File : nvt/gb_mandriva_MDKSA_2007_021.nasl
2009-04-09 Name : Mandriva Update for koffice MDKSA-2007:018 (koffice)
File : nvt/gb_mandriva_MDKSA_2007_018.nasl
2009-04-09 Name : Mandriva Update for pdftohtml MDKSA-2007:019 (pdftohtml)
File : nvt/gb_mandriva_MDKSA_2007_019.nasl
2009-04-09 Name : Mandriva Update for poppler MDKSA-2007:020 (poppler)
File : nvt/gb_mandriva_MDKSA_2007_020.nasl
2009-04-09 Name : Mandriva Update for tetex MDKSA-2007:022 (tetex)
File : nvt/gb_mandriva_MDKSA_2007_022.nasl
2009-04-09 Name : Mandriva Update for kdegraphics MDKSA-2007:024 (kdegraphics)
File : nvt/gb_mandriva_MDKSA_2007_024.nasl
2009-03-23 Name : Ubuntu Update for kdegraphics, koffice, poppler vulnerability USN-410-1
File : nvt/gb_ubuntu_USN_410_1.nasl
2009-03-23 Name : Ubuntu Update for tetex-bin vulnerability USN-410-2
File : nvt/gb_ubuntu_USN_410_2.nasl
2009-03-06 Name : RedHat Update for cups RHSA-2008:0206-01
File : nvt/gb_RHSA-2008_0206-01_cups.nasl
2009-02-27 Name : CentOS Update for cups CESA-2008:0206 centos4 x86_64
File : nvt/gb_CESA-2008_0206_cups_centos4_x86_64.nasl
2009-02-27 Name : Fedora Update for cups FEDORA-2007-1219
File : nvt/gb_fedora_2007_1219_cups_fc5.nasl
2009-02-27 Name : CentOS Update for cups CESA-2008:0206 centos4 i386
File : nvt/gb_CESA-2008_0206_cups_centos4_i386.nasl
2009-02-27 Name : CentOS Update for cups CESA-2008:0206 centos3 x86_64
File : nvt/gb_CESA-2008_0206_cups_centos3_x86_64.nasl
2009-02-27 Name : CentOS Update for cups CESA-2008:0206 centos3 i386
File : nvt/gb_CESA-2008_0206_cups_centos3_i386.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200508-08 (xpdf kpdf gpdf)
File : nvt/glsa_200508_08.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200410-20 (Xpdf)
File : nvt/glsa_200410_20.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200410-30 (GPdf)
File : nvt/glsa_200410_30.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200411-30 (pdftohtml)
File : nvt/glsa_200411_30.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200412-24 (Xpdf)
File : nvt/glsa_200412_24.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200412-25 (CUPS)
File : nvt/glsa_200412_25.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200501-13 (pdftohtml)
File : nvt/glsa_200501_13.nasl

Snort® IPS/IDS

Date Description
2014-01-10 Adobe Acrobat Reader PDF Catalog Handling denial of service attempt
RuleID : 17361 - Type : FILE-PDF - Revision : 16

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2008-0206.nasl - Type: ACT_GATHER_INFO
2012-09-24 Name: The remote Fedora Core host is missing a security update.
File: fedora_2006-010.nasl - Type: ACT_GATHER_INFO
2012-09-24 Name: The remote Fedora Core host is missing a security update.
File: fedora_2006-011.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2005-041.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing a security update.
File: mandrake_MDKSA-2005-042.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing a security update.
File: mandrake_MDKSA-2005-043.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2005-044.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2005-056.nasl - Type: ACT_GATHER_INFO
2012-08-01 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20080401_cups_on_SL3_x.nasl - Type: ACT_GATHER_INFO
2008-04-04 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2008-0206.nasl - Type: ACT_GATHER_INFO
2008-04-04 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2008-0206.nasl - Type: ACT_GATHER_INFO
2007-12-13 Name: The remote SuSE 10 host is missing a security-related patch.
File: suse_cups-2528.nasl - Type: ACT_GATHER_INFO
2007-12-13 Name: The remote SuSE 10 host is missing a security-related patch.
File: suse_kdegraphics3-pdf-2564.nasl - Type: ACT_GATHER_INFO
2007-12-13 Name: The remote SuSE 10 host is missing a security-related patch.
File: suse_poppler-2589.nasl - Type: ACT_GATHER_INFO
2007-12-13 Name: The remote SuSE 10 host is missing a security-related patch.
File: suse_xpdf-tools-2474.nasl - Type: ACT_GATHER_INFO
2007-11-10 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-410-1.nasl - Type: ACT_GATHER_INFO
2007-11-10 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-410-2.nasl - Type: ACT_GATHER_INFO
2007-10-17 Name: The remote openSUSE host is missing a security update.
File: suse_cups-2527.nasl - Type: ACT_GATHER_INFO
2007-10-17 Name: The remote openSUSE host is missing a security update.
File: suse_gpdf-2596.nasl - Type: ACT_GATHER_INFO
2007-10-17 Name: The remote openSUSE host is missing a security update.
File: suse_kdegraphics3-pdf-2565.nasl - Type: ACT_GATHER_INFO
2007-10-17 Name: The remote openSUSE host is missing a security update.
File: suse_koffice-wordprocessing-2577.nasl - Type: ACT_GATHER_INFO
2007-10-17 Name: The remote openSUSE host is missing a security update.
File: suse_koffice-wordprocessing-2648.nasl - Type: ACT_GATHER_INFO
2007-10-17 Name: The remote openSUSE host is missing a security update.
File: suse_libextractor-2494.nasl - Type: ACT_GATHER_INFO
2007-10-17 Name: The remote openSUSE host is missing a security update.
File: suse_pdftohtml-2475.nasl - Type: ACT_GATHER_INFO
2007-10-17 Name: The remote openSUSE host is missing a security update.
File: suse_poppler-2590.nasl - Type: ACT_GATHER_INFO