This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Xpdf First view 2005-08-16
Product Xpdf Last view 2007-01-08
Version 3.0_pl2 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:xpdf:xpdf

Activity : Overall

Related : CVE

  Date Alert Description
6.8 2007-01-08 CVE-2007-0104

The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.

7.6 2006-03-15 CVE-2006-1244

Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed. Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature.

5.1 2005-12-06 CVE-2005-3193

Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and (5) libextractor allows user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with large size values that cause insufficient memory to be allocated.

5.1 2005-12-06 CVE-2005-3191

Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KDE kpdf, (d) pdftohtml, (e) KOffice KWord, (f) CUPS, and (g) libextractor allow user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with an out-of-range number of components (numComps), which is used as an array index.

2.1 2005-08-16 CVE-2005-2097

xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temporary file to be created when xpdf attempts to reconstruct the information.

CWE : Common Weakness Enumeration

%idName
66% (2) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
33% (1) CWE-20 Improper Input Validation

Open Source Vulnerability Database (OSVDB)

id Description
32871 Multiple Products Adobe PDF Specification Invalid Tree Node DoS
32870 Multiple Products Adobe PDF Specification Malformed Catalog Dictionary DoS
23834 Multiple Products Xpdf/kpdf Multiple Unspecified Issues
22236 Multiple Products Xpdf/kpdf Stream.cc DCTDecode Stream Processing Multiple Fu...
21463 Multiple Products Xpdf/kpdf JPXStream.cc JPXStream::readCodestream Function O...
21462 Multiple Products Xpdf/kpdf StreamPredictor Function numComps Field Overflow DoS
18693 GNOME gpdf Temporary File Disk Space Consumption DoS
18667 KDE kpdf Temporary File Disk Space Consumption DoS
18666 Xpdf Temporary File Disk Space Consumption DoS

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2009-10-10 Name : SLES9: Security update for cups
File : nvt/sles9p5012225.nasl
2009-10-10 Name : SLES9: Security update for cups
File : nvt/sles9p5011363.nasl
2009-04-09 Name : Mandriva Update for kdegraphics MDKSA-2007:024 (kdegraphics)
File : nvt/gb_mandriva_MDKSA_2007_024.nasl
2009-04-09 Name : Mandriva Update for tetex MDKSA-2007:022 (tetex)
File : nvt/gb_mandriva_MDKSA_2007_022.nasl
2009-04-09 Name : Mandriva Update for xpdf MDKSA-2007:021 (xpdf)
File : nvt/gb_mandriva_MDKSA_2007_021.nasl
2009-04-09 Name : Mandriva Update for poppler MDKSA-2007:020 (poppler)
File : nvt/gb_mandriva_MDKSA_2007_020.nasl
2009-04-09 Name : Mandriva Update for pdftohtml MDKSA-2007:019 (pdftohtml)
File : nvt/gb_mandriva_MDKSA_2007_019.nasl
2009-04-09 Name : Mandriva Update for koffice MDKSA-2007:018 (koffice)
File : nvt/gb_mandriva_MDKSA_2007_018.nasl
2009-03-23 Name : Ubuntu Update for tetex-bin vulnerability USN-410-2
File : nvt/gb_ubuntu_USN_410_2.nasl
2009-03-23 Name : Ubuntu Update for kdegraphics, koffice, poppler vulnerability USN-410-1
File : nvt/gb_ubuntu_USN_410_1.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200603-02 (tetex)
File : nvt/glsa_200603_02.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200601-02 (kdegraphics, kpdf, koffice, kword)
File : nvt/glsa_200601_02.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200512-08 (xpdf, gpdf, poppler,cups)
File : nvt/glsa_200512_08.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200508-08 (xpdf kpdf gpdf)
File : nvt/glsa_200508_08.nasl
2008-09-04 Name : FreeBSD Ports: xpdf
File : nvt/freebsd_xpdf1.nasl
2008-01-17 Name : Debian Security Advisory DSA 1136-1 (gpdf)
File : nvt/deb_1136_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 961-1 (pdfkit.framework)
File : nvt/deb_961_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 1019-1 (koffice)
File : nvt/deb_1019_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 931-1 (xpdf)
File : nvt/deb_931_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 932-1 (xpdf)
File : nvt/deb_932_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 936-1 (libextractor)
File : nvt/deb_936_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 937-1 (tetex-bin)
File : nvt/deb_937_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 938-1 (koffice)
File : nvt/deb_938_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 940-1 (gpdf)
File : nvt/deb_940_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 950-1 (cupsys)
File : nvt/deb_950_1.nasl

Snort® IPS/IDS

Date Description
2014-01-10 Adobe Acrobat Reader PDF Catalog Handling denial of service attempt
RuleID : 17361 - Type : FILE-PDF - Revision : 16

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2007-12-13 Name: The remote SuSE 10 host is missing a security-related patch.
File: suse_xpdf-tools-2474.nasl - Type: ACT_GATHER_INFO
2007-12-13 Name: The remote SuSE 10 host is missing a security-related patch.
File: suse_poppler-2589.nasl - Type: ACT_GATHER_INFO
2007-12-13 Name: The remote SuSE 10 host is missing a security-related patch.
File: suse_cups-2528.nasl - Type: ACT_GATHER_INFO
2007-12-13 Name: The remote SuSE 10 host is missing a security-related patch.
File: suse_kdegraphics3-pdf-2564.nasl - Type: ACT_GATHER_INFO
2007-11-10 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-410-2.nasl - Type: ACT_GATHER_INFO
2007-11-10 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-410-1.nasl - Type: ACT_GATHER_INFO
2007-10-17 Name: The remote openSUSE host is missing a security update.
File: suse_kdegraphics3-pdf-2565.nasl - Type: ACT_GATHER_INFO
2007-10-17 Name: The remote openSUSE host is missing a security update.
File: suse_xpdf-tools-2472.nasl - Type: ACT_GATHER_INFO
2007-10-17 Name: The remote openSUSE host is missing a security update.
File: suse_xpdf-2473.nasl - Type: ACT_GATHER_INFO
2007-10-17 Name: The remote openSUSE host is missing a security update.
File: suse_poppler-2590.nasl - Type: ACT_GATHER_INFO
2007-10-17 Name: The remote openSUSE host is missing a security update.
File: suse_pdftohtml-2475.nasl - Type: ACT_GATHER_INFO
2007-10-17 Name: The remote openSUSE host is missing a security update.
File: suse_libextractor-2494.nasl - Type: ACT_GATHER_INFO
2007-10-17 Name: The remote openSUSE host is missing a security update.
File: suse_koffice-wordprocessing-2648.nasl - Type: ACT_GATHER_INFO
2007-10-17 Name: The remote openSUSE host is missing a security update.
File: suse_koffice-wordprocessing-2577.nasl - Type: ACT_GATHER_INFO
2007-10-17 Name: The remote openSUSE host is missing a security update.
File: suse_gpdf-2596.nasl - Type: ACT_GATHER_INFO
2007-10-17 Name: The remote openSUSE host is missing a security update.
File: suse_cups-2527.nasl - Type: ACT_GATHER_INFO
2007-02-18 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2007-024.nasl - Type: ACT_GATHER_INFO
2007-02-18 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2007-022.nasl - Type: ACT_GATHER_INFO
2007-02-18 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2007-021.nasl - Type: ACT_GATHER_INFO
2007-02-18 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2007-020.nasl - Type: ACT_GATHER_INFO
2007-02-18 Name: The remote Mandrake Linux host is missing a security update.
File: mandrake_MDKSA-2007-019.nasl - Type: ACT_GATHER_INFO
2007-02-18 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2007-018.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-982.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-984.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-983.nasl - Type: ACT_GATHER_INFO