Back to search
CVE-2005-3192
Published: Dec 8, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitrary code via a PDF file with an out-of-range numComps (number of components) field.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
17929
third-party-advisory
x_refsource_SECUNIA
19797
third-party-advisory
x_refsource_SECUNIA
xpdf-streampredictor-bo(23442)
vdb-entry
x_refsource_XF
DSA-932
vendor-advisory
x_refsource_DEBIAN
18349
third-party-advisory
x_refsource_SECUNIA
18055
third-party-advisory
x_refsource_SECUNIA
http://scary.beasts.org/security/CESA-2005-003.txt
x_refsource_MISC
http://www.kde.org/info/security/advisory-20051207-1.txt
x_refsource_CONFIRM
18503
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:10914
vdb-entry
signature
x_refsource_OVAL
18549
third-party-advisory
x_refsource_SECUNIA
http://www.kde.org/info/security/advisory-20051207-2.txt
x_refsource_CONFIRM
18679
third-party-advisory
x_refsource_SECUNIA
18189
third-party-advisory
x_refsource_SECUNIA
26413
third-party-advisory
x_refsource_SECUNIA
17940
third-party-advisory
x_refsource_SECUNIA
18303
third-party-advisory
x_refsource_SECUNIA
DSA-931
vendor-advisory
x_refsource_DEBIAN
18554
third-party-advisory
x_refsource_SECUNIA
MDKSA-2006:003
vendor-advisory
x_refsource_MANDRIVA
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289
x_refsource_MISC
19230
third-party-advisory
x_refsource_SECUNIA
102972
vendor-advisory
x_refsource_SUNALERT
DSA-962
vendor-advisory
x_refsource_DEBIAN
1015309
vdb-entry
x_refsource_SECTRACK
18398
third-party-advisory
x_refsource_SECUNIA
FLSA-2006:176751
vendor-advisory
x_refsource_FEDORA
SUSE-SA:2006:001
vendor-advisory
x_refsource_SUSE
DSA-936
vendor-advisory
x_refsource_DEBIAN
17916
third-party-advisory
x_refsource_SECUNIA
RHSA-2005:840
vendor-advisory
x_refsource_REDHAT
ADV-2005-2789
vdb-entry
x_refsource_VUPEN
RHSA-2005:867
vendor-advisory
x_refsource_REDHAT
18674
third-party-advisory
x_refsource_SECUNIA
MDKSA-2006:005
vendor-advisory
x_refsource_MANDRIVA
18313
third-party-advisory
x_refsource_SECUNIA
https://issues.rpath.com/browse/RPL-1609
x_refsource_CONFIRM
RHSA-2005:868
vendor-advisory
x_refsource_REDHAT
18448
third-party-advisory
x_refsource_SECUNIA
18436
third-party-advisory
x_refsource_SECUNIA
18428
third-party-advisory
x_refsource_SECUNIA
18380
third-party-advisory
x_refsource_SECUNIA
GLSA-200512-08
vendor-advisory
x_refsource_GENTOO
FEDORA-2005-1126
vendor-advisory
x_refsource_FEDORA
18416
third-party-advisory
x_refsource_SECUNIA
ADV-2007-2280
vdb-entry
x_refsource_VUPEN
GLSA-200601-02
vendor-advisory
x_refsource_GENTOO
FEDORA-2005-1142
vendor-advisory
x_refsource_FEDORA
18336
third-party-advisory
x_refsource_SECUNIA
18061
third-party-advisory
x_refsource_SECUNIA
18407
third-party-advisory
x_refsource_SECUNIA
18009
third-party-advisory
x_refsource_SECUNIA
17908
third-party-advisory
x_refsource_SECUNIA
USN-227-1
vendor-advisory
x_refsource_UBUNTU
18517
third-party-advisory
x_refsource_SECUNIA
18582
third-party-advisory
x_refsource_SECUNIA
SUSE-SR:2006:002
vendor-advisory
x_refsource_SUSE
18534
third-party-advisory
x_refsource_SECUNIA
20051205 Multiple Vendor xpdf StreamPredictor Heap Overflow Vulnerability
third-party-advisory
x_refsource_IDEFENSE
SSA:2006-045-09
vendor-advisory
x_refsource_SLACKWARE
TSLSA-2005-0072
vendor-advisory
x_refsource_TRUSTIX
FEDORA-2005-1127
vendor-advisory
x_refsource_FEDORA
20051207 [KDE Security Advisory] multiple buffer overflows in kpdf/koffice
mailing-list
x_refsource_BUGTRAQ
18908
third-party-advisory
x_refsource_SECUNIA
25729
third-party-advisory
x_refsource_SECUNIA
ADV-2005-2786
vdb-entry
x_refsource_VUPEN
MDKSA-2006:006
vendor-advisory
x_refsource_MANDRIVA
ADV-2005-2788
vdb-entry
x_refsource_VUPEN
17926
third-party-advisory
x_refsource_SECUNIA
19798
third-party-advisory
x_refsource_SECUNIA
ADV-2005-2755
vdb-entry
x_refsource_VUPEN
15725
vdb-entry
x_refsource_BID
MDKSA-2006:008
vendor-advisory
x_refsource_MANDRIVA
18191
third-party-advisory
x_refsource_SECUNIA
RHSA-2006:0160
vendor-advisory
x_refsource_REDHAT
17912
third-party-advisory
x_refsource_SECUNIA
MDKSA-2006:010
vendor-advisory
x_refsource_MANDRAKE
17921
third-party-advisory
x_refsource_SECUNIA
MDKSA-2006:004
vendor-advisory
x_refsource_MANDRIVA
ADV-2005-2790
vdb-entry
x_refsource_VUPEN
18389
third-party-advisory
x_refsource_SECUNIA
18192
third-party-advisory
x_refsource_SECUNIA
ADV-2005-2856
vdb-entry
x_refsource_VUPEN
SSA:2006-045-04
vendor-advisory
x_refsource_SLACKWARE
19377
third-party-advisory
x_refsource_SECUNIA
FLSA:175404
vendor-advisory
x_refsource_FEDORA
DSA-961
vendor-advisory
x_refsource_DEBIAN
235
third-party-advisory
x_refsource_SREASON
18675
third-party-advisory
x_refsource_SECUNIA
1015324
vdb-entry
x_refsource_SECTRACK
18913
third-party-advisory
x_refsource_SECUNIA
SUSE-SR:2005:029
vendor-advisory
x_refsource_SUSE
DSA-937
vendor-advisory
x_refsource_DEBIAN
ADV-2005-2787
vdb-entry
x_refsource_VUPEN
RHSA-2005:878
vendor-advisory
x_refsource_REDHAT
FEDORA-2005-1141
vendor-advisory
x_refsource_FEDORA
17920
third-party-advisory
x_refsource_SECUNIA
DSA-950
vendor-advisory
x_refsource_DEBIAN
17955
third-party-advisory
x_refsource_SECUNIA
17897
third-party-advisory
x_refsource_SECUNIA
17976
third-party-advisory
x_refsource_SECUNIA
18387
third-party-advisory
x_refsource_SECUNIA
240
third-party-advisory
x_refsource_SREASON
MDKSA-2006:011
vendor-advisory
x_refsource_MANDRIVA
18385
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now