CVE-2004-0888
NONE EPSS 94.8%
Published Jan 27, 200521y ago · Modified Jun 16, 20262w ago
Published Jan 27, 2005 21y ago
Last Modified Jun 16, 2026 2w ago
Description
Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889.
Threat Intelligence
EPSS Exploit Probability
94.8% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 93
| Vendor | Product | Version | Range |
|---|---|---|---|
| easy_software_products | cups | 1.0.4 | any |
| easy_software_products | cups | 1.0.4_8 | any |
| easy_software_products | cups | 1.1.1 | any |
| easy_software_products | cups | 1.1.4 | any |
| easy_software_products | cups | 1.1.4_2 | any |
| easy_software_products | cups | 1.1.4_3 | any |
| easy_software_products | cups | 1.1.4_5 | any |
| easy_software_products | cups | 1.1.6 | any |
| easy_software_products | cups | 1.1.7 | any |
| easy_software_products | cups | 1.1.10 | any |
| easy_software_products | cups | 1.1.12 | any |
| easy_software_products | cups | 1.1.13 | any |
| easy_software_products | cups | 1.1.14 | any |
| easy_software_products | cups | 1.1.15 | any |
| easy_software_products | cups | 1.1.16 | any |
| easy_software_products | cups | 1.1.17 | any |
| easy_software_products | cups | 1.1.18 | any |
| easy_software_products | cups | 1.1.19 | any |
| easy_software_products | cups | 1.1.19_rc5 | any |
| easy_software_products | cups | 1.1.20 | any |
| gnome | gpdf | 0.112 | any |
| gnome | gpdf | 0.131 | any |
| kde | koffice | 1.3 | any |
| kde | koffice | 1.3.1 | any |
| kde | koffice | 1.3.2 | any |
| kde | koffice | 1.3.3 | any |
| kde | koffice | 1.3_beta1 | any |
| kde | koffice | 1.3_beta2 | any |
| kde | koffice | 1.3_beta3 | any |
| kde | kpdf | 3.2 | any |
| pdftohtml | pdftohtml | 0.32a | any |
| pdftohtml | pdftohtml | 0.32b | any |
| pdftohtml | pdftohtml | 0.33 | any |
| pdftohtml | pdftohtml | 0.33a | any |
| pdftohtml | pdftohtml | 0.34 | any |
| pdftohtml | pdftohtml | 0.35 | any |
| pdftohtml | pdftohtml | 0.36 | any |
| tetex | tetex | 1.0.7 | any |
| tetex | tetex | 2.0 | any |
| tetex | tetex | 2.0.1 | any |
| tetex | tetex | 2.0.2 | any |
| xpdf | xpdf | 0.90 | any |
| xpdf | xpdf | 0.91 | any |
| xpdf | xpdf | 0.92 | any |
| xpdf | xpdf | 0.93 | any |
| xpdf | xpdf | 1.0 | any |
| xpdf | xpdf | 1.0a | any |
| xpdf | xpdf | 1.1 | any |
| xpdf | xpdf | 2.0 | any |
| xpdf | xpdf | 2.1 | any |
| xpdf | xpdf | 2.3 | any |
| xpdf | xpdf | 3.0 | any |
| debian | debian_linux | 3.0 | any |
| debian | debian_linux | 3.0 | any |
| debian | debian_linux | 3.0 | any |
| debian | debian_linux | 3.0 | any |
| debian | debian_linux | 3.0 | any |
| debian | debian_linux | 3.0 | any |
| debian | debian_linux | 3.0 | any |
| debian | debian_linux | 3.0 | any |
| debian | debian_linux | 3.0 | any |
| debian | debian_linux | 3.0 | any |
| debian | debian_linux | 3.0 | any |
| debian | debian_linux | 3.0 | any |
| gentoo | linux | * | any |
| kde | kde | 3.2 | any |
| kde | kde | 3.2.1 | any |
| kde | kde | 3.2.2 | any |
| kde | kde | 3.2.3 | any |
| kde | kde | 3.3 | any |
| kde | kde | 3.3.1 | any |
| redhat | enterprise_linux | 2.1 | any |
| redhat | enterprise_linux | 2.1 | any |
| redhat | enterprise_linux | 2.1 | any |
| redhat | enterprise_linux | 2.1 | any |
| redhat | enterprise_linux | 2.1 | any |
| redhat | enterprise_linux | 2.1 | any |
| redhat | enterprise_linux | 3.0 | any |
| redhat | enterprise_linux | 3.0 | any |
| redhat | enterprise_linux | 3.0 | any |
| redhat | enterprise_linux_desktop | 3.0 | any |
| redhat | fedora_core | core_2.0 | any |
| redhat | linux_advanced_workstation | 2.1 | any |
| redhat | linux_advanced_workstation | 2.1 | any |
| suse | suse_linux | 8.0 | any |
| suse | suse_linux | 8.1 | any |
| suse | suse_linux | 8.2 | any |
| suse | suse_linux | 9.0 | any |
| suse | suse_linux | 9.0 | any |
| suse | suse_linux | 9.1 | any |
| suse | suse_linux | 9.2 | any |
| ubuntu | ubuntu_linux | 4.1 | any |
| ubuntu | ubuntu_linux | 4.1 | any |
References 21
- distro.conectiva.com.br http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000886
- marc.info http://marc.info/?l=bugtraq&m=109880927526773&w=2
- marc.info http://marc.info/?l=bugtraq&m=110815379627883&w=2
- debian.org http://www.debian.org/security/2004/dsa-573
- debian.org http://www.debian.org/security/2004/dsa-581
- debian.org http://www.debian.org/security/2004/dsa-599
- gentoo.org http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml
- gentoo.org http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2004:113
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2004:114
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2004:115
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2004:116
- redhat.com http://www.redhat.com/support/errata/RHSA-2004-543.html
- redhat.com http://www.redhat.com/support/errata/RHSA-2004-592.html
- redhat.com http://www.redhat.com/support/errata/RHSA-2005-066.html
- redhat.com http://www.redhat.com/support/errata/RHSA-2005-354.html
- securityfocus.com http://www.securityfocus.com/bid/11501
- bugzilla.fedora.us https://bugzilla.fedora.us/show_bug.cgi?id=2353
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/17818
- oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9714
- ubuntu.com https://www.ubuntu.com/usn/usn-9-1/
Remediation
- redhat.com http://www.redhat.com/support/errata/RHSA-2004-543.html
- securityfocus.com http://www.securityfocus.com/bid/11501