CVE-2004-0889

NONE EPSS 92.7%
Published Jan 27, 200521y ago · Modified Jun 16, 20262w ago
Find Similar
Published Jan 27, 2005 21y ago
Last Modified Jun 16, 2026 2w ago

Description

Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.

Threat Intelligence

EPSS Exploit Probability
92.7% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 93

VendorProductVersionRange
easy_software_productscups1.0.4any
easy_software_productscups1.0.4_8any
easy_software_productscups1.1.1any
easy_software_productscups1.1.4any
easy_software_productscups1.1.4_2any
easy_software_productscups1.1.4_3any
easy_software_productscups1.1.4_5any
easy_software_productscups1.1.6any
easy_software_productscups1.1.7any
easy_software_productscups1.1.10any
easy_software_productscups1.1.12any
easy_software_productscups1.1.13any
easy_software_productscups1.1.14any
easy_software_productscups1.1.15any
easy_software_productscups1.1.16any
easy_software_productscups1.1.17any
easy_software_productscups1.1.18any
easy_software_productscups1.1.19any
easy_software_productscups1.1.19_rc5any
easy_software_productscups1.1.20any
gnomegpdf0.112any
gnomegpdf0.131any
kdekoffice1.3any
kdekoffice1.3.1any
kdekoffice1.3.2any
kdekoffice1.3.3any
kdekoffice1.3_beta1any
kdekoffice1.3_beta2any
kdekoffice1.3_beta3any
kdekpdf3.2any
pdftohtmlpdftohtml0.32aany
pdftohtmlpdftohtml0.32bany
pdftohtmlpdftohtml0.33any
pdftohtmlpdftohtml0.33aany
pdftohtmlpdftohtml0.34any
pdftohtmlpdftohtml0.35any
pdftohtmlpdftohtml0.36any
tetextetex1.0.7any
tetextetex2.0any
tetextetex2.0.1any
tetextetex2.0.2any
xpdfxpdf0.90any
xpdfxpdf0.91any
xpdfxpdf0.92any
xpdfxpdf0.93any
xpdfxpdf1.0any
xpdfxpdf1.0aany
xpdfxpdf1.1any
xpdfxpdf2.0any
xpdfxpdf2.1any
xpdfxpdf2.3any
xpdfxpdf3.0any
debiandebian_linux3.0any
debiandebian_linux3.0any
debiandebian_linux3.0any
debiandebian_linux3.0any
debiandebian_linux3.0any
debiandebian_linux3.0any
debiandebian_linux3.0any
debiandebian_linux3.0any
debiandebian_linux3.0any
debiandebian_linux3.0any
debiandebian_linux3.0any
debiandebian_linux3.0any
gentoolinux*any
kdekde3.2any
kdekde3.2.1any
kdekde3.2.2any
kdekde3.2.3any
kdekde3.3any
kdekde3.3.1any
redhatenterprise_linux2.1any
redhatenterprise_linux2.1any
redhatenterprise_linux2.1any
redhatenterprise_linux2.1any
redhatenterprise_linux2.1any
redhatenterprise_linux2.1any
redhatenterprise_linux3.0any
redhatenterprise_linux3.0any
redhatenterprise_linux3.0any
redhatenterprise_linux_desktop3.0any
redhatfedora_corecore_2.0any
redhatlinux_advanced_workstation2.1any
redhatlinux_advanced_workstation2.1any
susesuse_linux8.0any
susesuse_linux8.1any
susesuse_linux8.2any
susesuse_linux9.0any
susesuse_linux9.0any
susesuse_linux9.1any
susesuse_linux9.2any
ubuntuubuntu_linux4.1any
ubuntuubuntu_linux4.1any

References 6

  • marc.info http://marc.info/?l=bugtraq&m=109880927526773&w=2
  • gentoo.org http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml
    PatchVendor Advisory
  • gentoo.org http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2004:113
  • securityfocus.com http://www.securityfocus.com/bid/11501
  • exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/17819

Remediation

  • gentoo.org http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml
    PatchVendor Advisory