CVE-2005-3627
NONE EPSS 91.9%
Published Dec 31, 200520y ago · Modified Jun 16, 20262w ago
Published Dec 31, 2005 20y ago
Last Modified Jun 16, 2026 2w ago
Description
Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via a DCTDecode stream with (1) a large "number of components" value that is not checked by DCTStream::readBaselineSOF or DCTStream::readProgressiveSOF, (2) a large "Huffman table index" value that is not checked by DCTStream::readHuffmanTables, and (3) certain uses of the scanInfo.numComps value by DCTStream::readScanInfo.
Threat Intelligence
EPSS Exploit Probability
91.9% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available
Weaknesses 1
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Memory Safety
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| xpdf | xpdf | * | any |
References 86
- ftp.sco.com ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt
- patches.sgi.com ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
- patches.sgi.com ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
- patches.sgi.com ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
- lists.suse.com http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html
- rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2006-0177.html
- scary.beasts.org http://scary.beasts.org/security/CESA-2005-003.txt
- secunia.com http://secunia.com/advisories/18147
- secunia.com http://secunia.com/advisories/18303
- secunia.com http://secunia.com/advisories/18312
- secunia.com http://secunia.com/advisories/18313
- secunia.com http://secunia.com/advisories/18329
- secunia.com http://secunia.com/advisories/18332
- secunia.com http://secunia.com/advisories/18334
- secunia.com http://secunia.com/advisories/18335
- secunia.com http://secunia.com/advisories/18338
- secunia.com http://secunia.com/advisories/18349
- secunia.com http://secunia.com/advisories/18373
- secunia.com http://secunia.com/advisories/18375
- secunia.com http://secunia.com/advisories/18380
- secunia.com http://secunia.com/advisories/18385
- secunia.com http://secunia.com/advisories/18387
- secunia.com http://secunia.com/advisories/18389
- secunia.com http://secunia.com/advisories/18398
- secunia.com http://secunia.com/advisories/18407
- secunia.com http://secunia.com/advisories/18414
- secunia.com http://secunia.com/advisories/18416
- secunia.com http://secunia.com/advisories/18423
- secunia.com http://secunia.com/advisories/18425
- secunia.com http://secunia.com/advisories/18428
- secunia.com http://secunia.com/advisories/18436
- secunia.com http://secunia.com/advisories/18448
- secunia.com http://secunia.com/advisories/18463
- secunia.com http://secunia.com/advisories/18517
- secunia.com http://secunia.com/advisories/18534
- secunia.com http://secunia.com/advisories/18554
- secunia.com http://secunia.com/advisories/18582
- secunia.com http://secunia.com/advisories/18642
- secunia.com http://secunia.com/advisories/18644
- secunia.com http://secunia.com/advisories/18674
- secunia.com http://secunia.com/advisories/18675
- secunia.com http://secunia.com/advisories/18679
- secunia.com http://secunia.com/advisories/18908
- secunia.com http://secunia.com/advisories/18913
- secunia.com http://secunia.com/advisories/19230
- secunia.com http://secunia.com/advisories/19377
- secunia.com http://secunia.com/advisories/25729
- slackware.com http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
- slackware.com http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
- sunsolve.sun.com http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
- debian.org http://www.debian.org/security/2005/dsa-931
- debian.org http://www.debian.org/security/2005/dsa-932
- debian.org http://www.debian.org/security/2005/dsa-937
- debian.org http://www.debian.org/security/2005/dsa-938
- debian.org http://www.debian.org/security/2005/dsa-940
- debian.org http://www.debian.org/security/2006/dsa-936
- debian.org http://www.debian.org/security/2006/dsa-950
- debian.org http://www.debian.org/security/2006/dsa-961
- debian.org http://www.debian.org/security/2006/dsa-962
- gentoo.org http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml
- gentoo.org http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml
- kde.org http://www.kde.org/info/security/advisory-20051207-2.txt
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2006:003
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2006:004
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2006:005
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2006:006
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2006:008
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2006:010
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2006:011
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2006:012
- redhat.com http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html
- redhat.com http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html
- redhat.com http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html
- redhat.com http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html
- redhat.com http://www.redhat.com/support/errata/RHSA-2006-0160.html
- redhat.com http://www.redhat.com/support/errata/RHSA-2006-0163.html
- securityfocus.com http://www.securityfocus.com/archive/1/427053/100/0/threaded
- securityfocus.com http://www.securityfocus.com/archive/1/427990/100/0/threaded
- securityfocus.com http://www.securityfocus.com/bid/16143
- trustix.org http://www.trustix.org/errata/2006/0002/
- vupen.com http://www.vupen.com/english/advisories/2006/0047
- vupen.com http://www.vupen.com/english/advisories/2007/2280
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/24024
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/24025
- oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10200
- usn.ubuntu.com https://usn.ubuntu.com/236-1/
Remediation
- lists.suse.com http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html
- rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2006-0177.html
- secunia.com http://secunia.com/advisories/18303
- secunia.com http://secunia.com/advisories/18312
- secunia.com http://secunia.com/advisories/18313
- secunia.com http://secunia.com/advisories/18334
- secunia.com http://secunia.com/advisories/18335
- secunia.com http://secunia.com/advisories/18338
- secunia.com http://secunia.com/advisories/18349
- secunia.com http://secunia.com/advisories/18385
- secunia.com http://secunia.com/advisories/18387
- secunia.com http://secunia.com/advisories/18389
- secunia.com http://secunia.com/advisories/18398
- secunia.com http://secunia.com/advisories/18407
- secunia.com http://secunia.com/advisories/18416
- secunia.com http://secunia.com/advisories/18423
- secunia.com http://secunia.com/advisories/18448
- secunia.com http://secunia.com/advisories/18517
- secunia.com http://secunia.com/advisories/18534
- secunia.com http://secunia.com/advisories/18554
- secunia.com http://secunia.com/advisories/18582
- debian.org http://www.debian.org/security/2006/dsa-936
- debian.org http://www.debian.org/security/2006/dsa-950
- debian.org http://www.debian.org/security/2006/dsa-961
- gentoo.org http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml
- kde.org http://www.kde.org/info/security/advisory-20051207-2.txt
- redhat.com http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html
- redhat.com http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html
- redhat.com http://www.redhat.com/support/errata/RHSA-2006-0160.html
- securityfocus.com http://www.securityfocus.com/bid/16143