CVE-2005-3627

NONE EPSS 91.9%
Published Dec 31, 200520y ago · Modified Jun 16, 20262w ago
Find Similar
Published Dec 31, 2005 20y ago
Last Modified Jun 16, 2026 2w ago

Description

Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via a DCTDecode stream with (1) a large "number of components" value that is not checked by DCTStream::readBaselineSOF or DCTStream::readProgressiveSOF, (2) a large "Huffman table index" value that is not checked by DCTStream::readHuffmanTables, and (3) certain uses of the scanInfo.numComps value by DCTStream::readScanInfo.

Threat Intelligence

EPSS Exploit Probability
91.9% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Memory Safety

Affected Products 1

VendorProductVersionRange
xpdfxpdf*any

References 86

  • ftp.sco.com ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt
  • patches.sgi.com ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
  • patches.sgi.com ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
  • patches.sgi.com ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
  • lists.suse.com http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html
    PatchVendor Advisory
  • rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2006-0177.html
    PatchVendor Advisory
  • scary.beasts.org http://scary.beasts.org/security/CESA-2005-003.txt
    ExploitVendor Advisory
  • secunia.com http://secunia.com/advisories/18147
  • secunia.com http://secunia.com/advisories/18303
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18312
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18313
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18329
    Vendor Advisory
  • secunia.com http://secunia.com/advisories/18332
    Vendor Advisory
  • secunia.com http://secunia.com/advisories/18334
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18335
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18338
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18349
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18373
  • secunia.com http://secunia.com/advisories/18375
    Vendor Advisory
  • secunia.com http://secunia.com/advisories/18380
  • secunia.com http://secunia.com/advisories/18385
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18387
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18389
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18398
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18407
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18414
  • secunia.com http://secunia.com/advisories/18416
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18423
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18425
  • secunia.com http://secunia.com/advisories/18428
  • secunia.com http://secunia.com/advisories/18436
  • secunia.com http://secunia.com/advisories/18448
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18463
  • secunia.com http://secunia.com/advisories/18517
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18534
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18554
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18582
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18642
    Vendor Advisory
  • secunia.com http://secunia.com/advisories/18644
    Vendor Advisory
  • secunia.com http://secunia.com/advisories/18674
    Vendor Advisory
  • secunia.com http://secunia.com/advisories/18675
    Vendor Advisory
  • secunia.com http://secunia.com/advisories/18679
    Vendor Advisory
  • secunia.com http://secunia.com/advisories/18908
    Vendor Advisory
  • secunia.com http://secunia.com/advisories/18913
  • secunia.com http://secunia.com/advisories/19230
  • secunia.com http://secunia.com/advisories/19377
  • secunia.com http://secunia.com/advisories/25729
  • slackware.com http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
  • slackware.com http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
  • sunsolve.sun.com http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
  • debian.org http://www.debian.org/security/2005/dsa-931
  • debian.org http://www.debian.org/security/2005/dsa-932
  • debian.org http://www.debian.org/security/2005/dsa-937
  • debian.org http://www.debian.org/security/2005/dsa-938
  • debian.org http://www.debian.org/security/2005/dsa-940
  • debian.org http://www.debian.org/security/2006/dsa-936
    PatchVendor Advisory
  • debian.org http://www.debian.org/security/2006/dsa-950
    PatchVendor Advisory
  • debian.org http://www.debian.org/security/2006/dsa-961
    PatchVendor Advisory
  • debian.org http://www.debian.org/security/2006/dsa-962
  • gentoo.org http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml
    PatchVendor Advisory
  • gentoo.org http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml
  • kde.org http://www.kde.org/info/security/advisory-20051207-2.txt
    Patch
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2006:003
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2006:004
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2006:005
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2006:006
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2006:008
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2006:010
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2006:011
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2006:012
  • redhat.com http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html
    Patch
  • redhat.com http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html
    Patch
  • redhat.com http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html
  • redhat.com http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html
  • redhat.com http://www.redhat.com/support/errata/RHSA-2006-0160.html
    PatchVendor Advisory
  • redhat.com http://www.redhat.com/support/errata/RHSA-2006-0163.html
  • securityfocus.com http://www.securityfocus.com/archive/1/427053/100/0/threaded
  • securityfocus.com http://www.securityfocus.com/archive/1/427990/100/0/threaded
  • securityfocus.com http://www.securityfocus.com/bid/16143
    Patch
  • trustix.org http://www.trustix.org/errata/2006/0002/
  • vupen.com http://www.vupen.com/english/advisories/2006/0047
  • vupen.com http://www.vupen.com/english/advisories/2007/2280
  • exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/24024
  • exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/24025
  • oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10200
  • usn.ubuntu.com https://usn.ubuntu.com/236-1/

Remediation

  • lists.suse.com http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html
    PatchVendor Advisory
  • rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2006-0177.html
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18303
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18312
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18313
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18334
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18335
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18338
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18349
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18385
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18387
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18389
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18398
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18407
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18416
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18423
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18448
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18517
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18534
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18554
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18582
    PatchVendor Advisory
  • debian.org http://www.debian.org/security/2006/dsa-936
    PatchVendor Advisory
  • debian.org http://www.debian.org/security/2006/dsa-950
    PatchVendor Advisory
  • debian.org http://www.debian.org/security/2006/dsa-961
    PatchVendor Advisory
  • gentoo.org http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml
    PatchVendor Advisory
  • kde.org http://www.kde.org/info/security/advisory-20051207-2.txt
    Patch
  • redhat.com http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html
    Patch
  • redhat.com http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html
    Patch
  • redhat.com http://www.redhat.com/support/errata/RHSA-2006-0160.html
    PatchVendor Advisory
  • securityfocus.com http://www.securityfocus.com/bid/16143
    Patch