CVE-2005-3628
NONE EPSS 89.7%
Published Dec 31, 200520y ago · Modified Jun 16, 20262w ago
Published Dec 31, 2005 20y ago
Last Modified Jun 16, 2026 2w ago
Description
Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via unknown attack vectors.
Threat Intelligence
EPSS Exploit Probability
89.7% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| xpdf | xpdf | * | any |
References 38
- patches.sgi.com ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
- lists.suse.com http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html
- secunia.com http://secunia.com/advisories/18147
- secunia.com http://secunia.com/advisories/18380
- secunia.com http://secunia.com/advisories/18385
- secunia.com http://secunia.com/advisories/18387
- secunia.com http://secunia.com/advisories/18389
- secunia.com http://secunia.com/advisories/18398
- secunia.com http://secunia.com/advisories/18407
- secunia.com http://secunia.com/advisories/18416
- secunia.com http://secunia.com/advisories/18428
- secunia.com http://secunia.com/advisories/18436
- secunia.com http://secunia.com/advisories/18534
- secunia.com http://secunia.com/advisories/18582
- secunia.com http://secunia.com/advisories/18674
- secunia.com http://secunia.com/advisories/18675
- secunia.com http://secunia.com/advisories/18679
- secunia.com http://secunia.com/advisories/18908
- secunia.com http://secunia.com/advisories/18913
- secunia.com http://secunia.com/advisories/19230
- slackware.com http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
- slackware.com http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
- debian.org http://www.debian.org/security/2005/dsa-931
- debian.org http://www.debian.org/security/2005/dsa-932
- debian.org http://www.debian.org/security/2005/dsa-937
- debian.org http://www.debian.org/security/2005/dsa-938
- debian.org http://www.debian.org/security/2005/dsa-940
- debian.org http://www.debian.org/security/2006/dsa-936
- debian.org http://www.debian.org/security/2006/dsa-950
- debian.org http://www.debian.org/security/2006/dsa-961
- debian.org http://www.debian.org/security/2006/dsa-962
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2006:010
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2006:011
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2006:012
- redhat.com http://www.redhat.com/support/errata/RHSA-2006-0160.html
- securityfocus.com http://www.securityfocus.com/archive/1/427053/100/0/threaded
- securityfocus.com http://www.securityfocus.com/archive/1/427990/100/0/threaded
- oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10287
Remediation
- lists.suse.com http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html
- secunia.com http://secunia.com/advisories/18385
- secunia.com http://secunia.com/advisories/18387
- secunia.com http://secunia.com/advisories/18389
- secunia.com http://secunia.com/advisories/18398
- secunia.com http://secunia.com/advisories/18407
- secunia.com http://secunia.com/advisories/18416
- secunia.com http://secunia.com/advisories/18534
- secunia.com http://secunia.com/advisories/18582
- debian.org http://www.debian.org/security/2006/dsa-936
- debian.org http://www.debian.org/security/2006/dsa-950
- redhat.com http://www.redhat.com/support/errata/RHSA-2006-0160.html