CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Vulnerability Details : CVE-2005-3191

Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KDE kpdf, (d) pdftohtml, (e) KOffice KWord, (f) CUPS, and (g) libextractor allow user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with an out-of-range number of components (numComps), which is used as an array index.
Publish Date : 2005-12-07 Last Update Date : 2018-10-19
Search Twitter   Search YouTube   Search Google

- CVSS Scores & Vulnerability Types

CVSS Score
5.1
Confidentiality Impact Partial (There is considerable informational disclosure.)
Integrity Impact Partial (Modification of some system files or information is possible, but the attacker does not have control over what can be modified, or the scope of what the attacker can affect is limited.)
Availability Impact Partial (There is reduced performance or interruptions in resource availability.)
Access Complexity High (Specialized access conditions exist. It is hard to exploit and several special conditions must be satisfied to exploit)
Authentication Not required (Authentication is not required to exploit the vulnerability.)
Gained Access None
Vulnerability Type(s) Denial Of ServiceExecute CodeOverflow
CWE ID 119

- Vendor Statements

Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Source: Redhat

- Additional Vendor Supplied Data

Vendor Impact CVSS Score CVSS Vector Report Date Publish Date
Redhat important 2005-11-03 2005-12-06
If you are a vendor and you have additional data which can be automatically imported into our database, please contact admin @ cvedetails.com

- Related OVAL Definitions

Title Definition Id Class Family
CVE-2005-3191 oval:org.opensuse.security:def:20053191 unix
Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functio... oval:org.mitre.oval:def:9760 unix
RHSA-2005:840: xpdf security update (Important) oval:com.redhat.rhsa:def:2005840 unix
RHSA-2005:840: xpdf security update (Important) oval:com.redhat.rhsa:def:20050840 unix
RHSA-2005:867: gpdf security update (Important) oval:com.redhat.rhsa:def:2005867 unix
RHSA-2005:867: gpdf security update (Important) oval:com.redhat.rhsa:def:20050867 unix
RHSA-2005:868: kdegraphics security update (Important) oval:com.redhat.rhsa:def:20050868 unix
RHSA-2005:868: kdegraphics security update (Important) oval:com.redhat.rhsa:def:2005868 unix
RHSA-2005:878: cups security update (Important) oval:com.redhat.rhsa:def:20050878 unix
RHSA-2005:878: cups security update (Important) oval:com.redhat.rhsa:def:2005878 unix
RHSA-2006:0160: tetex security update (Moderate) oval:com.redhat.rhsa:def:20060160 unix
OVAL (Open Vulnerability and Assessment Language) definitions define exactly what should be done to verify a vulnerability or a missing patch. Check out the OVAL definitions if you want to learn what you should do to verify a vulnerability.

- Products Affected By CVE-2005-3191

# Product Type Vendor Product Version Update Edition Language
1 Application Xpdf Xpdf 0.90 * * * Version Details Vulnerabilities
2 Application Xpdf Xpdf 0.91 * * * Version Details Vulnerabilities
3 Application Xpdf Xpdf 0.92 * * * Version Details Vulnerabilities
4 Application Xpdf Xpdf 0.93 * * * Version Details Vulnerabilities
5 Application Xpdf Xpdf 1.0 * * * Version Details Vulnerabilities
6 Application Xpdf Xpdf 1.0a * * * Version Details Vulnerabilities
7 Application Xpdf Xpdf 1.1 * * * Version Details Vulnerabilities
8 Application Xpdf Xpdf 2.0 * * * Version Details Vulnerabilities
9 Application Xpdf Xpdf 2.1 * * * Version Details Vulnerabilities
10 Application Xpdf Xpdf 2.2 * * * Version Details Vulnerabilities
11 Application Xpdf Xpdf 2.3 * * * Version Details Vulnerabilities
12 Application Xpdf Xpdf 3.0 Pl2 * * * Version Details Vulnerabilities
13 Application Xpdf Xpdf 3.0 Pl3 * * * Version Details Vulnerabilities
14 Application Xpdf Xpdf 3.0 * * * Version Details Vulnerabilities
15 Application Xpdf Xpdf 3.0.1 * * * Version Details Vulnerabilities

- Number Of Affected Versions By Product

Vendor Product Vulnerable Versions
Xpdf Xpdf 15

- References For CVE-2005-3191

http://secunia.com/advisories/19230
SECUNIA 19230
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
SGI 20060201-01-U
http://secunia.com/advisories/18908
SECUNIA 18908
http://secunia.com/advisories/18913
SECUNIA 18913
http://secunia.com/advisories/18679
SECUNIA 18679
http://secunia.com/advisories/18675
SECUNIA 18675
http://secunia.com/advisories/18674
SECUNIA 18674
http://secunia.com/advisories/17955
SECUNIA 17955
http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html
FEDORA FEDORA-2005-1127
http://www.debian.org/security/2006/dsa-961
DEBIAN DSA-961
http://www.debian.org/security/2006/dsa-962
DEBIAN DSA-962
http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html
FEDORA FEDORA-2005-1126
http://secunia.com/advisories/18303
SECUNIA 18303
http://secunia.com/advisories/18554
SECUNIA 18554
http://secunia.com/advisories/18517
SECUNIA 18517
http://secunia.com/advisories/18549
SECUNIA 18549
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
SGI 20060101-01-U
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
SGI 20051201-01-U
http://secunia.com/advisories/18582
SECUNIA 18582
http://secunia.com/advisories/18534
SECUNIA 18534
http://secunia.com/advisories/18407
SECUNIA 18407
http://secunia.com/advisories/18398
SECUNIA 18398
http://www.novell.com/linux/security/advisories/2006_02_sr.html
SUSE SUSE-SR:2006:002
http://www.redhat.com/support/errata/RHSA-2006-0160.html
REDHAT RHSA-2006:0160
http://www.debian.org/security/2006/dsa-936
DEBIAN DSA-936
http://www.debian.org/security/2006/dsa-950
DEBIAN DSA-950
http://secunia.com/advisories/18385
SECUNIA 18385
http://secunia.com/advisories/18389
SECUNIA 18389
http://secunia.com/advisories/18448
SECUNIA 18448
http://secunia.com/advisories/18349
SECUNIA 18349
http://secunia.com/advisories/18416
SECUNIA 18416
http://secunia.com/advisories/18387
SECUNIA 18387
http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html
SUSE SUSE-SA:2006:001
http://www.debian.org/security/2005/dsa-940
DEBIAN DSA-940
http://www.debian.org/security/2005/dsa-938
DEBIAN DSA-938
http://www.debian.org/security/2005/dsa-937
DEBIAN DSA-937
http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml
GENTOO GLSA-200601-02
http://www.trustix.org/errata/2005/0072/
TRUSTIX TSLSA-2005-0072
http://secunia.com/advisories/18313
SECUNIA 18313
http://secunia.com/advisories/18336
SECUNIA 18336
http://www.debian.org/security/2005/dsa-931
DEBIAN DSA-931
http://www.debian.org/security/2005/dsa-932
DEBIAN DSA-932
http://www.redhat.com/support/errata/RHSA-2005-878.html
REDHAT RHSA-2005:878
http://secunia.com/advisories/17897
SECUNIA 17897
http://secunia.com/advisories/17926
SECUNIA 17926
http://rhn.redhat.com/errata/RHSA-2005-868.html
REDHAT RHSA-2005:868
http://secunia.com/advisories/18191
SECUNIA 18191
http://secunia.com/advisories/18192
SECUNIA 18192
http://secunia.com/advisories/18189
SECUNIA 18189
http://www.kde.org/info/security/advisory-20051207-2.txt CONFIRM
http://www.redhat.com/support/errata/RHSA-2005-867.html
REDHAT RHSA-2005:867
http://secunia.com/advisories/18061
SECUNIA 18061
http://secunia.com/advisories/18055
SECUNIA 18055
http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml
GENTOO GLSA-200512-08
http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html
FEDORA FEDORA-2005-1142
http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html
FEDORA FEDORA-2005-1141
http://secunia.com/advisories/18009
SECUNIA 18009
http://secunia.com/advisories/17908
SECUNIA 17908
http://secunia.com/advisories/17976
SECUNIA 17976
http://www.kde.org/info/security/advisory-20051207-1.txt CONFIRM
http://www.ubuntulinux.org/usn/usn-227-1
UBUNTU USN-227-1
http://secunia.com/advisories/17940
SECUNIA 17940
http://secunia.com/advisories/17929
SECUNIA 17929
http://secunia.com/advisories/17916
SECUNIA 17916
http://secunia.com/advisories/17921
SECUNIA 17921
http://secunia.com/advisories/17920
SECUNIA 17920
http://secunia.com/advisories/17912
SECUNIA 17912
http://securitytracker.com/id?1015309
SECTRACK 1015309
http://securitytracker.com/id?1015324
SECTRACK 1015324
http://www.securityfocus.com/bid/15726
BID 15726 XPDF DCTStream Progressive Remote Heap Buffer Overflow Vulnerability Release Date:2007-08-10
http://www.securityfocus.com/bid/15727
BID 15727 XPDF DCTStream Baseline Remote Heap Buffer Overflow Vulnerability Release Date:2007-08-10
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289
http://www.idefense.com/application/poi/display?id=342&type=vulnerabilities
IDEFENSE Multiple Vendor xpdf DCTStream Baseline Heap Overflow Vulnerability
http://www.redhat.com/support/errata/RHSA-2005-840.html
REDHAT RHSA-2005:840
http://www.idefense.com/application/poi/display?id=343&type=vulnerabilities
IDEFENSE 20051205 Multiple Vendor xpdf DCTStream Progressive Heap Overflow
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt
SCO SCOSA-2006.15
http://secunia.com/advisories/19377
SECUNIA 19377
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
SLACKWARE SSA:2006-045-04
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
SLACKWARE SSA:2006-045-09
http://secunia.com/advisories/18503
SECUNIA 18503
http://secunia.com/advisories/18147
SECUNIA 18147
http://secunia.com/advisories/18380
SECUNIA 18380
http://secunia.com/advisories/18428
SECUNIA 18428
http://secunia.com/advisories/18436
SECUNIA 18436
http://www.novell.com/linux/security/advisories/2005_29_sr.html
SUSE SUSE-SR:2005:029
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt
SCO SCOSA-2006.20
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt
SCO SCOSA-2006.21
http://secunia.com/advisories/19797
SECUNIA 19797
http://secunia.com/advisories/19798
SECUNIA 19798
https://issues.rpath.com/browse/RPL-1609 CONFIRM
http://www.mandriva.com/security/advisories?name=MDKSA-2006:003
MANDRIVA MDKSA-2006:003
http://www.mandriva.com/security/advisories?name=MDKSA-2006:004
MANDRIVA MDKSA-2006:004
http://www.mandriva.com/security/advisories?name=MDKSA-2006:005
MANDRIVA MDKSA-2006:005
http://www.mandriva.com/security/advisories?name=MDKSA-2006:006
MANDRIVA MDKSA-2006:006
http://www.mandriva.com/security/advisories?name=MDKSA-2006:008
MANDRIVA MDKSA-2006:008
http://www.mandriva.com/security/advisories?name=MDKSA-2006:012
MANDRIVA MDKSA-2006:012
http://www.mandriva.com/security/advisories?name=MDKSA-2006:011
MANDRIVA MDKSA-2006:011
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
SUNALERT 102972
http://secunia.com/advisories/25729
SECUNIA 25729
http://secunia.com/advisories/26413
SECUNIA 26413
http://securityreason.com/securityalert/233
SREASON 233
http://securityreason.com/securityalert/234
SREASON 234
http://www.vupen.com/english/advisories/2005/2790
VUPEN ADV-2005-2790
http://www.vupen.com/english/advisories/2005/2786
VUPEN ADV-2005-2786
http://www.vupen.com/english/advisories/2005/2787
VUPEN ADV-2005-2787
http://www.vupen.com/english/advisories/2007/2280
VUPEN ADV-2007-2280
http://www.vupen.com/english/advisories/2005/2788
VUPEN ADV-2005-2788
http://www.vupen.com/english/advisories/2005/2789
VUPEN ADV-2005-2789
http://www.vupen.com/english/advisories/2005/2856
VUPEN ADV-2005-2856
http://www.mandriva.com/security/advisories?name=MDKSA-2006:010
MANDRAKE MDKSA-2006:010
https://exchange.xforce.ibmcloud.com/vulnerabilities/23444
XF xpdf-dctstream-baseline-bo(23444)
https://exchange.xforce.ibmcloud.com/vulnerabilities/23443
XF xpdf-dctstream-progressive-bo(23443)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9760
OVAL oval:org.mitre.oval:def:9760
http://www.securityfocus.com/archive/1/427990/100/0/threaded
FEDORA FLSA:175404
http://www.securityfocus.com/archive/1/427053/100/0/threaded
FEDORA FLSA-2006:176751
http://www.securityfocus.com/archive/1/418883/100/0/threaded
BUGTRAQ 20051207 [KDE Security Advisory] multiple buffer overflows in kpdf/koffice

- Metasploit Modules Related To CVE-2005-3191

There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information)


CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.