Vulnerability Details : CVE-2005-3193
Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and (5) libextractor allows user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with large size values that cause insufficient memory to be allocated.
Vulnerability category: OverflowExecute codeDenial of service
Products affected by CVE-2005-3193
- cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:1.0a:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:0.91:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:2.3:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:0.92:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:0.93:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:3.0_pl3:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:3.0_pl2:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:3.0.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2005-3193
0.53%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 78 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2005-3193
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.1
|
MEDIUM | AV:N/AC:H/Au:N/C:P/I:P/A:P |
4.9
|
6.4
|
NIST |
CWE ids for CVE-2005-3193
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
Vendor statements for CVE-2005-3193
-
Red Hat 2007-03-14Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
References for CVE-2005-3193
-
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/23441
Xpdf JPX::readCodestream() heap buffer overflow CVE-2005-3193 Vulnerability Report
-
http://www.kde.org/info/security/advisory-20051207-1.txt
-
http://www.securityfocus.com/archive/1/427053/100/0/threaded
-
http://www.vupen.com/english/advisories/2007/2280
Site en construction
-
http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html
[SECURITY] Fedora Core 3 Update: cups-1.1.22-0.rc1.8.8
-
http://www.mandriva.com/security/advisories?name=MDKSA-2006:008
Mandriva
-
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt
-
http://www.mandriva.com/security/advisories?name=MDKSA-2006:004
Mandriva
-
http://www.mandriva.com/security/advisories?name=MDKSA-2006:003
Mandriva
-
http://www.debian.org/security/2006/dsa-950
[SECURITY] [DSA 950-1] New CUPS packages fix arbitrary code execution
-
http://www.debian.org/security/2006/dsa-962
[SECURITY] [DSA 962-1] New pdftohtml packages fix arbitrary code execution
-
http://www.mandriva.com/security/advisories?name=MDKSA-2006:010
Mandriva
-
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
-
http://www.securityfocus.com/archive/1/418883/100/0/threaded
-
http://securitytracker.com/id?1015324
Access Denied
-
http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00022.html
[SECURITY] Fedora Core 4 Update: poppler-0.4.1-1.2
-
http://www.debian.org/security/2006/dsa-961
[SECURITY] [DSA 961-1] New pdfkit.framework packages fix arbitrary code execution
-
http://www.redhat.com/support/errata/RHSA-2005-840.html
SupportVendor Advisory
-
https://issues.rpath.com/browse/RPL-1609
-
http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00014.html
[SECURITY] Fedora Core 3 Update: gpdf-2.8.2-5.2
-
http://www.vupen.com/english/advisories/2005/2787
Site en construction
-
http://securityreason.com/securityalert/236
Multiple Vendor xpdf JPX Stream Reader Heap Overflow Vulnerability - CXSecurity.com
-
http://www.idefense.com/application/poi/display?id=345&type=vulnerabilities&flashstatus=true
U.S. | Let There Be Change | AccenturePatch;Vendor Advisory
-
http://www.debian.org/security/2005/dsa-937
[SECURITY] [DSA 937-1] New tetex-bin packages fix arbitrary code execution
-
http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html
[SECURITY] Fedora Core 4 Update: cups-1.1.23-15.2
-
http://rhn.redhat.com/errata/RHSA-2005-868.html
-
http://www.mandriva.com/security/advisories?name=MDKSA-2006:011
Mandriva
-
http://www.mandriva.com/security/advisories?name=MDKSA-2006:005
Mandriva
-
http://www.debian.org/security/2005/dsa-940
[SECURITY] [DSA 940-1] New gpdf packages fix arbitrary code execution
-
http://www.redhat.com/support/errata/RHSA-2006-0160.html
SupportVendor Advisory
-
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
-
http://www.debian.org/security/2006/dsa-936
[SECURITY] [DSA 936-1] New libextractor packages fix arbitrary code execution
-
http://www.redhat.com/support/errata/RHSA-2005-878.html
SupportVendor Advisory
-
http://www.vupen.com/english/advisories/2005/2790
Site en construction
-
http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html
Object not found!
-
http://securitytracker.com/id?1015309
Access Denied
-
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt
-
http://www.securityfocus.com/archive/1/427990/100/0/threaded
-
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
-
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
The Slackware Linux Project: Slackware Security Advisories
-
http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml
Xpdf, GPdf, CUPS, Poppler: Multiple vulnerabilities (GLSA 200512-08) — Gentoo security
-
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
The Slackware Linux Project: Slackware Security Advisories
-
http://www.mandriva.com/security/advisories?name=MDKSA-2006:012
Mandriva
-
http://www.debian.org/security/2005/dsa-931
[SECURITY] [DSA 931-1] New xpdf packages fix arbitrary code execution
-
http://www.debian.org/security/2005/dsa-932
[SECURITY] [DSA 932-1] New kpdf packages fix arbitrary code execution
-
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt
-
http://www.novell.com/linux/security/advisories/2005_29_sr.html
404 Page Not Found | SUSE
-
http://www.redhat.com/support/errata/RHSA-2005-867.html
SupportVendor Advisory
-
http://www.kde.org/info/security/advisory-20051207-2.txt
-
http://www.securityfocus.com/bid/15721
-
http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html
[SECURITY] Fedora Core 3 Update: tetex-2.0.2-21.5
-
http://www.mandriva.com/security/advisories?name=MDKSA-2006:006
Mandriva
-
http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html
[SECURITY] Fedora Core 4 Update: tetex-3.0-7.FC4
-
http://www.vupen.com/english/advisories/2005/2789
Site en construction
-
http://www.gentoo.org/security/en/glsa/glsa-200603-02.xml
teTeX, pTeX, CSTeX: Multiple overflows in included XPdf code (GLSA 200603-02) — Gentoo security
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11440
404 Not Found
-
http://www.trustix.org/errata/2005/0072/
Trustix | Empowering Trust and Security in the Digital Age
-
http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml
KPdf, KWord: Multiple overflows in included Xpdf code (GLSA 200601-02) — Gentoo security
-
http://www.vupen.com/english/advisories/2005/2856
Site en construction
-
http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00073.html
[SECURITY] Fedora Core 4 Update: poppler-0.4.3-1.3
-
http://www.debian.org/security/2005/dsa-938
[SECURITY] [DSA 938-1] New koffice packages fix arbitrary code execution
-
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00043.html
[SECURITY] Fedora Core 4 Update: kdegraphics-3.5.0-0.2.fc4
-
http://www.ubuntulinux.org/usn/usn-227-1
USN-227-1: xpdf vulnerabilities | Ubuntu security notices | Ubuntu
Jump to