CVE - CVE-2005-3191

CVE-ID
CVE-2005-3191	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KDE kpdf, (d) pdftohtml, (e) KOffice KWord, (f) CUPS, and (g) libextractor allow user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with an out-of-range number of components (numComps), which is used as an array index.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:15726 URL:http://www.securityfocus.com/bid/15726 BID:15727 URL:http://www.securityfocus.com/bid/15727 BUGTRAQ:20051207 [KDE Security Advisory] multiple buffer overflows in kpdf/koffice URL:http://www.securityfocus.com/archive/1/418883/100/0/threaded CONFIRM:http://www.kde.org/info/security/advisory-20051207-1.txt CONFIRM:http://www.kde.org/info/security/advisory-20051207-2.txt CONFIRM:https://issues.rpath.com/browse/RPL-1609 DEBIAN:DSA-931 URL:http://www.debian.org/security/2005/dsa-931 DEBIAN:DSA-932 URL:http://www.debian.org/security/2005/dsa-932 DEBIAN:DSA-936 URL:http://www.debian.org/security/2006/dsa-936 DEBIAN:DSA-937 URL:http://www.debian.org/security/2005/dsa-937 DEBIAN:DSA-938 URL:http://www.debian.org/security/2005/dsa-938 DEBIAN:DSA-940 URL:http://www.debian.org/security/2005/dsa-940 DEBIAN:DSA-950 URL:http://www.debian.org/security/2006/dsa-950 DEBIAN:DSA-961 URL:http://www.debian.org/security/2006/dsa-961 DEBIAN:DSA-962 URL:http://www.debian.org/security/2006/dsa-962 FEDORA:FEDORA-2005-1126 URL:http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html FEDORA:FEDORA-2005-1127 URL:http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html FEDORA:FEDORA-2005-1141 URL:http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html FEDORA:FEDORA-2005-1142 URL:http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html FEDORA:FLSA-2006:176751 URL:http://www.securityfocus.com/archive/1/427053/100/0/threaded FEDORA:FLSA:175404 URL:http://www.securityfocus.com/archive/1/427990/100/0/threaded GENTOO:GLSA-200512-08 URL:http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml GENTOO:GLSA-200601-02 URL:http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml IDEFENSE:20051205 Multiple Vendor xpdf DCTStream Progressive Heap Overflow URL:http://www.idefense.com/application/poi/display?id=343&type=vulnerabilities IDEFENSE:Multiple Vendor xpdf DCTStream Baseline Heap Overflow Vulnerability URL:http://www.idefense.com/application/poi/display?id=342&type=vulnerabilities MANDRAKE:MDKSA-2006:010 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2006:010~~ (Obsolete source) MANDRIVA:MDKSA-2006:003 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2006:003~~ (Obsolete source) MANDRIVA:MDKSA-2006:004 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2006:004~~ (Obsolete source) MANDRIVA:MDKSA-2006:005 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2006:005~~ (Obsolete source) MANDRIVA:MDKSA-2006:006 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2006:006~~ (Obsolete source) MANDRIVA:MDKSA-2006:008 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2006:008~~ (Obsolete source) MANDRIVA:MDKSA-2006:011 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2006:011~~ (Obsolete source) MANDRIVA:MDKSA-2006:012 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2006:012~~ (Obsolete source) MISC:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289 OVAL:oval:org.mitre.oval:def:9760 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9760 REDHAT:RHSA-2005:840 URL:http://www.redhat.com/support/errata/RHSA-2005-840.html REDHAT:RHSA-2005:867 URL:http://www.redhat.com/support/errata/RHSA-2005-867.html REDHAT:RHSA-2005:868 URL:http://rhn.redhat.com/errata/RHSA-2005-868.html REDHAT:RHSA-2005:878 URL:http://www.redhat.com/support/errata/RHSA-2005-878.html REDHAT:RHSA-2006:0160 URL:http://www.redhat.com/support/errata/RHSA-2006-0160.html SCO:SCOSA-2006.15 URL:ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt SCO:SCOSA-2006.20 URL:ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt SCO:SCOSA-2006.21 URL:ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt SECTRACK:1015309 URL:http://securitytracker.com/id?1015309 SECTRACK:1015324 URL:http://securitytracker.com/id?1015324 SECUNIA:17897 URL:http://secunia.com/advisories/17897 SECUNIA:17908 URL:http://secunia.com/advisories/17908 SECUNIA:17912 URL:http://secunia.com/advisories/17912 SECUNIA:17916 URL:http://secunia.com/advisories/17916 SECUNIA:17920 URL:http://secunia.com/advisories/17920 SECUNIA:17921 URL:http://secunia.com/advisories/17921 SECUNIA:17926 URL:http://secunia.com/advisories/17926 SECUNIA:17929 URL:http://secunia.com/advisories/17929 SECUNIA:17940 URL:http://secunia.com/advisories/17940 SECUNIA:17955 URL:http://secunia.com/advisories/17955 SECUNIA:17976 URL:http://secunia.com/advisories/17976 SECUNIA:18009 URL:http://secunia.com/advisories/18009 SECUNIA:18055 URL:http://secunia.com/advisories/18055 SECUNIA:18061 URL:http://secunia.com/advisories/18061 SECUNIA:18147 URL:http://secunia.com/advisories/18147 SECUNIA:18189 URL:http://secunia.com/advisories/18189 SECUNIA:18191 URL:http://secunia.com/advisories/18191 SECUNIA:18192 URL:http://secunia.com/advisories/18192 SECUNIA:18303 URL:http://secunia.com/advisories/18303 SECUNIA:18313 URL:http://secunia.com/advisories/18313 SECUNIA:18336 URL:http://secunia.com/advisories/18336 SECUNIA:18349 URL:http://secunia.com/advisories/18349 SECUNIA:18380 URL:http://secunia.com/advisories/18380 SECUNIA:18385 URL:http://secunia.com/advisories/18385 SECUNIA:18387 URL:http://secunia.com/advisories/18387 SECUNIA:18389 URL:http://secunia.com/advisories/18389 SECUNIA:18398 URL:http://secunia.com/advisories/18398 SECUNIA:18407 URL:http://secunia.com/advisories/18407 SECUNIA:18416 URL:http://secunia.com/advisories/18416 SECUNIA:18428 URL:http://secunia.com/advisories/18428 SECUNIA:18436 URL:http://secunia.com/advisories/18436 SECUNIA:18448 URL:http://secunia.com/advisories/18448 SECUNIA:18503 URL:http://secunia.com/advisories/18503 SECUNIA:18517 URL:http://secunia.com/advisories/18517 SECUNIA:18534 URL:http://secunia.com/advisories/18534 SECUNIA:18549 URL:http://secunia.com/advisories/18549 SECUNIA:18554 URL:http://secunia.com/advisories/18554 SECUNIA:18582 URL:http://secunia.com/advisories/18582 SECUNIA:18674 URL:http://secunia.com/advisories/18674 SECUNIA:18675 URL:http://secunia.com/advisories/18675 SECUNIA:18679 URL:http://secunia.com/advisories/18679 SECUNIA:18908 URL:http://secunia.com/advisories/18908 SECUNIA:18913 URL:http://secunia.com/advisories/18913 SECUNIA:19230 URL:http://secunia.com/advisories/19230 SECUNIA:19377 URL:http://secunia.com/advisories/19377 SECUNIA:19797 URL:http://secunia.com/advisories/19797 SECUNIA:19798 URL:http://secunia.com/advisories/19798 SECUNIA:25729 URL:http://secunia.com/advisories/25729 SECUNIA:26413 URL:http://secunia.com/advisories/26413 SGI:20051201-01-U URL:ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U SGI:20060101-01-U URL:ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U SGI:20060201-01-U URL:ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U SLACKWARE:SSA:2006-045-04 URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 SLACKWARE:SSA:2006-045-09 URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 SREASON:233 URL:http://securityreason.com/securityalert/233 SREASON:234 URL:http://securityreason.com/securityalert/234 SUNALERT:102972 URL:~~http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1~~ (Obsolete source) SUSE:SUSE-SA:2006:001 URL:http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html SUSE:SUSE-SR:2005:029 URL:http://www.novell.com/linux/security/advisories/2005_29_sr.html SUSE:SUSE-SR:2006:001 SUSE:SUSE-SR:2006:002 URL:http://www.novell.com/linux/security/advisories/2006_02_sr.html TRUSTIX:TSLSA-2005-0072 URL:~~http://www.trustix.org/errata/2005/0072/~~ (Obsolete source - check if archived by the Wayback Machine) UBUNTU:USN-227-1 URL:http://www.ubuntulinux.org/usn/usn-227-1 VUPEN:ADV-2005-2786 URL:~~http://www.vupen.com/english/advisories/2005/2786~~ (Obsolete source) VUPEN:ADV-2005-2787 URL:~~http://www.vupen.com/english/advisories/2005/2787~~ (Obsolete source) VUPEN:ADV-2005-2788 URL:~~http://www.vupen.com/english/advisories/2005/2788~~ (Obsolete source) VUPEN:ADV-2005-2789 URL:~~http://www.vupen.com/english/advisories/2005/2789~~ (Obsolete source) VUPEN:ADV-2005-2790 URL:~~http://www.vupen.com/english/advisories/2005/2790~~ (Obsolete source) VUPEN:ADV-2005-2856 URL:~~http://www.vupen.com/english/advisories/2005/2856~~ (Obsolete source) VUPEN:ADV-2007-2280 URL:~~http://www.vupen.com/english/advisories/2007/2280~~ (Obsolete source) XF:xpdf-dctstream-baseline-bo(23444) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/23444 XF:xpdf-dctstream-progressive-bo(23443) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/23443
Assigning CNA
MITRE Corporation
Date Record Created
20051014	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20051014)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)