CVE - CVE-2005-3628

CVE-ID
CVE-2005-3628	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via unknown attack vectors.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
DEBIAN:DSA-931 URL:http://www.debian.org/security/2005/dsa-931 DEBIAN:DSA-932 URL:http://www.debian.org/security/2005/dsa-932 DEBIAN:DSA-937 URL:http://www.debian.org/security/2005/dsa-937 DEBIAN:DSA-938 URL:http://www.debian.org/security/2005/dsa-938 DEBIAN:DSA-940 URL:http://www.debian.org/security/2005/dsa-940 DEBIAN:DSA-936 URL:http://www.debian.org/security/2006/dsa-936 DEBIAN:DSA-950 URL:http://www.debian.org/security/2006/dsa-950 DEBIAN:DSA-961 URL:http://www.debian.org/security/2006/dsa-961 DEBIAN:DSA-962 URL:http://www.debian.org/security/2006/dsa-962 FEDORA:FLSA:175404 URL:http://www.securityfocus.com/archive/1/427990/100/0/threaded FEDORA:FLSA-2006:176751 URL:http://www.securityfocus.com/archive/1/427053/100/0/threaded MANDRAKE:MDKSA-2006:010 URL:http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 MANDRIVA:MDKSA-2006:012 URL:http://www.mandriva.com/security/advisories?name=MDKSA-2006:012 MANDRIVA:MDKSA-2006:011 URL:http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 REDHAT:RHSA-2006:0160 URL:http://www.redhat.com/support/errata/RHSA-2006-0160.html SGI:20060201-01-U URL:ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U SLACKWARE:SSA:2006-045-04 URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 SLACKWARE:SSA:2006-045-09 URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 SUSE:SUSE-SA:2006:001 URL:http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html OVAL:oval:org.mitre.oval:def:10287 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10287 SECUNIA:18387 URL:http://secunia.com/advisories/18387 SECUNIA:18416 URL:http://secunia.com/advisories/18416 SECUNIA:18385 URL:http://secunia.com/advisories/18385 SECUNIA:18389 URL:http://secunia.com/advisories/18389 SECUNIA:18398 URL:http://secunia.com/advisories/18398 SECUNIA:18407 URL:http://secunia.com/advisories/18407 SECUNIA:18534 URL:http://secunia.com/advisories/18534 SECUNIA:18582 URL:http://secunia.com/advisories/18582 SECUNIA:18674 URL:http://secunia.com/advisories/18674 SECUNIA:18675 URL:http://secunia.com/advisories/18675 SECUNIA:18679 URL:http://secunia.com/advisories/18679 SECUNIA:18908 URL:http://secunia.com/advisories/18908 SECUNIA:18913 URL:http://secunia.com/advisories/18913 SECUNIA:19230 URL:http://secunia.com/advisories/19230 SECUNIA:18147 URL:http://secunia.com/advisories/18147 SECUNIA:18380 URL:http://secunia.com/advisories/18380 SECUNIA:18428 URL:http://secunia.com/advisories/18428 SECUNIA:18436 URL:http://secunia.com/advisories/18436
Assigning CNA
N/A
Date Entry Created
20051116	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20051116)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org

Use of the Common Vulnerabilities and Exposures (CVE®) List and the associated references from this website are subject to the terms of use. CVE is sponsored by US-CERT in the office of Cybersecurity and Communications at the U.S. Department of Homeland Security. Copyright © 1999–2018, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation. For more information, please contact us.