5

CVE-2005-3626

Exploit
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Easy Software ProductsCups Version1.1.22
Easy Software ProductsCups Version1.1.22_rc1
Easy Software ProductsCups Version1.1.23
Easy Software ProductsCups Version1.1.23_rc1
KdeKdegraphics Version3.2
KdeKdegraphics Version3.4.3
KdeKoffice Version1.4
KdeKoffice Version1.4.1
KdeKoffice Version1.4.2
KdeKpdf Version3.2
KdeKpdf Version3.4.3
KdeKword Version1.4.2
PopplerPoppler Version0.4.2
SgiPropack Version3.0 Updatesp6
TetexTetex Version1.0.7
TetexTetex Version2.0
TetexTetex Version2.0.1
TetexTetex Version2.0.2
TetexTetex Version3.0
XpdfXpdf Version3.0
ConectivaLinux Version10.0
DebianDebian Linux Version3.0
DebianDebian Linux Version3.0 Editionalpha
DebianDebian Linux Version3.0 Editionarm
DebianDebian Linux Version3.0 Editionhppa
DebianDebian Linux Version3.0 Editionia-32
DebianDebian Linux Version3.0 Editionia-64
DebianDebian Linux Version3.0 Editionm68k
DebianDebian Linux Version3.0 Editionmips
DebianDebian Linux Version3.0 Editionmipsel
DebianDebian Linux Version3.0 Editionppc
DebianDebian Linux Version3.0 Editions-390
DebianDebian Linux Version3.0 Editionsparc
DebianDebian Linux Version3.1
DebianDebian Linux Version3.1 Editionalpha
DebianDebian Linux Version3.1 Editionamd64
DebianDebian Linux Version3.1 Editionarm
DebianDebian Linux Version3.1 Editionhppa
DebianDebian Linux Version3.1 Editionia-32
DebianDebian Linux Version3.1 Editionia-64
DebianDebian Linux Version3.1 Editionm68k
DebianDebian Linux Version3.1 Editionmips
DebianDebian Linux Version3.1 Editionmipsel
DebianDebian Linux Version3.1 Editionppc
DebianDebian Linux Version3.1 Editions-390
DebianDebian Linux Version3.1 Editionsparc
MandrakesoftMandrake Linux Version10.1
MandrakesoftMandrake Linux Version10.1 Editionx86-64
MandrakesoftMandrake Linux Version10.2
MandrakesoftMandrake Linux Version10.2 Editionx86-64
MandrakesoftMandrake Linux Version2006
MandrakesoftMandrake Linux Version2006 Editionx86-64
MandrakesoftMandrake Linux Corporate Server Version2.1 Editionx86_64
MandrakesoftMandrake Linux Corporate Server Version3.0 Editionx86_64
RedhatEnterprise Linux Version2.1 Editionadvanced_server
RedhatEnterprise Linux Version2.1 Editionadvanced_server_ia64
RedhatEnterprise Linux Version2.1 Editionenterprise_server
RedhatEnterprise Linux Version2.1 Editionenterprise_server_ia64
RedhatEnterprise Linux Version2.1 Editionworkstation
RedhatEnterprise Linux Version2.1 Editionworkstation_ia64
RedhatEnterprise Linux Version3.0 Editionadvanced_server
RedhatEnterprise Linux Version3.0 Editionenterprise_server
RedhatEnterprise Linux Version3.0 Editionworkstation_server
RedhatEnterprise Linux Version4.0 Editionadvanced_server
RedhatEnterprise Linux Version4.0 Editionenterprise_server
RedhatEnterprise Linux Version4.0 Editionworkstation
RedhatFedora Core Versioncore_1.0
RedhatFedora Core Versioncore_2.0
RedhatFedora Core Versioncore_3.0
RedhatFedora Core Versioncore_4.0
RedhatLinux Version7.3 Editioni386
RedhatLinux Version9.0 Editioni386
RedhatLinux Advanced Workstation Version2.1 Editionia64
RedhatLinux Advanced Workstation Version2.1 Editionitanium
ScoOpenserver Version5.0.7
ScoOpenserver Version6.0
SlackwareSlackware Linux Version9.0
SlackwareSlackware Linux Version9.1
SlackwareSlackware Linux Version10.0
SlackwareSlackware Linux Version10.1
SlackwareSlackware Linux Version10.2
SuseSuse Linux Version1.0
SuseSuse Linux Version9.0 Editionenterprise_server
SuseSuse Linux Version9.0 Editionpersonal
SuseSuse Linux Version9.0 Editionprofessional
SuseSuse Linux Version9.0 Editions_390
SuseSuse Linux Version9.0 Editionx86_64
SuseSuse Linux Version9.1 Editionpersonal
SuseSuse Linux Version9.1 Editionprofessional
SuseSuse Linux Version9.1 Editionx86_64
SuseSuse Linux Version9.2 Editionpersonal
SuseSuse Linux Version9.2 Editionprofessional
SuseSuse Linux Version9.2 Editionx86_64
SuseSuse Linux Version9.3 Editionpersonal
SuseSuse Linux Version9.3 Editionprofessional
SuseSuse Linux Version9.3 Editionx86_64
SuseSuse Linux Version10.0 Editionoss
SuseSuse Linux Version10.0 Editionprofessional
TrustixSecure Linux Version2.0
TrustixSecure Linux Version2.2
TrustixSecure Linux Version3.0
TurbolinuxTurbolinux Version10
TurbolinuxTurbolinux Versionfuji
TurbolinuxTurbolinux Appliance Server Version1.0_hosting_edition
TurbolinuxTurbolinux Appliance Server Version1.0_workgroup_edition
TurbolinuxTurbolinux Desktop Version10.0
TurbolinuxTurbolinux Server Version8.0
TurbolinuxTurbolinux Server Version10.0
TurbolinuxTurbolinux Server Version10.0_x86
UbuntuUbuntu Linux Version4.1 Editionia64
UbuntuUbuntu Linux Version4.1 Editionppc
UbuntuUbuntu Linux Version5.04 Editionamd64
UbuntuUbuntu Linux Version5.04 Editioni386
UbuntuUbuntu Linux Version5.04 Editionpowerpc
UbuntuUbuntu Linux Version5.10 Editionamd64
UbuntuUbuntu Linux Version5.10 Editioni386
UbuntuUbuntu Linux Version5.10 Editionpowerpc
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.41% 0.874
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
http://secunia.com/advisories/18517
Patch
Vendor Advisory
http://secunia.com/advisories/18398
Patch
Vendor Advisory
http://secunia.com/advisories/18407
Patch
Vendor Advisory
http://secunia.com/advisories/25729
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
http://www.debian.org/security/2006/dsa-936
Patch
Vendor Advisory
http://www.securityfocus.com/archive/1/427053/100/0/threaded
http://www.securityfocus.com/archive/1/427990/100/0/threaded
http://www.vupen.com/english/advisories/2007/2280
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
http://secunia.com/advisories/18554
Patch
Vendor Advisory
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
http://secunia.com/advisories/19230
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt
http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html
Patch
Vendor Advisory
http://secunia.com/advisories/18147
http://secunia.com/advisories/18303
Vendor Advisory
http://secunia.com/advisories/18313
Patch
Vendor Advisory
http://secunia.com/advisories/18349
Patch
Vendor Advisory
http://secunia.com/advisories/18380
http://secunia.com/advisories/18385
Patch
Vendor Advisory
http://secunia.com/advisories/18387
Patch
Vendor Advisory
http://secunia.com/advisories/18389
Patch
Vendor Advisory
http://secunia.com/advisories/18416
Patch
Vendor Advisory
http://secunia.com/advisories/18448
Patch
Vendor Advisory
http://secunia.com/advisories/18534
Patch
Vendor Advisory
http://secunia.com/advisories/18582
Patch
Vendor Advisory
http://secunia.com/advisories/18674
Vendor Advisory
http://secunia.com/advisories/18675
Vendor Advisory
http://secunia.com/advisories/18679
Vendor Advisory
http://secunia.com/advisories/18908
http://secunia.com/advisories/18913
http://secunia.com/advisories/19377
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
http://www.debian.org/security/2005/dsa-931
http://www.debian.org/security/2005/dsa-932
http://www.debian.org/security/2005/dsa-937
http://www.debian.org/security/2005/dsa-938
http://www.debian.org/security/2005/dsa-940
http://www.debian.org/security/2006/dsa-950
Patch
Vendor Advisory
http://www.debian.org/security/2006/dsa-961
Patch
Vendor Advisory
http://www.debian.org/security/2006/dsa-962
http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml
Patch
Vendor Advisory
http://www.kde.org/info/security/advisory-20051207-2.txt
Patch
Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:003
http://www.mandriva.com/security/advisories?name=MDKSA-2006:004
http://www.mandriva.com/security/advisories?name=MDKSA-2006:005
http://www.mandriva.com/security/advisories?name=MDKSA-2006:006
http://www.mandriva.com/security/advisories?name=MDKSA-2006:008
http://www.mandriva.com/security/advisories?name=MDKSA-2006:010
http://www.mandriva.com/security/advisories?name=MDKSA-2006:011
http://www.mandriva.com/security/advisories?name=MDKSA-2006:012
http://www.redhat.com/support/errata/RHSA-2006-0160.html
Patch
Vendor Advisory
http://secunia.com/advisories/18428
http://secunia.com/advisories/18436
http://scary.beasts.org/security/CESA-2005-003.txt
Exploit
http://secunia.com/advisories/18463
http://www.trustix.org/errata/2006/0002/
http://rhn.redhat.com/errata/RHSA-2006-0177.html
Patch
Vendor Advisory
http://secunia.com/advisories/18312
Patch
Vendor Advisory
http://secunia.com/advisories/18329
Vendor Advisory
http://secunia.com/advisories/18332
Vendor Advisory
http://secunia.com/advisories/18334
Patch
Vendor Advisory
http://secunia.com/advisories/18338
Patch
Vendor Advisory
http://secunia.com/advisories/18373
http://secunia.com/advisories/18375
Vendor Advisory
http://secunia.com/advisories/18414
http://secunia.com/advisories/18423
Patch
Vendor Advisory
http://secunia.com/advisories/18425
http://secunia.com/advisories/18642
Vendor Advisory
http://secunia.com/advisories/18644
Vendor Advisory
http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html
http://www.redhat.com/support/errata/RHSA-2006-0163.html
http://www.securityfocus.com/bid/16143
Patch
http://www.vupen.com/english/advisories/2006/0047
https://usn.ubuntu.com/236-1/
http://secunia.com/advisories/18335
Patch
Vendor Advisory
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html
Patch
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/24026
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992