7.5

CVE-2005-3628

Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via unknown attack vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
XpdfXpdf
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.2% 0.896
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/18398
Patch
Vendor Advisory
http://secunia.com/advisories/18407
Patch
Vendor Advisory
http://www.debian.org/security/2006/dsa-936
Patch
Vendor Advisory
http://www.securityfocus.com/archive/1/427053/100/0/threaded
http://www.securityfocus.com/archive/1/427990/100/0/threaded
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
http://secunia.com/advisories/19230
http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html
Patch
Vendor Advisory
http://secunia.com/advisories/18147
http://secunia.com/advisories/18380
http://secunia.com/advisories/18385
Patch
Vendor Advisory
http://secunia.com/advisories/18387
Patch
Vendor Advisory
http://secunia.com/advisories/18389
Patch
Vendor Advisory
http://secunia.com/advisories/18416
Patch
Vendor Advisory
http://secunia.com/advisories/18534
Patch
Vendor Advisory
http://secunia.com/advisories/18582
Patch
Vendor Advisory
http://secunia.com/advisories/18674
http://secunia.com/advisories/18675
http://secunia.com/advisories/18679
http://secunia.com/advisories/18908
http://secunia.com/advisories/18913
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
http://www.debian.org/security/2005/dsa-931
http://www.debian.org/security/2005/dsa-932
http://www.debian.org/security/2005/dsa-937
http://www.debian.org/security/2005/dsa-938
http://www.debian.org/security/2005/dsa-940
http://www.debian.org/security/2006/dsa-950
Patch
Vendor Advisory
http://www.debian.org/security/2006/dsa-961
http://www.debian.org/security/2006/dsa-962
http://www.mandriva.com/security/advisories?name=MDKSA-2006:010
http://www.mandriva.com/security/advisories?name=MDKSA-2006:011
http://www.mandriva.com/security/advisories?name=MDKSA-2006:012
http://www.redhat.com/support/errata/RHSA-2006-0160.html
Patch
Vendor Advisory
http://secunia.com/advisories/18428
http://secunia.com/advisories/18436
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10287