7.5
CVE-2006-0301
- EPSS 4.4%
- Veröffentlicht 30.01.2006 22:03:00
- Zuletzt bearbeitet 16.06.2026 22:20:18
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 4.4% | 0.901 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
http://www.securityfocus.com/archive/1/427990/100/0/threaded
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt
http://secunia.com/advisories/18908
http://secunia.com/advisories/18913
http://secunia.com/advisories/19377
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
http://rhn.redhat.com/errata/RHSA-2006-0206.html
http://secunia.com/advisories/18274
http://secunia.com/advisories/18677
http://secunia.com/advisories/18707
http://secunia.com/advisories/18825
http://secunia.com/advisories/18826
http://secunia.com/advisories/18834
http://secunia.com/advisories/18837
http://secunia.com/advisories/18838
http://secunia.com/advisories/18839
http://secunia.com/advisories/18860
http://secunia.com/advisories/18862
http://secunia.com/advisories/18864
http://secunia.com/advisories/18875
http://secunia.com/advisories/18882
http://secunia.com/advisories/18983
http://securityreason.com/securityalert/470
http://securitytracker.com/id?1015576
http://www.debian.org/security/2006/dsa-971
http://www.debian.org/security/2006/dsa-972
http://www.debian.org/security/2006/dsa-974
http://www.gentoo.org/security/en/glsa/glsa-200602-04.xml
http://www.gentoo.org/security/en/glsa/glsa-200602-05.xml
http://www.gentoo.org/security/en/glsa/glsa-200602-12.xml
http://www.kde.org/info/security/advisory-20060202-1.txt
http://www.mandriva.com/security/advisories?name=MDKSA-2006:030
http://www.mandriva.com/security/advisories?name=MDKSA-2006:031
http://www.mandriva.com/security/advisories?name=MDKSA-2006:032
http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00039.html
http://www.redhat.com/support/errata/RHSA-2006-0201.html
http://www.securityfocus.com/archive/1/423899/100/0/threaded
http://www.ubuntu.com/usn/usn-249-1
http://www.vupen.com/english/advisories/2006/0389
http://www.vupen.com/english/advisories/2006/0422
https://bugzilla.novell.com/show_bug.cgi?id=141242
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179046
https://exchange.xforce.ibmcloud.com/vulnerabilities/24391
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10850