7.6

CVE-2006-1244

EPSS 3.47%
Veröffentlicht 15.03.2006 19:06:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc.  NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed.  Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 20

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Gnome ≫ Gpdf Version2.8.2

Libextractor ≫ Libextractor Version0.3.6

Libextractor ≫ Libextractor Version0.3.7

Libextractor ≫ Libextractor Version0.3.8

Libextractor ≫ Libextractor Version0.3.9

Libextractor ≫ Libextractor Version0.3.11

Libextractor ≫ Libextractor Version0.4

Libextractor ≫ Libextractor Version0.4.1

Libextractor ≫ Libextractor Version0.4.2

Libextractor ≫ Libextractor Version0.5

Xpdf ≫ Xpdf Version0.90

Xpdf ≫ Xpdf Version0.91

Xpdf ≫ Xpdf Version0.92

Xpdf ≫ Xpdf Version0.93

Xpdf ≫ Xpdf Version1.0

Xpdf ≫ Xpdf Version1.0a

Xpdf ≫ Xpdf Version1.1

Xpdf ≫ Xpdf Version2.0

Xpdf ≫ Xpdf Version2.1

Xpdf ≫ Xpdf Version2.2

Xpdf ≫ Xpdf Version2.3

Xpdf ≫ Xpdf Version3.0

Xpdf ≫ Xpdf Version3.0.1

Xpdf ≫ Xpdf Version3.0.1_pl1

Xpdf ≫ Xpdf Version3.0_pl2

Xpdf ≫ Xpdf Version3.0_pl3

Debian ≫ Debian Linux Version3.1

Debian ≫ Debian Linux Version3.1 Editionalpha

Debian ≫ Debian Linux Version3.1 Editionamd64

Debian ≫ Debian Linux Version3.1 Editionarm

Debian ≫ Debian Linux Version3.1 Editionhppa

Debian ≫ Debian Linux Version3.1 Editionia-32

Debian ≫ Debian Linux Version3.1 Editionia-64

Debian ≫ Debian Linux Version3.1 Editionm68k

Debian ≫ Debian Linux Version3.1 Editionmips

Debian ≫ Debian Linux Version3.1 Editionmipsel

Debian ≫ Debian Linux Version3.1 Editionppc

Debian ≫ Debian Linux Version3.1 Editions-390

Debian ≫ Debian Linux Version3.1 Editionsparc

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	3.47%	0.865

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.6	4.9	10	AV:N/AC:H/Au:N/C:C/I:C/A:C

http://secunia.com/advisories/18948

Patch

Vendor Advisory

http://secunia.com/advisories/19021

Patch

Vendor Advisory

http://secunia.com/advisories/19065

Patch

Vendor Advisory

http://secunia.com/advisories/19091

Patch

Vendor Advisory

http://secunia.com/advisories/19164

Patch

Vendor Advisory

http://secunia.com/advisories/19364

Patch

Vendor Advisory

http://secunia.com/advisories/19644

Patch

Vendor Advisory

http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3.diff.gz

Patch

http://www.debian.org/security/2006/dsa-1019

Patch

Vendor Advisory

http://www.debian.org/security/2006/dsa-979

Patch

Vendor Advisory

http://www.debian.org/security/2006/dsa-982

Patch

Vendor Advisory

http://www.debian.org/security/2006/dsa-983

Patch

Vendor Advisory

http://www.debian.org/security/2006/dsa-984

Patch

Vendor Advisory

http://www.debian.org/security/2006/dsa-998

Patch

Vendor Advisory

http://www.osvdb.org/23834

http://www.securityfocus.com/bid/16748

https://usn.ubuntu.com/270-1/

https://nvd.nist.gov/vuln/detail/CVE-2006-1244

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-1244

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-1244

EUVD