JVN/CVE Demo: Cveinfos

CVE

Id: 14831
CVE No.: CVE-2005-3627
Status: Candidate
Description: Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via a DCTDecode stream with (1) a large "number of components" value that is not checked by DCTStream::readBaselineSOF or DCTStream::readProgressiveSOF, (2) a large "Huffman table index" value that is not checked by DCTStream::readHuffmanTables, and (3) certain uses of the scanInfo.numComps value by DCTStream::readScanInfo.
Phase: Assigned (20051116)
Votes: None (candidate not yet proposed)
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
114131	14831	CVE-2005-3627	MISC:http://scary.beasts.org/security/CESA-2005-003.txt	View
114132	14831	CVE-2005-3627	CONFIRM:http://www.kde.org/info/security/advisory-20051207-2.txt	View
114133	14831	CVE-2005-3627	DEBIAN:DSA-931	View
114134	14831	CVE-2005-3627	URL:http://www.debian.org/security/2005/dsa-931	View
114135	14831	CVE-2005-3627	DEBIAN:DSA-932	View
114136	14831	CVE-2005-3627	URL:http://www.debian.org/security/2005/dsa-932	View
114137	14831	CVE-2005-3627	DEBIAN:DSA-937	View
114138	14831	CVE-2005-3627	URL:http://www.debian.org/security/2005/dsa-937	View
114139	14831	CVE-2005-3627	DEBIAN:DSA-938	View
114140	14831	CVE-2005-3627	URL:http://www.debian.org/security/2005/dsa-938	View
114141	14831	CVE-2005-3627	DEBIAN:DSA-940	View
114142	14831	CVE-2005-3627	URL:http://www.debian.org/security/2005/dsa-940	View
114143	14831	CVE-2005-3627	DEBIAN:DSA-936	View
114144	14831	CVE-2005-3627	URL:http://www.debian.org/security/2006/dsa-936	View
114145	14831	CVE-2005-3627	DEBIAN:DSA-950	View
114146	14831	CVE-2005-3627	URL:http://www.debian.org/security/2006/dsa-950	View
114147	14831	CVE-2005-3627	DEBIAN:DSA-961	View
114148	14831	CVE-2005-3627	URL:http://www.debian.org/security/2006/dsa-961	View
114149	14831	CVE-2005-3627	DEBIAN:DSA-962	View
114150	14831	CVE-2005-3627	URL:http://www.debian.org/security/2006/dsa-962	View
114151	14831	CVE-2005-3627	FEDORA:FLSA:175404	View
114152	14831	CVE-2005-3627	URL:http://www.securityfocus.com/archive/1/archive/1/427990/100/0/threaded	View
114153	14831	CVE-2005-3627	FEDORA:FEDORA-2005-025	View
114154	14831	CVE-2005-3627	URL:http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html	View
114155	14831	CVE-2005-3627	FEDORA:FEDORA-2005-026	View
114156	14831	CVE-2005-3627	URL:http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html	View
114157	14831	CVE-2005-3627	FEDORA:FLSA-2006:176751	View
114158	14831	CVE-2005-3627	URL:http://www.securityfocus.com/archive/1/archive/1/427053/100/0/threaded	View
114159	14831	CVE-2005-3627	GENTOO:GLSA-200601-02	View
114160	14831	CVE-2005-3627	URL:http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml	View
114161	14831	CVE-2005-3627	GENTOO:GLSA-200601-17	View
114162	14831	CVE-2005-3627	URL:http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml	View
114163	14831	CVE-2005-3627	MANDRAKE:MDKSA-2006:010	View
114164	14831	CVE-2005-3627	URL:http://www.mandriva.com/security/advisories?name=MDKSA-2006:010	View
114165	14831	CVE-2005-3627	MANDRIVA:MDKSA-2006:003	View
114166	14831	CVE-2005-3627	URL:http://www.mandriva.com/security/advisories?name=MDKSA-2006:003	View
114167	14831	CVE-2005-3627	MANDRIVA:MDKSA-2006:004	View
114168	14831	CVE-2005-3627	URL:http://www.mandriva.com/security/advisories?name=MDKSA-2006:004	View
114169	14831	CVE-2005-3627	MANDRIVA:MDKSA-2006:005	View
114170	14831	CVE-2005-3627	URL:http://www.mandriva.com/security/advisories?name=MDKSA-2006:005	View
114171	14831	CVE-2005-3627	MANDRIVA:MDKSA-2006:006	View
114172	14831	CVE-2005-3627	URL:http://www.mandriva.com/security/advisories?name=MDKSA-2006:006	View
114173	14831	CVE-2005-3627	MANDRIVA:MDKSA-2006:008	View
114174	14831	CVE-2005-3627	URL:http://www.mandriva.com/security/advisories?name=MDKSA-2006:008	View
114175	14831	CVE-2005-3627	MANDRIVA:MDKSA-2006:012	View
114176	14831	CVE-2005-3627	URL:http://www.mandriva.com/security/advisories?name=MDKSA-2006:012	View
114177	14831	CVE-2005-3627	MANDRIVA:MDKSA-2006:011	View
114178	14831	CVE-2005-3627	URL:http://www.mandriva.com/security/advisories?name=MDKSA-2006:011	View
114179	14831	CVE-2005-3627	REDHAT:RHSA-2006:0177	View
114180	14831	CVE-2005-3627	URL:http://rhn.redhat.com/errata/RHSA-2006-0177.html	View
114181	14831	CVE-2005-3627	REDHAT:RHSA-2006:0160	View
114182	14831	CVE-2005-3627	URL:http://www.redhat.com/support/errata/RHSA-2006-0160.html	View
114183	14831	CVE-2005-3627	REDHAT:RHSA-2006:0163	View
114184	14831	CVE-2005-3627	URL:http://www.redhat.com/support/errata/RHSA-2006-0163.html	View
114185	14831	CVE-2005-3627	SCO:SCOSA-2006.15	View
114186	14831	CVE-2005-3627	URL:ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt	View
114187	14831	CVE-2005-3627	SGI:20051201-01-U	View
114188	14831	CVE-2005-3627	URL:ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U	View
114189	14831	CVE-2005-3627	SGI:20060101-01-U	View
114190	14831	CVE-2005-3627	URL:ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U	View
114191	14831	CVE-2005-3627	SGI:20060201-01-U	View
114192	14831	CVE-2005-3627	URL:ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U	View
114193	14831	CVE-2005-3627	SLACKWARE:SSA:2006-045-04	View
114194	14831	CVE-2005-3627	URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747	View
114195	14831	CVE-2005-3627	SLACKWARE:SSA:2006-045-09	View
114196	14831	CVE-2005-3627	URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683	View
114197	14831	CVE-2005-3627	SUNALERT:102972	View
114198	14831	CVE-2005-3627	URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1	View
114199	14831	CVE-2005-3627	SUSE:SUSE-SA:2006:001	View
114200	14831	CVE-2005-3627	URL:http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html	View
114201	14831	CVE-2005-3627	TRUSTIX:2006-0002	View
114202	14831	CVE-2005-3627	URL:http://www.trustix.org/errata/2006/0002/	View
114203	14831	CVE-2005-3627	UBUNTU:USN-236-1	View
114204	14831	CVE-2005-3627	URL:http://www.ubuntulinux.org/support/documentation/usn/usn-236-1	View
114205	14831	CVE-2005-3627	CONFIRM:http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html	View
114206	14831	CVE-2005-3627	CONFIRM:http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html	View
114207	14831	CVE-2005-3627	BID:16143	View
114208	14831	CVE-2005-3627	URL:http://www.securityfocus.com/bid/16143	View
114209	14831	CVE-2005-3627	OVAL:oval:org.mitre.oval:def:10200	View
114210	14831	CVE-2005-3627	URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10200	View
114211	14831	CVE-2005-3627	VUPEN:ADV-2006-0047	View
114212	14831	CVE-2005-3627	URL:http://www.vupen.com/english/advisories/2006/0047	View
114213	14831	CVE-2005-3627	VUPEN:ADV-2007-2280	View
114214	14831	CVE-2005-3627	URL:http://www.vupen.com/english/advisories/2007/2280	View
114215	14831	CVE-2005-3627	SECUNIA:18303	View
114216	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18303	View
114217	14831	CVE-2005-3627	SECUNIA:18312	View
114218	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18312	View
114219	14831	CVE-2005-3627	SECUNIA:18313	View
114220	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18313	View
114221	14831	CVE-2005-3627	SECUNIA:18329	View
114222	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18329	View
114223	14831	CVE-2005-3627	SECUNIA:18332	View
114224	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18332	View
114225	14831	CVE-2005-3627	SECUNIA:18334	View
114226	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18334	View
114227	14831	CVE-2005-3627	SECUNIA:18335	View
114228	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18335	View
114229	14831	CVE-2005-3627	SECUNIA:18387	View
114230	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18387	View
114231	14831	CVE-2005-3627	SECUNIA:18416	View
114232	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18416	View
114233	14831	CVE-2005-3627	SECUNIA:18338	View
114234	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18338	View
114235	14831	CVE-2005-3627	SECUNIA:18349	View
114236	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18349	View
114237	14831	CVE-2005-3627	SECUNIA:18375	View
114238	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18375	View
114239	14831	CVE-2005-3627	SECUNIA:18385	View
114240	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18385	View
114241	14831	CVE-2005-3627	SECUNIA:18389	View
114242	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18389	View
114243	14831	CVE-2005-3627	SECUNIA:18423	View
114244	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18423	View
114245	14831	CVE-2005-3627	SECUNIA:18448	View
114246	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18448	View
114247	14831	CVE-2005-3627	SECUNIA:18398	View
114248	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18398	View
114249	14831	CVE-2005-3627	SECUNIA:18407	View
114250	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18407	View
114251	14831	CVE-2005-3627	SECUNIA:18534	View
114252	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18534	View
114253	14831	CVE-2005-3627	SECUNIA:18582	View
114254	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18582	View
114255	14831	CVE-2005-3627	SECUNIA:18517	View
114256	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18517	View
114257	14831	CVE-2005-3627	SECUNIA:18554	View
114258	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18554	View
114259	14831	CVE-2005-3627	SECUNIA:18642	View
114260	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18642	View
114261	14831	CVE-2005-3627	SECUNIA:18644	View
114262	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18644	View
114263	14831	CVE-2005-3627	SECUNIA:18674	View
114264	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18674	View
114265	14831	CVE-2005-3627	SECUNIA:18675	View
114266	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18675	View
114267	14831	CVE-2005-3627	SECUNIA:18679	View
114268	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18679	View
114269	14831	CVE-2005-3627	SECUNIA:18908	View
114270	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18908	View
114271	14831	CVE-2005-3627	SECUNIA:18913	View
114272	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18913	View
114273	14831	CVE-2005-3627	SECUNIA:19230	View
114274	14831	CVE-2005-3627	URL:http://secunia.com/advisories/19230	View
114275	14831	CVE-2005-3627	SECUNIA:19377	View
114276	14831	CVE-2005-3627	URL:http://secunia.com/advisories/19377	View
114277	14831	CVE-2005-3627	SECUNIA:18425	View
114278	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18425	View
114279	14831	CVE-2005-3627	SECUNIA:18463	View
114280	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18463	View
114281	14831	CVE-2005-3627	SECUNIA:18147	View
114282	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18147	View
114283	14831	CVE-2005-3627	SECUNIA:18373	View
114284	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18373	View
114285	14831	CVE-2005-3627	SECUNIA:18380	View
114286	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18380	View
114287	14831	CVE-2005-3627	SECUNIA:18414	View
114288	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18414	View
114289	14831	CVE-2005-3627	SECUNIA:18428	View
114290	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18428	View
114291	14831	CVE-2005-3627	SECUNIA:18436	View
114292	14831	CVE-2005-3627	URL:http://secunia.com/advisories/18436	View
114293	14831	CVE-2005-3627	SECUNIA:25729	View
114294	14831	CVE-2005-3627	URL:http://secunia.com/advisories/25729	View
114295	14831	CVE-2005-3627	XF:xpdf-readhuffmantables-bo(24024)	View
114296	14831	CVE-2005-3627	URL:http://xforce.iss.net/xforce/xfdb/24024	View
114297	14831	CVE-2005-3627	XF:xpdf-readscaninfo-bo(24025)	View

Related JVN

Id	JVN No.	Title	Summary	CVE No.	CVE Id	CVSS_v2	CVSS_v3	JVN URL	Actions
57931	JVNDB-2006-000127	initscripts における root 権限を取得される脆弱性	initscripts には、/sbin/service コマンドを実行する際に複数の環境変数の処理が不適切である脆弱性が存在します。	CVE-2005-3629	14831	7.2		http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-000127.html	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.52 MB
View render complete	3.20 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	2.80
Event: Controller.initialize	0.02
Event: Controller.startup	0.06
Controller action	447.23
Event: Controller.beforeRender	5.38
» Processing toolbar data	5.29
Rendering View	45.43
» Event: View.beforeRender	0.02
» Rendering APP/View/Cveinfos/view.ctp	44.23
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.76
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.19
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/14831
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/14831
Remote Port	40646
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.31
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.1.229.199
Http Via	1.1 squid-proxy-5b5d847c96-v4lkv (squid/6.10)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Suspectharddos	1
Suspectdos	1
X Dostranslated Ip	216.73.216.31
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.31
Unique Id	aJyfq89jnCqVynIpISVLtQAAAa8
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Suspectharddos	1
Redirect Suspectdos	1
Redirect X Dostranslated Ip	216.73.216.31
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.31
Redirect Unique Id	aJyfq89jnCqVynIpISVLtQAAAa8
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Suspectharddos	1
Redirect Redirect Suspectdos	1
Redirect Redirect X Dostranslated Ip	216.73.216.31
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.31
Redirect Redirect Unique Id	aJyfq89jnCqVynIpISVLtQAAAa8
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1755094955.438
Request Time	1755094955

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files