NVD
- Id
- 68855
- Name
- CVE-2005-3193
- Description
- Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and (5) libextractor allows user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with large size values that cause insufficient memory to be allocated.
- Reject
- CVSS Version
- 2
- CVSS Score
- 5.1
- Severity
- Medium
- CVSS Base Score
- 5.1
- CVSS Impact Subscore
- 6.4
- CVSS Exploit Subscore
- 4.9
- CVSS Vector
- (AV:N/AC:H/Au:N/C:P/I:P/A:P)
- Pub Date
- 2017-07-18
- Published
- 2005-12-06
- Modified Date
- 2017-07-10
- Seq
- 2005-3193
Related NVD References
| Id | NVD Id | NVD No. | Reference | Actions |
|---|---|---|---|---|
| 355818 | 68855 | CVE-2005-3193 | SCOSA-2006.15 | View |
| 355819 | 68855 | CVE-2005-3193 | SCOSA-2006.20 | View |
| 355820 | 68855 | CVE-2005-3193 | SCOSA-2006.21 | View |
| 355821 | 68855 | CVE-2005-3193 | 20051201-01-U | View |
| 355822 | 68855 | CVE-2005-3193 | 20060101-01-U | View |
| 355823 | 68855 | CVE-2005-3193 | 20060201-01-U | View |
| 355824 | 68855 | CVE-2005-3193 | SUSE-SA:2006:001 | View |
| 355825 | 68855 | CVE-2005-3193 | oval:org.mitre.oval:def:11440 | View |
| 355826 | 68855 | CVE-2005-3193 | RHSA-2005:868 | View |
| 355827 | 68855 | CVE-2005-3193 | 236 | View |
| 355828 | 68855 | CVE-2005-3193 | 1015309 | View |
| 355829 | 68855 | CVE-2005-3193 | 1015324 | View |
| 355830 | 68855 | CVE-2005-3193 | SSA:2006-045-09 | View |
| 355831 | 68855 | CVE-2005-3193 | SSA:2006-045-04 | View |
| 355832 | 68855 | CVE-2005-3193 | 102972 | View |
| 355833 | 68855 | CVE-2005-3193 | DSA-931 | View |
| 355834 | 68855 | CVE-2005-3193 | DSA-932 | View |
| 355835 | 68855 | CVE-2005-3193 | DSA-937 | View |
| 355836 | 68855 | CVE-2005-3193 | DSA-938 | View |
| 355837 | 68855 | CVE-2005-3193 | DSA-940 | View |
| 355838 | 68855 | CVE-2005-3193 | DSA-936 | View |
| 355839 | 68855 | CVE-2005-3193 | DSA-950 | View |
| 355840 | 68855 | CVE-2005-3193 | DSA-961 | View |
| 355841 | 68855 | CVE-2005-3193 | DSA-962 | View |
| 355842 | 68855 | CVE-2005-3193 | GLSA-200512-08 | View |
| 355843 | 68855 | CVE-2005-3193 | GLSA-200601-02 | View |
| 355844 | 68855 | CVE-2005-3193 | GLSA-200603-02 | View |
| 355845 | 68855 | CVE-2005-3193 | 20051205 Multiple Vendor xpdf JPX Stream Reader Heap Overflow Vulnerability | View |
| 355846 | 68855 | CVE-2005-3193 | http://www.kde.org/info/security/advisory-20051207-1.txt | View |
| 355847 | 68855 | CVE-2005-3193 | http://www.kde.org/info/security/advisory-20051207-2.txt | View |
| 355848 | 68855 | CVE-2005-3193 | MDKSA-2006:003 | View |
| 355849 | 68855 | CVE-2005-3193 | MDKSA-2006:004 | View |
| 355850 | 68855 | CVE-2005-3193 | MDKSA-2006:005 | View |
| 355851 | 68855 | CVE-2005-3193 | MDKSA-2006:006 | View |
| 355852 | 68855 | CVE-2005-3193 | MDKSA-2006:008 | View |
| 355853 | 68855 | CVE-2005-3193 | MDKSA-2006:010 | View |
| 355854 | 68855 | CVE-2005-3193 | MDKSA-2006:011 | View |
| 355855 | 68855 | CVE-2005-3193 | MDKSA-2006:012 | View |
| 355856 | 68855 | CVE-2005-3193 | SUSE-SR:2005:029 | View |
| 355857 | 68855 | CVE-2005-3193 | FEDORA-2005-1125 | View |
| 355858 | 68855 | CVE-2005-3193 | FEDORA-2005-1126 | View |
| 355859 | 68855 | CVE-2005-3193 | FEDORA-2005-1127 | View |
| 355860 | 68855 | CVE-2005-3193 | FEDORA-2005-1132 | View |
| 355861 | 68855 | CVE-2005-3193 | FEDORA-2005-1141 | View |
| 355862 | 68855 | CVE-2005-3193 | FEDORA-2005-1142 | View |
| 355863 | 68855 | CVE-2005-3193 | FEDORA-2005-1132 | View |
| 355864 | 68855 | CVE-2005-3193 | http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00043.html | View |
| 355865 | 68855 | CVE-2005-3193 | RHSA-2005:840 | View |
| 355866 | 68855 | CVE-2005-3193 | RHSA-2005:867 | View |
| 355867 | 68855 | CVE-2005-3193 | RHSA-2005:878 | View |
| 355868 | 68855 | CVE-2005-3193 | RHSA-2006:0160 | View |
| 355869 | 68855 | CVE-2005-3193 | 20051207 [KDE Security Advisory] multiple buffer overflows in kpdf/koffice | View |
| 355870 | 68855 | CVE-2005-3193 | FLSA-2006:176751 | View |
| 355871 | 68855 | CVE-2005-3193 | FLSA:175404 | View |
| 355872 | 68855 | CVE-2005-3193 | 15721 | View |
| 355873 | 68855 | CVE-2005-3193 | TSLSA-2005-0072 | View |
| 355874 | 68855 | CVE-2005-3193 | USN-227-1 | View |
| 355875 | 68855 | CVE-2005-3193 | ADV-2005-2787 | View |
| 355876 | 68855 | CVE-2005-3193 | ADV-2005-2789 | View |
| 355877 | 68855 | CVE-2005-3193 | ADV-2005-2790 | View |
| 355878 | 68855 | CVE-2005-3193 | ADV-2005-2856 | View |
| 355879 | 68855 | CVE-2005-3193 | ADV-2007-2280 | View |
| 355880 | 68855 | CVE-2005-3193 | xpdf-jpx-stream-bo(23441) | View |
| 355881 | 68855 | CVE-2005-3193 | https://issues.rpath.com/browse/RPL-1609 | View |
Related JVN
| Id | Name | Title | Summary | Cveinfo Name | Cveinfo Id | Nvdinfo Name | Nvdinfo Id | Cvssv2 | Cvssv3 | Jvnurl | Published Date | Last Updated Date | Actions |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 62515 | JVNDB-2005-000717 | Xpdf の JPXStream::readCodestream() 関数におけるヒープオーバーフローの脆弱性 | Xpdf には xpdf/JPXStream.cc の JPXStream::readCodestream() 関数において、PDF ファイルに含まれる Xtiles、nYTiles の値に対する境界チェックが不適切であるため、メモリ領域にデータをコピーする際にヒープオーバーフローが発生する脆弱性が存在します。 | CVE-2005-3193 | 14397 | CVE-2005-3193 | 68855 | 5.1 | http://jvndb.jvn.jp/ja/contents/2005/JVNDB-2005-000717.html | 2005-12-05 | 2007-06-28 | View |
