What is CVE-2004-0888?

CVE-2004-0888 is a vulnerability in Easy_software_products Cups. Published 2005-01-27.

Is CVE-2004-0888 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Easy_software_products Cups

CVE-2004-0888

Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of…

EPSS: 0.093 (94.7th percentile) — read the EPSS interpretation.

Affected products

Easy_software_products Cups — versions 1.0.4, 1.0.4_8, 1.1.1
Gentoo Linux
Gnome Gpdf — versions 0.112, 0.131
Kde — versions 3.2, 3.2.1, 3.2.2
Kde Koffice — versions 1.3, 1.3.1, 1.3.2
Kde Kpdf — versions 3.2
Pdftohtml — versions 0.32a, 0.32b, 0.33
Tetex — versions 1.0.7, 2.0, 2.0.1
Xpdf — versions 0.90, 0.91, 0.92
Debian Debian_linux — versions 3.0

Public proof-of-concept exploits

References

cve@mitre.org (x_refsource_REDHAT, vendor-advisory)
cve@mitre.org (Patch, vdb-entry, x_refsource_BID, Vendor Advisory)
cve@mitre.org (x_refsource_REDHAT, vendor-advisory)
cve@mitre.org (x_refsource_UBUNTU, vendor-advisory)
cve@mitre.org (vendor-advisory, x_refsource_MANDRAKE)
cve@mitre.org (vendor-advisory, x_refsource_GENTOO)
cve@mitre.org (vendor-advisory, x_refsource_DEBIAN)
cve@mitre.org (vendor-advisory, x_refsource_DEBIAN)
cve@mitre.org (x_refsource_FEDORA, vendor-advisory)
cve@mitre.org (vendor-advisory, x_refsource_MANDRAKE)

Frequently asked questions

What is CVE-2004-0888?: CVE-2004-0888 is a vulnerability in Easy_software_products Cups. Published 2005-01-27.
Is CVE-2004-0888 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.