Vulnerability in Ascii Ptex
CVE-2005-0206
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
EPSS: 0.030 (85.5th percentile) — read the EPSS interpretation.
Affected products
- Ascii Ptex — versions 3.1.4
- Cstex Cstetex — versions 2.0.2
- Easy_software_products Cups — versions 1.0.4, 1.0.4_8, 1.1.1
- Gentoo Linux
- Gnome Gpdf — versions 0.110, 0.112, 0.131
- Kde — versions 3.2, 3.2.1, 3.2.2
- Kde Koffice — versions 1.3, 1.3.1, 1.3.2
- Kde Kpdf — versions 3.2
- Mandrakesoft Mandrake_linux_corporate_server — versions 3.0
- Pdftohtml — versions 0.32a, 0.32b, 0.33
References
- cve@mitre.org (x_refsource_OVAL, signature, vdb-entry)
- cve@mitre.org (vendor-advisory, x_refsource_MANDRAKE)
- cve@mitre.org (Patch, vdb-entry, x_refsource_BID, Vendor Advisory)
- cve@mitre.org (x_refsource_REDHAT, vendor-advisory)
- cve@mitre.org (vendor-advisory, x_refsource_MANDRAKE)
- cve@mitre.org (vendor-advisory, x_refsource_MANDRAKE)
- cve@mitre.org (x_refsource_REDHAT, vendor-advisory, Patch, Vendor Advisory)
- cve@mitre.org (vendor-advisory, x_refsource_MANDRAKE)
- cve@mitre.org (x_refsource_REDHAT, vendor-advisory)
- cve@mitre.org (vdb-entry, x_refsource_XF)