Vulnerability in Conectiva Linux
CVE-2005-3626
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
EPSS: 0.033 (87.0th percentile) — read the EPSS interpretation.
Affected products
- Conectiva Linux — versions 10.0
- Easy_software_products Cups — versions 1.1.22, 1.1.22_rc1, 1.1.23
- Gentoo Linux
- Kde Kdegraphics — versions 3.2, 3.4.3
- Kde Koffice — versions 1.4, 1.4.1, 1.4.2
- Kde Kpdf — versions 3.2, 3.4.3
- Kde Kword — versions 1.4.2
- Libextractor
- Mandrakesoft Mandrake_linux — versions 10.1, 10.2, 2006
- Mandrakesoft Mandrake_linux_corporate_server — versions 2.1, 3.0
Weakness classification (CWE)
References
- secalert@redhat.com (Patch, vdb-entry, x_refsource_BID)
- secalert@redhat.com (vendor-advisory, x_refsource_DEBIAN)
- secalert@redhat.com (Patch, x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- secalert@redhat.com (x_refsource_SECUNIA, third-party-advisory)
- secalert@redhat.com (Exploit, x_refsource_MISC)
- secalert@redhat.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
- secalert@redhat.com (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- secalert@redhat.com (Patch, x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- secalert@redhat.com (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- secalert@redhat.com (x_refsource_UBUNTU, vendor-advisory)