Oval Definition:oval:org.mitre.oval:def:11440
Revision Date:2013-04-29Version:11
Title:Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and (5) libextractor allows user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with large size values that cause insufficient memory to be allocated.
Description:Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and (5) libextractor allows user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with large size values that cause insufficient memory to be allocated.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2005-3193
Platform(s):CentOS Linux 3
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 4
Product(s):
Definition Synopsis
  • OS Section: RHEL3, CentOS3
  • RHEL3 or CentOS3
  • The operating system installed on the system is Red Hat Enterprise Linux 3
  • OR CentOS Linux 3.x
  • AND Configuration section
  • tetex-latex is earlier than 0:1.0.7-67.9
  • OR tetex-dvips is earlier than 0:1.0.7-67.9
  • OR tetex-fonts is earlier than 0:1.0.7-67.9
  • OR cups-libs is earlier than 1:1.1.17-13.3.34
  • OR tetex is earlier than 0:1.0.7-67.9
  • OR cups-devel is earlier than 1:1.1.17-13.3.34
  • OR tetex-afm is earlier than 0:1.0.7-67.9
  • OR xpdf is earlier than 1:2.02-9.8
  • OR tetex-xdvi is earlier than 0:1.0.7-67.9
  • OR cups is earlier than 1:1.1.17-13.3.34
  • OR OS Section: RHEL4, CentOS4, Oracle Linux 4
  • RHEL4, CentOS4 or Oracle Linux 4
  • The operating system installed on the system is Red Hat Enterprise Linux 4
  • OR CentOS Linux 4.x
  • OR Oracle Linux 4.x
  • AND Configuration section
  • tetex-latex is earlier than 0:2.0.2-22.EL4.7
  • OR kdegraphics-devel is earlier than 7:3.3.1-3.6
  • OR tetex-dvips is earlier than 0:2.0.2-22.EL4.7
  • OR kdegraphics is earlier than 7:3.3.1-3.6
  • OR tetex-fonts is earlier than 0:2.0.2-22.EL4.7
  • OR cups-libs is earlier than 1:1.1.22-0.rc1.9.9
  • OR tetex is earlier than 0:2.0.2-22.EL4.7
  • OR gpdf is earlier than 0:2.8.2-7.3
  • OR cups-devel is earlier than 1:1.1.22-0.rc1.9.9
  • OR tetex-afm is earlier than 0:2.0.2-22.EL4.7
  • OR xpdf is earlier than 1:3.00-11.10
  • OR tetex-xdvi is earlier than 0:2.0.2-22.EL4.7
  • OR tetex-doc is earlier than 0:2.0.2-22.EL4.7
  • OR cups is earlier than 1:1.1.22-0.rc1.9.9
    • BACK