Vulnerability Name:

CVE-2005-2097 (CCN-21752)

Assigned:2005-08-09
Published:2005-08-09
Updated:2018-10-19
Summary:xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temporary file to be created when xpdf attempts to reconstruct the information.
CVSS v3 Severity:4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
2.1 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Denial of Service
References:Source: SCO
Type: UNKNOWN
SCOSA-2005.42

Source: MITRE
Type: CNA
CVE-2005-2097

Source: CCN
Type: Conectiva Linux Security Announcement CLSA-2005:1010
Fixes for xpdf vulnerabilities

Source: CCN
Type: RHSA-2005-670
xpdf security update

Source: CCN
Type: RHSA-2005-671
kdegraphics security update

Source: CCN
Type: RHSA-2005-706
cups security update

Source: CCN
Type: RHSA-2005-708
gpdf security update

Source: SECUNIA
Type: Vendor Advisory
17277

Source: CCN
Type: SA18398
libextractor Multiple Xpdf Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
18398

Source: SECUNIA
Type: Vendor Advisory
18407

Source: SECUNIA
Type: UNKNOWN
21339

Source: CCN
Type: SA25729
Sun Solaris Gnome PDF Viewer Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
25729

Source: CCN
Type: Sun Alert ID: 102972
Multiple Security Vulnerabilities in the Solaris Gnome PDF Viewer (gpdf(1)) may Allow a Denial of Service (DoS) Condition or Lead to Execution of Arbitrary Code

Source: SUNALERT
Type: UNKNOWN
102972

Source: CCN
Type: ASA-2007-281
Multiple Security Vulnerabilities in the Solaris Gnome PDF Viewer (gpdf(1)) may Allow a Denial of Service (DoS) Condition or Lead to Execution of Arbitrary Code (SUN 102972)

Source: DEBIAN
Type: UNKNOWN
DSA-780

Source: DEBIAN
Type: UNKNOWN
DSA-1136

Source: DEBIAN
Type: Vendor Advisory
DSA-936

Source: DEBIAN
Type: DSA-1136
gpdf -- wrong input sanitising

Source: DEBIAN
Type: DSA-780
kdegraphics -- wrong input sanitising

Source: DEBIAN
Type: DSA-936
libextractor -- buffer overflows

Source: CCN
Type: GLSA-200508-08
Xpdf, Kpdf, GPdf: Denial of Service vulnerability

Source: CCN
Type: KDE Security Advisory: 2005-08-09
kpdf temp file writing DoS vulnerability

Source: CCN
Type: Fedora Update Notification FEDORA-2005-729
Fedora Core 4 Update: xpdf-3.00-20.FC4.2

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2005:138

Source: SUSE
Type: UNKNOWN
SUSE-SR:2005:019

Source: REDHAT
Type: UNKNOWN
RHSA-2005:670

Source: REDHAT
Type: UNKNOWN
RHSA-2005:671

Source: REDHAT
Type: UNKNOWN
RHSA-2005:706

Source: REDHAT
Type: UNKNOWN
RHSA-2005:708

Source: FEDORA
Type: UNKNOWN
FLSA-2006:176751

Source: FEDORA
Type: UNKNOWN
FLSA:175404

Source: CCN
Type: BID-14527
Easy Software Products CUPS Denial of Service Vulnerability

Source: BID
Type: UNKNOWN
14529

Source: CCN
Type: BID-14529
XPDF Loca Table Verification Remote Denial of Service Vulnerability

Source: CCN
Type: TLSA-2005-88
cups crash

Source: CCN
Type: USN-163-1
xpdf vulnerability

Source: VUPEN
Type: UNKNOWN
ADV-2007-2280

Source: XF
Type: UNKNOWN
kde-loca-xpdf-dos(21752)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10280

Source: UBUNTU
Type: UNKNOWN
USN-163-1

Source: SUSE
Type: SUSE-SR:2005:019
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:kde:kpdf:*:*:*:*:*:*:*:*
  • OR cpe:/a:xpdf:xpdf:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:xpdf:xpdf:3.0_pl2:*:*:*:*:*:*:*
  • OR cpe:/a:xpdf:xpdf:3.0_pl3:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20052097
    V
    		CVE-2005-2097
    2015-11-16
    oval:org.mitre.oval:def:10280
    V
    		xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temporary file to be created when xpdf attempts to reconstruct the information.
    2013-04-29
    oval:org.debian:def:1136
    V
    		wrong input sanitising
    2006-08-02
    oval:org.debian:def:936
    V
    		buffer overflows
    2006-01-11
    oval:org.debian:def:780
    V
    		wrong input sanitising
    2005-08-22
    oval:com.redhat.rhsa:def:20050708
    P
    		RHSA-2005:708: gpdf security update (Moderate)
    2005-08-10
    oval:com.redhat.rhsa:def:20050670
    P
    		RHSA-2005:670: xpdf security update (Moderate)
    2005-08-09
    oval:com.redhat.rhsa:def:20050671
    P
    		RHSA-2005:671: kdegraphics security update (Moderate)
    2005-08-09
    oval:com.redhat.rhsa:def:20050706
    P
    		RHSA-2005:706: cups security update (Important)
    2005-08-09
    BACK
    kde kpdf *
    xpdf xpdf 3.0
    xpdf xpdf 3.0_pl2
    xpdf xpdf 3.0_pl3