| Vulnerability Name: | CVE-2006-0301 (CCN-24391) | ||||||||||||||||||||||||||||||||||||||||
| Assigned: | 2006-01-05 | ||||||||||||||||||||||||||||||||||||||||
| Published: | 2006-01-05 | ||||||||||||||||||||||||||||||||||||||||
| Updated: | 2018-10-19 | ||||||||||||||||||||||||||||||||||||||||
| Summary: | Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap. | ||||||||||||||||||||||||||||||||||||||||
| CVSS v3 Severity: | 9.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||||||||||||||||||||||||||||||||||
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P) 5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
5.6 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
| ||||||||||||||||||||||||||||||||||||||||
| Vulnerability Type: | CWE-119 | ||||||||||||||||||||||||||||||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||||||||||||||||||||||||||||||
| References: | Source: SCO Type: Patch, Vendor Advisory SCOSA-2006.15 Source: MITRE Type: CNA CVE-2006-0301 Source: CCN Type: RHSA-2006-0201 xpdf security update Source: CCN Type: RHSA-2006-0206 kdegraphics security update Source: REDHAT Type: Patch, Vendor Advisory RHSA-2006:0206 Source: CCN Type: SA18274 PDFKit Framework PDF Splash Image Buffer Overflow Source: SECUNIA Type: Vendor Advisory 18274 Source: CCN Type: SA18677 Xpdf PDF Splash Image Handling Vulnerability Source: SECUNIA Type: Patch, Vendor Advisory 18677 Source: CCN Type: SA18707 KDE kpdf Splash Image Handling Buffer Overflow Source: SECUNIA Type: Patch, Vendor Advisory 18707 Source: SECUNIA Type: Patch, Vendor Advisory 18825 Source: SECUNIA Type: Patch, Vendor Advisory 18826 Source: SECUNIA Type: Patch, Vendor Advisory 18834 Source: SECUNIA Type: Patch, Vendor Advisory 18837 Source: SECUNIA Type: Patch, Vendor Advisory 18838 Source: SECUNIA Type: Patch, Vendor Advisory 18839 Source: SECUNIA Type: Patch, Vendor Advisory 18860 Source: SECUNIA Type: Patch, Vendor Advisory 18862 Source: SECUNIA Type: Patch, Vendor Advisory 18864 Source: SECUNIA Type: Vendor Advisory 18875 Source: SECUNIA Type: Patch, Vendor Advisory 18882 Source: SECUNIA Type: Patch, Vendor Advisory 18908 Source: SECUNIA Type: Patch, Vendor Advisory 18913 Source: SECUNIA Type: Patch, Vendor Advisory 18983 Source: SECUNIA Type: Patch, Vendor Advisory 19377 Source: SREASON Type: UNKNOWN 470 Source: CCN Type: SECTRACK ID: 1015576 KDE kpdf Heap Overflow in Splash Rasterizer Engine Lets Remote Users Execute Arbitrary Code Source: SECTRACK Type: Patch 1015576 Source: SLACKWARE Type: Patch SSA:2006-045-09 Source: SLACKWARE Type: Patch SSA:2006-045-04 Source: DEBIAN Type: Patch, Vendor Advisory DSA-971 Source: DEBIAN Type: Patch, Vendor Advisory DSA-972 Source: DEBIAN Type: Patch, Vendor Advisory DSA-974 Source: DEBIAN Type: DSA-971 xpdf -- buffer overflow Source: DEBIAN Type: DSA-972 pdfkit.framework -- buffer overflows Source: DEBIAN Type: DSA-974 gpdf -- buffer overflows Source: CCN Type: GLSA-200602-04 Xpdf, Poppler: Heap overflow Source: GENTOO Type: Patch, Vendor Advisory GLSA-200602-04 Source: CCN Type: GLSA-200602-05 KPdf: Heap based overflow Source: GENTOO Type: Patch, Vendor Advisory GLSA-200602-05 Source: CCN Type: GLSA-200602-12 GPdf: heap overflows in included Xpdf code Source: GENTOO Type: Patch, Vendor Advisory GLSA-200602-12 Source: CCN Type: KDE Security Advisory 20060202-1 kpdf/xpdf heap based buffer overflow Source: MISC Type: Patch, Vendor Advisory http://www.kde.org/info/security/advisory-20060202-1.txt Source: MANDRIVA Type: UNKNOWN MDKSA-2006:030 Source: MANDRIVA Type: UNKNOWN MDKSA-2006:031 Source: MANDRIVA Type: UNKNOWN MDKSA-2006:032 Source: FEDORA Type: Patch, Vendor Advisory FEDORA-2006-103 Source: REDHAT Type: Patch, Vendor Advisory RHSA-2006:0201 Source: BUGTRAQ Type: Patch, Vendor Advisory 20060202 [KDE Security Advisory] kpdf/xpdf heap based buffer overflow Source: FEDORA Type: UNKNOWN FLSA:175404 Source: CCN Type: USN-249-1 xpdf Source: UBUNTU Type: Patch USN-249-1 Source: VUPEN Type: Vendor Advisory ADV-2006-0389 Source: VUPEN Type: Vendor Advisory ADV-2006-0422 Source: CONFIRM Type: UNKNOWN https://bugzilla.novell.com/show_bug.cgi?id=141242 Source: CCN Type: Red Hat Bugzilla Bug 179046 CVE-2006-0301 PDF splash handling heap overflow Source: MISC Type: UNKNOWN https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179046 Source: XF Type: UNKNOWN xpdf-splash-bo(24391) Source: XF Type: UNKNOWN xpdf-splash-bo(24391) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:10850 | ||||||||||||||||||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration RedHat 1: Configuration RedHat 2: Configuration RedHat 3: Configuration RedHat 4: Configuration RedHat 5: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||||||||||||||||||