VDB

ANCHORE-2004-0888

ANCHORE-2004-0888 PUBLISHED

Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889.

Affected Products

VendorProductVersions
redhatenterprise_linux3.0, 3.0, 2.1
redhatlinux_advanced_workstation2.1, 2.1, 2.1
redhatenterprise_linux_desktop3.0, 3.0, 3.0
gnomegpdf0.131, 0.112, 0.131
ubuntuubuntu_linux4.1, 4.1, 4.1
kdekpdf3.2, 3.2, 3.2
kdekoffice*, *, 1.3.2
redhatfedora_corecore_2.0, core_2.0, core_2.0
xpdfxpdf1.0a, 2.1, 0.90
susesuse_linux8.0, 9.2, 9.2
tetextetex2.0.2, 2.0.1, 2.0
debiandebian_linux3.0, 3.0, 3.0
easy_software_productscups1.1.19, 1.1.19_rc5, 1.1.20
kdekde3.2.3, 3.3, 3.3.1
pdftohtmlpdftohtml0.32a, 0.32b, 0.33

Timeline

  • Oct 26, 2004 CVE Published
  • Aug 8, 2024 CVE Updated
  • Mar 13, 2026 Distribution Patch
  • Mar 13, 2026 Distribution Patch
  • Mar 13, 2026 Distribution Patch
  • Mar 13, 2026 Distribution Patch
Open in Interactive Console →
$ Console Community · 100/wk Open console ›