VDB
ANCHORE-2005-3624
ANCHORE-2005-3624
PUBLISHED
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| sgi | propack | 3.0-sp6, 3.0-sp6, 3.0-sp6 |
| kde | kdegraphics | 3.2, 3.4.3, 3.4.3 |
| kde | kpdf | 3.2, 3.4.3, 3.2 |
| easy_software_products | cups | 1.1.23, *, 1.1.23 |
| conectiva | linux | 10.0, 10.0, 10.0 |
| kde | kword | 1.4.2, 1.4.2, 1.4.2 |
| redhat | linux_advanced_workstation | 2.1, 2.1, 2.1 |
| kde | koffice | 1.4, 1.4, 1.4.2 |
| mandrakesoft | mandrake_linux | 10.2, 10.2, 2006 |
| slackware | slackware_linux | 9.0, 9.1, 10.0 |
| debian | debian_linux | 3.1, 3.0, 3.0 |
| turbolinux | turbolinux | fuji, fuji, 10 |
| xpdf | xpdf | 3.0, 3.0, 3.0 |
| suse | suse_linux | 9.3, 1.0, 9.0 |
| turbolinux | turbolinux_server | 10.0, 10.0_x86, 8.0 |
| tetex | tetex | 2.0.2, 2.0, 1.0.7 |
| turbolinux | turbolinux_desktop | 10.0, 10.0, 10.0 |
| redhat | enterprise_linux_desktop | 3.0, 3.0, 4.0 |
| redhat | linux | 9.0, 7.3, 9.0 |
| turbolinux | turbolinux_appliance_server | 1.0_workgroup_edition, 1.0_hosting_edition, 1.0_workgroup_edition |
…and 8 more
Timeline
- Jan 6, 2006 CVE Published
- Aug 7, 2024 CVE Updated
- Mar 13, 2026 Distribution Patch
- Mar 13, 2026 Distribution Patch
- Mar 13, 2026 Distribution Patch
- Mar 13, 2026 Distribution Patch
- Mar 13, 2026 Distribution Patch
- Mar 13, 2026 Distribution Patch
- Mar 13, 2026 Distribution Patch
- Mar 13, 2026 Distribution Patch
- Mar 13, 2026 Distribution Patch
References
- ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt url
- ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U url
- ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U url
- ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U url
- http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html url
- http://rhn.redhat.com/errata/RHSA-2006-0177.html url
- http://scary.beasts.org/security/CESA-2005-003.txt url
- http://secunia.com/advisories/18147 url
- http://secunia.com/advisories/18303 url
- http://secunia.com/advisories/18312 url
- http://secunia.com/advisories/18313 url
- http://secunia.com/advisories/18329 url
- http://secunia.com/advisories/18332 url
- http://secunia.com/advisories/18334 url
- http://secunia.com/advisories/18338 url
- http://secunia.com/advisories/18349 url
- http://secunia.com/advisories/18373 url
- http://secunia.com/advisories/18375 url
- http://secunia.com/advisories/18380 url
- http://secunia.com/advisories/18385 url
…and 62 more