VDB

CVE-2004-1125

CVE-2004-1125 PUBLISHED CVSS 9.300000190734863 CRITICAL

Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded.

EPSS 7.31% · 91.8th percentile

Risk Scores

CVSS 2.0
9.300000190734863
EPSS Score
7.31%
91.8th percentile

Affected Products

VendorProductVersions
n/an/an/a
easy_software_productscups1.1.20
xpdfxpdf3.0
kdekde3.3.2, 3.2.3

Timeline

  • Dec 22, 2004 CVE Published
  • Feb 4, 2022 EPSS Score
  • Mar 29, 2022 EPSS Score
  • May 20, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score
  • Oct 26, 2022 EPSS Score
  • Dec 18, 2022 EPSS Score
  • Feb 9, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • May 25, 2023 EPSS Score
  • Jul 17, 2023 EPSS Score
  • Sep 8, 2023 EPSS Score

References

…and 9 more

Open in Interactive Console →
$ Console Community · 100/wk Open console ›