VDB
CVE-2005-2097
CVE-2005-2097
PUBLISHED
CVSS 2.0999999046325684 LOW
xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temporary file to be created when xpdf attempts to reconstruct the information.
EPSS 0.07% · 22.0th percentile
Risk Scores
CVSS v2.0
2.0999999046325684
EPSS Score
0.07%
22.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| kde | kpdf | |
| xpdf | xpdf | 3.0, 3.0_pl2, * |
Timeline
- Aug 16, 2005 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 17, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 1, 2023 EPSS Score
- May 24, 2023 EPSS Score
References
- RHSA-2005:706 vendor-advisory
- 17277 third-party-advisory
- RHSA-2005:671 vendor-advisory
- oval:org.mitre.oval:def:10280 vdb
- DSA-1136 vendor-advisory
- MDKSA-2005:138 vendor-advisory
- SUSE-SR:2005:019 vendor-advisory
- 102972 vendor-advisory
- 18398 third-party-advisory
- FLSA-2006:176751 vendor-advisory
- DSA-936 vendor-advisory
- USN-163-1 vendor-advisory
- ADV-2007-2280 vdb
- RHSA-2005:670 vendor-advisory
- 18407 third-party-advisory
- 25729 third-party-advisory
- SCOSA-2005.42 vendor-advisory
- DSA-780 vendor-advisory
- 14529 vdb
- FLSA:175404 vendor-advisory
…and 4 more