CVE-2005-3193 — Vulnetix

CVE-2005-3193 PUBLISHED

Reported by mitre · Published December 7, 2005

Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and (5) libextractor allows user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with large size values that cause insufficient memory to be allocated.

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
n/a	n/a	n/a, n/a, n/a

Timeline

Dec 7, 2005 CVE Published
Feb 4, 2022 EPSS Score
Mar 29, 2022 EPSS Score
May 3, 2022 CVE Updated
May 20, 2022 EPSS Score
Jul 12, 2022 EPSS Score
Oct 26, 2022 EPSS Score
Dec 18, 2022 EPSS Score
Feb 9, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 3, 2023 EPSS Score
May 25, 2023 EPSS Score

References

17959 third-party-advisoryx_refsource_SECUNIA
17929 third-party-advisoryx_refsource_SECUNIA
19797 third-party-advisoryx_refsource_SECUNIA
SCOSA-2006.20 vendor-advisoryx_refsource_SCO
DSA-932 vendor-advisoryx_refsource_DEBIAN
18349 third-party-advisoryx_refsource_SECUNIA
18147 third-party-advisoryx_refsource_SECUNIA
SCOSA-2006.15 vendor-advisoryx_refsource_SCO
18055 third-party-advisoryx_refsource_SECUNIA
x_refsource_CONFIRM
x_refsource_CONFIRM
18679 third-party-advisoryx_refsource_SECUNIA
18189 third-party-advisoryx_refsource_SECUNIA
26413 third-party-advisoryx_refsource_SECUNIA
17940 third-party-advisoryx_refsource_SECUNIA
18303 third-party-advisoryx_refsource_SECUNIA
DSA-931 vendor-advisoryx_refsource_DEBIAN
18554 third-party-advisoryx_refsource_SECUNIA
MDKSA-2006:003 vendor-advisoryx_refsource_MANDRIVA
19230 third-party-advisoryx_refsource_SECUNIA

…and 91 more

Open in Interactive Console →