VDB

CVE-2005-3625

CVE-2005-3625 PUBLISHED CVSS 10 CRITICAL

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."

EPSS 11.29% · 93.7th percentile

Risk Scores

CVSS 2.0
10
EPSS Score
11.29%
93.7th percentile

Affected Products

VendorProductVersions
turbolinuxturbolinux_home
kdekoffice1.4.2, 1.4.1, 1.4
redhatlinux9.0, 7.3
redhatlinux_advanced_workstation2.1, 2.1
turbolinuxturbolinux_workstation8.0
turbolinuxturbolinux_personal
easy_software_productscups*, 1.1.23_rc1, 1.1.23
sgipropack3.0
kdekword1.4.2
turbolinuxturbolinux10, *
redhatenterprise_linux2.1, 2.1, 3.0
kdekpdf3.2, 3.4.3
gentoolinux
scoopenserver5.0.7, 6.0
turbolinuxturbolinux_desktop10.0
trustixsecure_linux2.2, 2.0, 3.0
ubuntuubuntu_linux5.10, 5.04, 5.10
turbolinuxturbolinux_multimedia
mandrakesoftmandrake_linux10.2, 10.1, 10.2
redhatenterprise_linux_desktop4.0, 3.0

…and 14 more

Exploit Intelligence

…and 75 more exploits

Timeline

  • Dec 31, 2005 CVE Published
  • Feb 4, 2022 EPSS Score
  • Mar 29, 2022 EPSS Score
  • May 20, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score
  • Oct 26, 2022 EPSS Score
  • Dec 18, 2022 EPSS Score
  • Feb 9, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Apr 3, 2023 EPSS Score
  • Jul 17, 2023 EPSS Score
  • Sep 8, 2023 EPSS Score

References

…and 68 more

Open in Interactive Console →
$ Console Community · 100/wk Open console ›