VDB
CVE-2005-3626
CVE-2005-3626
PUBLISHED
CVSS 5 MEDIUM
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
EPSS 9.17% · 92.8th percentile
Risk Scores
CVSS 2.0
5
EPSS Score
9.17%
92.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| trustix | secure_linux | 2.2, 3.0, 2.0 |
| turbolinux | turbolinux_multimedia | |
| redhat | enterprise_linux | 2.1, 2.1, 2.1 |
| kde | kdegraphics | 3.2, 3.4.3 |
| tetex | tetex | 3.0, 1.0.7, 2.0.2 |
| easy_software_products | cups | *, *, 1.1.23 |
| libextractor | libextractor | |
| slackware | slackware_linux | 10.0, 10.1, 9.0 |
| poppler | poppler | 0.4.2 |
| redhat | fedora_core | core_3.0, *, core_1.0 |
| sco | openserver | 5.0.7, 6.0 |
| turbolinux | turbolinux_home | |
| redhat | enterprise_linux_desktop | 3.0, 4.0 |
| turbolinux | turbolinux_personal | |
| mandrakesoft | mandrake_linux | 10.1, 10.2, 2006 |
| mandrakesoft | mandrake_linux_corporate_server | 2.1, 3.0, 3.0 |
| turbolinux | turbolinux | 10, fuji |
| debian | debian_linux | 3.0, 3.0, 3.0 |
| redhat | linux_advanced_workstation | 2.1, 2.1 |
| suse | suse_linux | 9.0, 9.0, 9.0 |
…and 14 more
Exploit Intelligence
- http://scary.beasts.org/security/CESA-2005-003.txt (vulncheck-nvd)
- 16143 (circl)
- DSA-932 (circl)
- 18349 (circl)
- 18147 (circl)
- SCOSA-2006.15 (circl)
- http://www.kde.org/info/security/advisory-20051207-2.txt (circl)
- 18679 (circl)
- 18312 (circl)
- 18644 (circl)
…and 75 more exploits
Timeline
- Dec 31, 2005 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
References
- http://secunia.com/advisories/18334 patch
- 16143 vdb
- DSA-932 vendor-advisory
- 18349 third-party-advisory
- 18147 third-party-advisory
- SCOSA-2006.15 vendor-advisory
- http://scary.beasts.org/security/CESA-2005-003.txt url
- http://www.kde.org/info/security/advisory-20051207-2.txt url
- 18679 third-party-advisory
- 18312 third-party-advisory
- 18644 third-party-advisory
- USN-236-1 vendor-advisory
- 18425 third-party-advisory
- 18373 third-party-advisory
- oval:org.mitre.oval:def:9992 vdb
- 18303 third-party-advisory
- DSA-931 vendor-advisory
- 18554 third-party-advisory
- MDKSA-2006:003 vendor-advisory
- 19230 third-party-advisory
…and 68 more