CVE-2005-0064

MITRE NVD CVE.ORG Print: PDF PDF

Summary

CVECVE-2005-0064
StatePUBLIC
Assigner[email protected]
Source PriorityCVE Program / NVD first with legacy fallback
Published2005-05-02 04:00:00 UTC
Updated2017-10-11 01:29:00 UTC
DescriptionBuffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value.

Risk And Classification

Problem Types: NVD-CWE-Other

NVD Known Affected Configurations (CPE 2.3)

TypeVendorProductVersionUpdateEditionLanguage
Application Xpdf Xpdf 0.2 All All All
Application Xpdf Xpdf 0.3 All All All
Application Xpdf Xpdf 0.4 All All All
Application Xpdf Xpdf 0.5 All All All
Application Xpdf Xpdf 0.5a All All All
Application Xpdf Xpdf 0.6 All All All
Application Xpdf Xpdf 0.7 All All All
Application Xpdf Xpdf 0.7a All All All
Application Xpdf Xpdf 0.80 All All All
Application Xpdf Xpdf 0.90 All All All
Application Xpdf Xpdf 0.91 All All All
Application Xpdf Xpdf 0.91a All All All
Application Xpdf Xpdf 0.91b All All All
Application Xpdf Xpdf 0.91c All All All
Application Xpdf Xpdf 0.92 All All All
Application Xpdf Xpdf 0.92a All All All
Application Xpdf Xpdf 0.92b All All All
Application Xpdf Xpdf 0.92c All All All
Application Xpdf Xpdf 0.92d All All All
Application Xpdf Xpdf 0.92e All All All
Application Xpdf Xpdf 0.93 All All All
Application Xpdf Xpdf 0.93a All All All
Application Xpdf Xpdf 0.93b All All All
Application Xpdf Xpdf 0.93c All All All
Application Xpdf Xpdf 1.0 All All All
Application Xpdf Xpdf 1.0a All All All
Application Xpdf Xpdf 1.1 All All All
Application Xpdf Xpdf 2.0 All All All
Application Xpdf Xpdf 2.1 All All All
Application Xpdf Xpdf 2.2 All All All
Application Xpdf Xpdf 2.3 All All All
Application Xpdf Xpdf 3.0 All All All
Application Xpdf Xpdf 0.2 All All All
Application Xpdf Xpdf 0.3 All All All
Application Xpdf Xpdf 0.4 All All All
Application Xpdf Xpdf 0.5 All All All
Application Xpdf Xpdf 0.5a All All All
Application Xpdf Xpdf 0.6 All All All
Application Xpdf Xpdf 0.7 All All All
Application Xpdf Xpdf 0.7a All All All
Application Xpdf Xpdf 0.80 All All All
Application Xpdf Xpdf 0.90 All All All
Application Xpdf Xpdf 0.91 All All All
Application Xpdf Xpdf 0.91a All All All
Application Xpdf Xpdf 0.91b All All All
Application Xpdf Xpdf 0.91c All All All
Application Xpdf Xpdf 0.92 All All All
Application Xpdf Xpdf 0.92a All All All
Application Xpdf Xpdf 0.92b All All All
Application Xpdf Xpdf 0.92c All All All
Application Xpdf Xpdf 0.92d All All All
Application Xpdf Xpdf 0.92e All All All
Application Xpdf Xpdf 0.93 All All All
Application Xpdf Xpdf 0.93a All All All
Application Xpdf Xpdf 0.93b All All All
Application Xpdf Xpdf 0.93c All All All
Application Xpdf Xpdf 1.0 All All All
Application Xpdf Xpdf 1.0a All All All
Application Xpdf Xpdf 1.1 All All All
Application Xpdf Xpdf 2.0 All All All
Application Xpdf Xpdf 2.1 All All All
Application Xpdf Xpdf 2.2 All All All
Application Xpdf Xpdf 2.3 All All All
Application Xpdf Xpdf 3.0 All All All

References

ReferenceSourceLinkTags
rhn.redhat.com | Red Hat Support REDHAT www.redhat.com Patch, Vendor Advisory
rhn.redhat.com | Red Hat Support REDHAT www.redhat.com Patch, Vendor Advisory
ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch CONFIRM ftp.foolabs.com Patch
rhn.redhat.com | Red Hat Support REDHAT www.redhat.com Patch, Vendor Advisory
Debian -- Security Information -- DSA-648-1 xpdf DEBIAN www.debian.org Patch, Vendor Advisory
2005-0003 TRUSTIX www.trustix.org Patch, Vendor Advisory
Repository / Oval Repository OVAL oval.cisecurity.org
pdftohtml: Vulnerabilities in included Xpdf (GLSA 200502-10) — Gentoo Security GENTOO security.gentoo.org
Home - Conectiva CONECTIVA distro.conectiva.com.br Patch, Vendor Advisory
rhn.redhat.com | Red Hat Support REDHAT www.redhat.com Patch, Vendor Advisory
Advisories - Mandriva MANDRAKE www.mandriva.com
Advisories - Mandriva MANDRAKE www.mandriva.com
FLSA:2352 FEDORA bugzilla.fedora.us Patch, Vendor Advisory
Advisories - Mandriva MANDRAKE www.mandriva.com
Advisories - Mandriva MANDRAKE www.mandriva.com
FLSA:2353 FEDORA bugzilla.fedora.us Patch, Vendor Advisory
rhn.redhat.com | Red Hat Support REDHAT www.redhat.com Patch, Vendor Advisory
'[USN-64-1] xpdf, CUPS vulnerabilities' - MARC BUGTRAQ marc.info
rhn.redhat.com | Red Hat Support REDHAT www.redhat.com
Advisories - Mandriva MANDRAKE www.mandriva.com
Advisories - Mandriva Linux MANDRAKE www.mandriva.com
Debian -- Security Information -- DSA-645-1 cupsys DEBIAN www.debian.org Patch, Vendor Advisory
Secunia - Advisories - SCO OpenServer update for xpdf SECUNIA secunia.com
Gentoo Security GENTOO security.gentoo.org
SCOSA-2005.42 SCO ftp.sco.com
Accenture | Let there be change IDEFENSE www.idefense.com Exploit, Patch, Vendor Advisory
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report