{"api_version":"1","generated_at":"2026-04-22T23:07:55+00:00","cve":"CVE-2005-3191","urls":{"html":"https://cve.report/CVE-2005-3191","api":"https://cve.report/api/cve/CVE-2005-3191.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2005-3191","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2005-3191"},"summary":{"title":"CVE-2005-3191","description":"Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KDE kpdf, (d) pdftohtml, (e) KOffice KWord, (f) CUPS, and (g) libextractor allow user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with an out-of-range number of components (numComps), which is used as an array index.","state":"PUBLISHED","assigner":"mitre","published_at":"2005-12-07 01:03:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["CWE-119","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"5.1","severity":"","vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","data":{"version":"2.0","vectorString":"AV:N/AC:H/Au:N/C:P/I:P/A:P","baseScore":5.1,"accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"}}],"references":[{"url":"http://secunia.com/advisories/17976","name":"http://secunia.com/advisories/17976","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Secunia - Advisories - CUPS xpdf Multiple Buffer Overflow Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:012","name":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:012","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Advisories - Mandriva Linux OS","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/18147","name":"http://secunia.com/advisories/18147","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - Debian update for koffice","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.redhat.com/support/errata/RHSA-2005-878.html","name":"http://www.redhat.com/support/errata/RHSA-2005-878.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"rhn.redhat.com | Red Hat Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://securityreason.com/securityalert/233","name":"http://securityreason.com/securityalert/233","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Multiple Vendor xpdf DCTStream Progressive Heap Overflow - CXSecurity.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/17920","name":"http://secunia.com/advisories/17920","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Secunia - Advisories - KDE kpdf Xpdf Buffer Overflow Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/15726","name":"http://www.securityfocus.com/bid/15726","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"XPDF DCTStream Progressive Remote Heap Buffer Overflow Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://secunia.com/advisories/26413","name":"http://secunia.com/advisories/26413","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"rPath update for cups, poppler, and tetex - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/18675","name":"http://secunia.com/advisories/18675","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - Debian update for pdftohtml","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/17912","name":"http://secunia.com/advisories/17912","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Secunia - Advisories - Poppler Xpdf Buffer Overflow Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/17940","name":"http://secunia.com/advisories/17940","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Secunia - Advisories - GNOME gpdf Xpdf Buffer Overflow Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/18313","name":"http://secunia.com/advisories/18313","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Secunia - Advisories - Gentoo update for kdegraphics / kpdf / koffice / kword","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/18389","name":"http://secunia.com/advisories/18389","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - Debian update for kpdf","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://rhn.redhat.com/errata/RHSA-2005-868.html","name":"http://rhn.redhat.com/errata/RHSA-2005-868.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"rhn.redhat.com | Red Hat Support","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"http://secunia.com/advisories/18009","name":"http://secunia.com/advisories/18009","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Secunia - Advisories - Ubuntu updates for xpdf / cupsys / tetex-bin / kdegraphics / koffice","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.debian.org/security/2005/dsa-938","name":"http://www.debian.org/security/2005/dsa-938","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Debian -- Page not found","mime":"text/html","httpstatus":"404","archivestatus":"404"},{"url":"http://www.debian.org/security/2006/dsa-936","name":"http://www.debian.org/security/2006/dsa-936","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Debian -- Security Information -- DSA-936-1 libextractor","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html","name":"http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"[SECURITY] Fedora Core 4 Update: cups-1.1.23-15.2","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html","name":"http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"[SECURITY] Fedora Core 3 Update: tetex-2.0.2-21.5","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/archive/1/427990/100/0/threaded","name":"http://www.securityfocus.com/archive/1/427990/100/0/threaded","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/17916","name":"http://secunia.com/advisories/17916","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Secunia - Advisories - teTeX Xpdf Buffer Overflow Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://securitytracker.com/id?1015324","name":"http://securitytracker.com/id?1015324","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityTracker.com Archives - KDE KOffice kpdf Buffer Overflows in Processing DCT and JPX Streams May Let Remote Users Execute Arbitrary Code","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/18192","name":"http://secunia.com/advisories/18192","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Red Hat update for gpdf - Secunia Advisories - Vulnerability Intelligence - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:005","name":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:005","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Advisories - Mandriva Linux OS","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/18349","name":"http://secunia.com/advisories/18349","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Secunia - Advisories - Mandriva update for xpdf","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/18061","name":"http://secunia.com/advisories/18061","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Secunia - Advisories - Fedora update for cups","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U","name":"ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"404"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9760","name":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9760","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Repository  /  Oval Repository","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/19377","name":"http://secunia.com/advisories/19377","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SCO OpenServer update for xpdf - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt","name":"ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"text/plain","httpstatus":"200","archivestatus":"404"},{"url":"http://secunia.com/advisories/18913","name":"http://secunia.com/advisories/18913","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - Slackware update for kdegraphics","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2005/2787","name":"http://www.vupen.com/english/advisories/2005/2787","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Webmail - OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.redhat.com/support/errata/RHSA-2005-867.html","name":"http://www.redhat.com/support/errata/RHSA-2005-867.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Support","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U","name":"ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"404"},{"url":"http://securitytracker.com/id?1015309","name":"http://securitytracker.com/id?1015309","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityTracker.com Archives - Xpdf Buffer Overflows in Processing DCT and JPX Streams May Let Remote Users Execute Arbitrary Code","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html","name":"http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"[SECURITY] Fedora Core 3 Update: cups-1.1.22-0.rc1.8.8","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/18398","name":"http://secunia.com/advisories/18398","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - libextractor Multiple Xpdf Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/18385","name":"http://secunia.com/advisories/18385","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Secunia - Advisories - Debian update for xpdf","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2005/2789","name":"http://www.vupen.com/english/advisories/2005/2789","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Webmail - OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.novell.com/linux/security/advisories/2006_02_sr.html","name":"http://www.novell.com/linux/security/advisories/2006_02_sr.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Security Announcement","mime":"text/html","httpstatus":"404","archivestatus":"200"},{"url":"http://www.debian.org/security/2005/dsa-937","name":"http://www.debian.org/security/2005/dsa-937","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Debian -- Page not found","mime":"text/html","httpstatus":"404","archivestatus":"404"},{"url":"http://secunia.com/advisories/18503","name":"http://secunia.com/advisories/18503","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - SUSE update for multiple packages","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/17908","name":"http://secunia.com/advisories/17908","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Secunia - Advisories - KOffice KWord PDF Filter Xpdf Buffer Overflow Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:010","name":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:010","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Advisories - Mandriva Linux OS","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/archive/1/427053/100/0/threaded","name":"http://www.securityfocus.com/archive/1/427053/100/0/threaded","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/18191","name":"http://secunia.com/advisories/18191","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Secunia - Advisories - Red Hat update for cups","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.debian.org/security/2006/dsa-950","name":"http://www.debian.org/security/2006/dsa-950","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Debian -- Security Information -- DSA-950-1 cupsys","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/19797","name":"http://secunia.com/advisories/19797","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - UnixWare update for CUPS","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.debian.org/security/2005/dsa-931","name":"http://www.debian.org/security/2005/dsa-931","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Debian -- Page not found","mime":"text/html","httpstatus":"404","archivestatus":"404"},{"url":"http://secunia.com/advisories/18679","name":"http://secunia.com/advisories/18679","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - Debian update for pdfkit.framework","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt","name":"ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"text/plain","httpstatus":"200","archivestatus":"404"},{"url":"http://secunia.com/advisories/17897","name":"http://secunia.com/advisories/17897","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Secunia - Advisories - Xpdf Multiple Buffer Overflow Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.kde.org/info/security/advisory-20051207-2.txt","name":"http://www.kde.org/info/security/advisory-20051207-2.txt","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"text/plain","httpstatus":"200","archivestatus":"200"},{"url":"http://www.ubuntulinux.org/usn/usn-227-1","name":"http://www.ubuntulinux.org/usn/usn-227-1","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"USN-227-1: xpdf vulnerabilities | Ubuntu security notices | Ubuntu","mime":"text/html","httpstatus":"200","archivestatus":"403"},{"url":"http://www.vupen.com/english/advisories/2005/2786","name":"http://www.vupen.com/english/advisories/2005/2786","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Webmail - OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/23444","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/23444","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2005/2788","name":"http://www.vupen.com/english/advisories/2005/2788","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Webmail - OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683","name":"http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"The Slackware Linux Project: Slackware Security Advisories","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/17955","name":"http://secunia.com/advisories/17955","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - Fedora update for tetex","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/19798","name":"http://secunia.com/advisories/19798","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - SCO OpenServer update for CUPS","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/23443","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/23443","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.idefense.com/application/poi/display?id=342&type=vulnerabilities","name":"http://www.idefense.com/application/poi/display?id=342&type=vulnerabilities","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Accenture | Let there be change","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://www.debian.org/security/2005/dsa-932","name":"http://www.debian.org/security/2005/dsa-932","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Debian -- Page not found","mime":"text/html","httpstatus":"404","archivestatus":"404"},{"url":"http://secunia.com/advisories/25729","name":"http://secunia.com/advisories/25729","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Sun Solaris Gnome PDF Viewer Multiple Vulnerabilities - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/18416","name":"http://secunia.com/advisories/18416","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Secunia - Advisories - SUSE updates for xpdf / kpdf / gpdf / kword","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/18582","name":"http://secunia.com/advisories/18582","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - Debian update for cupsys","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/17921","name":"http://secunia.com/advisories/17921","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Secunia - Advisories - pdftohtml Xpdf Buffer Overflow Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://securityreason.com/securityalert/234","name":"http://securityreason.com/securityalert/234","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Multiple Vendor xpdf DCTStream Baseline Heap Overflow Vulnerability - CXSecurity.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/archive/1/418883/100/0/threaded","name":"http://www.securityfocus.com/archive/1/418883/100/0/threaded","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.debian.org/security/2005/dsa-940","name":"http://www.debian.org/security/2005/dsa-940","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Debian -- Page not found","mime":"text/html","httpstatus":"404","archivestatus":"404"},{"url":"http://www.trustix.org/errata/2005/0072/","name":"http://www.trustix.org/errata/2005/0072/","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"text/plain","httpstatus":"-1","archivestatus":"200"},{"url":"http://www.redhat.com/support/errata/RHSA-2005-840.html","name":"http://www.redhat.com/support/errata/RHSA-2005-840.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"rhn.redhat.com | Red Hat Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/18336","name":"http://secunia.com/advisories/18336","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Secunia - Advisories - Trustix update for cups / curl","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/18674","name":"http://secunia.com/advisories/18674","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - GNUStep PDFKit Framework Xpdf Multiple Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml","name":"http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Gentoo Linux Documentation\n--\n  KPdf, KWord: Multiple overflows in included Xpdf code","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/18908","name":"http://secunia.com/advisories/18908","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - Slackware update for xpdf","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/18436","name":"http://secunia.com/advisories/18436","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - Debian update for gpdf","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:011","name":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:011","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Advisories - Mandriva Linux OS","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/18055","name":"http://secunia.com/advisories/18055","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Secunia - Advisories - Gentoo updates for xpdf / gpdf / cups / poppler","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.idefense.com/application/poi/display?id=343&type=vulnerabilities","name":"http://www.idefense.com/application/poi/display?id=343&type=vulnerabilities","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Accenture | Let there be change","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://secunia.com/advisories/18517","name":"http://secunia.com/advisories/18517","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - SGI Advanced Linux Environment Multiple Updates","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2007/2280","name":"http://www.vupen.com/english/advisories/2007/2280","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Webmail - OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/15727","name":"http://www.securityfocus.com/bid/15727","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"XPDF DCTStream Baseline Remote Heap Buffer Overflow Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:006","name":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:006","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Advisories - Mandriva Linux OS","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/19230","name":"http://secunia.com/advisories/19230","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SGI Advanced Linux Environment Multiple Updates - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html","name":"http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"[SECURITY] Fedora Core 4 Update: tetex-3.0-7.FC4","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/18387","name":"http://secunia.com/advisories/18387","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Secunia - Advisories - Mandriva update for cups","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt","name":"ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"text/plain","httpstatus":"200","archivestatus":"404"},{"url":"http://www.redhat.com/support/errata/RHSA-2006-0160.html","name":"http://www.redhat.com/support/errata/RHSA-2006-0160.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"rhn.redhat.com | Red Hat Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html","name":"http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SuSE Security announcements: [suse-security-announce] SUSE Security Announcement: xpdf,kpdf,gpdf,kword  (SUSE-SA:2006:001)","mime":"text/html","httpstatus":"404","archivestatus":"200"},{"url":"http://secunia.com/advisories/18303","name":"http://secunia.com/advisories/18303","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - xpdf Multiple Integer Overflow Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.debian.org/security/2006/dsa-961","name":"http://www.debian.org/security/2006/dsa-961","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Debian -- Security Information -- DSA-961-1 pdfkit.framework","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/17926","name":"http://secunia.com/advisories/17926","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Secunia - Advisories - Fedora update for xpdf","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1","name":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"404"},{"url":"http://secunia.com/advisories/18448","name":"http://secunia.com/advisories/18448","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - Fedora update for tetex","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://issues.rpath.com/browse/RPL-1609","name":"https://issues.rpath.com/browse/RPL-1609","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"404"},{"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:003","name":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:003","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Advisories - Mandriva Linux OS","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2005/2790","name":"http://www.vupen.com/english/advisories/2005/2790","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Webmail - OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289","name":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"#342289 - xpdf security problems partially affect pdftohtml as well - Debian Bug report logs","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/18554","name":"http://secunia.com/advisories/18554","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - SGI Advanced Linux Environment Multiple Updates","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/18549","name":"http://secunia.com/advisories/18549","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SUSE update for multiple packages - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/17929","name":"http://secunia.com/advisories/17929","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Secunia - Advisories - Red Hat update for xpdf","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747","name":"http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"The Slackware Linux Project: Slackware Security Advisories","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.debian.org/security/2006/dsa-962","name":"http://www.debian.org/security/2006/dsa-962","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Debian -- Security Information -- DSA-962-1 pdftohtml","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2005/2856","name":"http://www.vupen.com/english/advisories/2005/2856","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Webmail - OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/18189","name":"http://secunia.com/advisories/18189","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Secunia - Advisories - Red Hat update for kdegraphics","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/18534","name":"http://secunia.com/advisories/18534","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - Red Hat update for tetex","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.kde.org/info/security/advisory-20051207-1.txt","name":"http://www.kde.org/info/security/advisory-20051207-1.txt","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"text/plain","httpstatus":"200","archivestatus":"200"},{"url":"http://www.novell.com/linux/security/advisories/2005_29_sr.html","name":"http://www.novell.com/linux/security/advisories/2005_29_sr.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Security Announcement","mime":"text/html","httpstatus":"404","archivestatus":"200"},{"url":"http://secunia.com/advisories/18380","name":"http://secunia.com/advisories/18380","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - Mandriva update for tetex","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:008","name":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:008","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Advisories - Mandriva Linux","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml","name":"http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Gentoo Linux Documentation\n--\n  Xpdf, GPdf, CUPS, Poppler: Multiple vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/18407","name":"http://secunia.com/advisories/18407","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - Debian update for libextractor","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:004","name":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:004","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Advisories - Mandriva Linux OS","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/18428","name":"http://secunia.com/advisories/18428","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - Debian update for tetex-bin","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U","name":"ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2005-3191","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-3191","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2005","cve_id":"3191","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xpdf","cpe5":"xpdf","cpe6":"0.90","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"3191","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xpdf","cpe5":"xpdf","cpe6":"0.91","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"3191","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xpdf","cpe5":"xpdf","cpe6":"0.92","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"3191","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xpdf","cpe5":"xpdf","cpe6":"0.93","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"3191","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xpdf","cpe5":"xpdf","cpe6":"1.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"3191","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xpdf","cpe5":"xpdf","cpe6":"1.0a","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"3191","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xpdf","cpe5":"xpdf","cpe6":"1.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"3191","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xpdf","cpe5":"xpdf","cpe6":"2.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"3191","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xpdf","cpe5":"xpdf","cpe6":"2.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"3191","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xpdf","cpe5":"xpdf","cpe6":"2.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"3191","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xpdf","cpe5":"xpdf","cpe6":"2.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"3191","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xpdf","cpe5":"xpdf","cpe6":"3.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"3191","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xpdf","cpe5":"xpdf","cpe6":"3.0.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"3191","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xpdf","cpe5":"xpdf","cpe6":"3.0_pl2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"3191","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xpdf","cpe5":"xpdf","cpe6":"3.0_pl3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[{"cvename":"CVE-2005-3191","organization":"Red Hat","lastmodified":"2007-03-14","contributor":"Mark J Cox","statementText":"Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.","cve_year":"2005","cve_id":"3191","crc32":"e4ada83e"}],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T23:01:58.841Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"234","tags":["third-party-advisory","x_refsource_SREASON","x_transferred"],"url":"http://securityreason.com/securityalert/234"},{"name":"17929","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/17929"},{"name":"19797","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/19797"},{"name":"SCOSA-2006.20","tags":["vendor-advisory","x_refsource_SCO","x_transferred"],"url":"ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt"},{"name":"233","tags":["third-party-advisory","x_refsource_SREASON","x_transferred"],"url":"http://securityreason.com/securityalert/233"},{"name":"DSA-932","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"http://www.debian.org/security/2005/dsa-932"},{"name":"18349","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/18349"},{"name":"18147","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/18147"},{"name":"SCOSA-2006.15","tags":["vendor-advisory","x_refsource_SCO","x_transferred"],"url":"ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"},{"name":"18055","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/18055"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.kde.org/info/security/advisory-20051207-1.txt"},{"name":"18503","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/18503"},{"name":"18549","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/18549"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.kde.org/info/security/advisory-20051207-2.txt"},{"name":"18679","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/18679"},{"name":"18189","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/18189"},{"name":"26413","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/26413"},{"name":"17940","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/17940"},{"name":"oval:org.mitre.oval:def:9760","tags":["vdb-entry","signature","x_refsource_OVAL","x_transferred"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9760"},{"name":"xpdf-dctstream-baseline-bo(23444)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/23444"},{"name":"18303","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/18303"},{"name":"DSA-931","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"http://www.debian.org/security/2005/dsa-931"},{"name":"18554","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/18554"},{"name":"MDKSA-2006:003","tags":["vendor-advisory","x_refsource_MANDRIVA","x_transferred"],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289"},{"name":"19230","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/19230"},{"name":"102972","tags":["vendor-advisory","x_refsource_SUNALERT","x_transferred"],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"},{"name":"MDKSA-2006:012","tags":["vendor-advisory","x_refsource_MANDRIVA","x_transferred"],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"},{"name":"DSA-962","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"http://www.debian.org/security/2006/dsa-962"},{"name":"1015309","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1015309"},{"name":"DSA-937","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"http://www.debian.org/security/2005/dsa-937"},{"name":"18398","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/18398"},{"name":"FLSA-2006:176751","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"http://www.securityfocus.com/archive/1/427053/100/0/threaded"},{"name":"SUSE-SA:2006:001","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"},{"name":"DSA-936","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"http://www.debian.org/security/2006/dsa-936"},{"name":"17916","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/17916"},{"name":"20051205 Multiple Vendor xpdf DCTStream Progressive Heap Overflow","tags":["third-party-advisory","x_refsource_IDEFENSE","x_transferred"],"url":"http://www.idefense.com/application/poi/display?id=343&type=vulnerabilities"},{"name":"RHSA-2005:840","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://www.redhat.com/support/errata/RHSA-2005-840.html"},{"name":"ADV-2005-2789","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2005/2789"},{"name":"RHSA-2005:867","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://www.redhat.com/support/errata/RHSA-2005-867.html"},{"name":"18674","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/18674"},{"name":"MDKSA-2006:005","tags":["vendor-advisory","x_refsource_MANDRIVA","x_transferred"],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"},{"name":"18313","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/18313"},{"name":"15727","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/15727"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://issues.rpath.com/browse/RPL-1609"},{"name":"RHSA-2005:868","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://rhn.redhat.com/errata/RHSA-2005-868.html"},{"name":"20051201-01-U","tags":["vendor-advisory","x_refsource_SGI","x_transferred"],"url":"ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"},{"name":"20060101-01-U","tags":["vendor-advisory","x_refsource_SGI","x_transferred"],"url":"ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"},{"name":"18448","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/18448"},{"name":"18436","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/18436"},{"name":"18428","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/18428"},{"name":"18380","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/18380"},{"name":"GLSA-200512-08","tags":["vendor-advisory","x_refsource_GENTOO","x_transferred"],"url":"http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml"},{"name":"FEDORA-2005-1126","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html"},{"name":"18416","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/18416"},{"name":"ADV-2007-2280","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2007/2280"},{"name":"15726","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/15726"},{"name":"GLSA-200601-02","tags":["vendor-advisory","x_refsource_GENTOO","x_transferred"],"url":"http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"},{"name":"FEDORA-2005-1142","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html"},{"name":"18336","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/18336"},{"name":"18061","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/18061"},{"name":"18407","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/18407"},{"name":"18009","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/18009"},{"name":"17908","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/17908"},{"name":"USN-227-1","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"http://www.ubuntulinux.org/usn/usn-227-1"},{"name":"17897","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/17897"},{"name":"Multiple Vendor xpdf DCTStream Baseline Heap Overflow Vulnerability","tags":["third-party-advisory","x_refsource_IDEFENSE","x_transferred"],"url":"http://www.idefense.com/application/poi/display?id=342&type=vulnerabilities"},{"name":"18517","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/18517"},{"name":"18582","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/18582"},{"name":"SUSE-SR:2006:002","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://www.novell.com/linux/security/advisories/2006_02_sr.html"},{"name":"18534","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/18534"},{"name":"SSA:2006-045-09","tags":["vendor-advisory","x_refsource_SLACKWARE","x_transferred"],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683"},{"name":"TSLSA-2005-0072","tags":["vendor-advisory","x_refsource_TRUSTIX","x_transferred"],"url":"http://www.trustix.org/errata/2005/0072/"},{"name":"FEDORA-2005-1127","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html"},{"name":"20051207 [KDE Security Advisory] multiple buffer overflows in kpdf/koffice","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/418883/100/0/threaded"},{"name":"xpdf-dctstream-progressive-bo(23443)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/23443"},{"name":"18908","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/18908"},{"name":"25729","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/25729"},{"name":"ADV-2005-2786","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2005/2786"},{"name":"MDKSA-2006:006","tags":["vendor-advisory","x_refsource_MANDRIVA","x_transferred"],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"},{"name":"ADV-2005-2788","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2005/2788"},{"name":"17926","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/17926"},{"name":"19798","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/19798"},{"name":"MDKSA-2006:008","tags":["vendor-advisory","x_refsource_MANDRIVA","x_transferred"],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"},{"name":"18191","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/18191"},{"name":"20060201-01-U","tags":["vendor-advisory","x_refsource_SGI","x_transferred"],"url":"ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"},{"name":"RHSA-2006:0160","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://www.redhat.com/support/errata/RHSA-2006-0160.html"},{"name":"17912","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/17912"},{"name":"MDKSA-2006:010","tags":["vendor-advisory","x_refsource_MANDRAKE","x_transferred"],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"},{"name":"17921","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/17921"},{"name":"DSA-940","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"http://www.debian.org/security/2005/dsa-940"},{"name":"MDKSA-2006:004","tags":["vendor-advisory","x_refsource_MANDRIVA","x_transferred"],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"},{"name":"ADV-2005-2790","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2005/2790"},{"name":"18389","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/18389"},{"name":"18192","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/18192"},{"name":"ADV-2005-2856","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2005/2856"},{"name":"SSA:2006-045-04","tags":["vendor-advisory","x_refsource_SLACKWARE","x_transferred"],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747"},{"name":"19377","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/19377"},{"name":"FLSA:175404","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"http://www.securityfocus.com/archive/1/427990/100/0/threaded"},{"name":"DSA-961","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"http://www.debian.org/security/2006/dsa-961"},{"name":"SCOSA-2006.21","tags":["vendor-advisory","x_refsource_SCO","x_transferred"],"url":"ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt"},{"name":"18675","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/18675"},{"name":"1015324","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1015324"},{"name":"18913","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/18913"},{"name":"DSA-938","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"http://www.debian.org/security/2005/dsa-938"},{"name":"SUSE-SR:2005:029","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://www.novell.com/linux/security/advisories/2005_29_sr.html"},{"name":"ADV-2005-2787","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2005/2787"},{"name":"RHSA-2005:878","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://www.redhat.com/support/errata/RHSA-2005-878.html"},{"name":"FEDORA-2005-1141","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html"},{"name":"17920","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/17920"},{"name":"DSA-950","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"http://www.debian.org/security/2006/dsa-950"},{"name":"17955","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/17955"},{"name":"17976","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/17976"},{"name":"18387","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/18387"},{"name":"MDKSA-2006:011","tags":["vendor-advisory","x_refsource_MANDRIVA","x_transferred"],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"},{"name":"18385","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/18385"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2005-12-05T00:00:00.000Z","descriptions":[{"lang":"en","value":"Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KDE kpdf, (d) pdftohtml, (e) KOffice KWord, (f) CUPS, and (g) libextractor allow user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with an out-of-range number of components (numComps), which is used as an array index."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2018-10-19T14:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"234","tags":["third-party-advisory","x_refsource_SREASON"],"url":"http://securityreason.com/securityalert/234"},{"name":"17929","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/17929"},{"name":"19797","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/19797"},{"name":"SCOSA-2006.20","tags":["vendor-advisory","x_refsource_SCO"],"url":"ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt"},{"name":"233","tags":["third-party-advisory","x_refsource_SREASON"],"url":"http://securityreason.com/securityalert/233"},{"name":"DSA-932","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"http://www.debian.org/security/2005/dsa-932"},{"name":"18349","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/18349"},{"name":"18147","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/18147"},{"name":"SCOSA-2006.15","tags":["vendor-advisory","x_refsource_SCO"],"url":"ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"},{"name":"18055","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/18055"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.kde.org/info/security/advisory-20051207-1.txt"},{"name":"18503","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/18503"},{"name":"18549","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/18549"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.kde.org/info/security/advisory-20051207-2.txt"},{"name":"18679","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/18679"},{"name":"18189","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/18189"},{"name":"26413","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/26413"},{"name":"17940","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/17940"},{"name":"oval:org.mitre.oval:def:9760","tags":["vdb-entry","signature","x_refsource_OVAL"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9760"},{"name":"xpdf-dctstream-baseline-bo(23444)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/23444"},{"name":"18303","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/18303"},{"name":"DSA-931","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"http://www.debian.org/security/2005/dsa-931"},{"name":"18554","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/18554"},{"name":"MDKSA-2006:003","tags":["vendor-advisory","x_refsource_MANDRIVA"],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"},{"tags":["x_refsource_MISC"],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289"},{"name":"19230","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/19230"},{"name":"102972","tags":["vendor-advisory","x_refsource_SUNALERT"],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"},{"name":"MDKSA-2006:012","tags":["vendor-advisory","x_refsource_MANDRIVA"],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"},{"name":"DSA-962","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"http://www.debian.org/security/2006/dsa-962"},{"name":"1015309","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1015309"},{"name":"DSA-937","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"http://www.debian.org/security/2005/dsa-937"},{"name":"18398","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/18398"},{"name":"FLSA-2006:176751","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"http://www.securityfocus.com/archive/1/427053/100/0/threaded"},{"name":"SUSE-SA:2006:001","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"},{"name":"DSA-936","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"http://www.debian.org/security/2006/dsa-936"},{"name":"17916","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/17916"},{"name":"20051205 Multiple Vendor xpdf DCTStream Progressive Heap Overflow","tags":["third-party-advisory","x_refsource_IDEFENSE"],"url":"http://www.idefense.com/application/poi/display?id=343&type=vulnerabilities"},{"name":"RHSA-2005:840","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://www.redhat.com/support/errata/RHSA-2005-840.html"},{"name":"ADV-2005-2789","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2005/2789"},{"name":"RHSA-2005:867","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://www.redhat.com/support/errata/RHSA-2005-867.html"},{"name":"18674","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/18674"},{"name":"MDKSA-2006:005","tags":["vendor-advisory","x_refsource_MANDRIVA"],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"},{"name":"18313","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/18313"},{"name":"15727","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/15727"},{"tags":["x_refsource_CONFIRM"],"url":"https://issues.rpath.com/browse/RPL-1609"},{"name":"RHSA-2005:868","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://rhn.redhat.com/errata/RHSA-2005-868.html"},{"name":"20051201-01-U","tags":["vendor-advisory","x_refsource_SGI"],"url":"ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"},{"name":"20060101-01-U","tags":["vendor-advisory","x_refsource_SGI"],"url":"ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"},{"name":"18448","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/18448"},{"name":"18436","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/18436"},{"name":"18428","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/18428"},{"name":"18380","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/18380"},{"name":"GLSA-200512-08","tags":["vendor-advisory","x_refsource_GENTOO"],"url":"http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml"},{"name":"FEDORA-2005-1126","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html"},{"name":"18416","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/18416"},{"name":"ADV-2007-2280","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2007/2280"},{"name":"15726","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/15726"},{"name":"GLSA-200601-02","tags":["vendor-advisory","x_refsource_GENTOO"],"url":"http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"},{"name":"FEDORA-2005-1142","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html"},{"name":"18336","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/18336"},{"name":"18061","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/18061"},{"name":"18407","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/18407"},{"name":"18009","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/18009"},{"name":"17908","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/17908"},{"name":"USN-227-1","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"http://www.ubuntulinux.org/usn/usn-227-1"},{"name":"17897","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/17897"},{"name":"Multiple Vendor xpdf DCTStream Baseline Heap Overflow Vulnerability","tags":["third-party-advisory","x_refsource_IDEFENSE"],"url":"http://www.idefense.com/application/poi/display?id=342&type=vulnerabilities"},{"name":"18517","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/18517"},{"name":"18582","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/18582"},{"name":"SUSE-SR:2006:002","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://www.novell.com/linux/security/advisories/2006_02_sr.html"},{"name":"18534","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/18534"},{"name":"SSA:2006-045-09","tags":["vendor-advisory","x_refsource_SLACKWARE"],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683"},{"name":"TSLSA-2005-0072","tags":["vendor-advisory","x_refsource_TRUSTIX"],"url":"http://www.trustix.org/errata/2005/0072/"},{"name":"FEDORA-2005-1127","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html"},{"name":"20051207 [KDE Security Advisory] multiple buffer overflows in kpdf/koffice","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/418883/100/0/threaded"},{"name":"xpdf-dctstream-progressive-bo(23443)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/23443"},{"name":"18908","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/18908"},{"name":"25729","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/25729"},{"name":"ADV-2005-2786","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2005/2786"},{"name":"MDKSA-2006:006","tags":["vendor-advisory","x_refsource_MANDRIVA"],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"},{"name":"ADV-2005-2788","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2005/2788"},{"name":"17926","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/17926"},{"name":"19798","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/19798"},{"name":"MDKSA-2006:008","tags":["vendor-advisory","x_refsource_MANDRIVA"],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"},{"name":"18191","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/18191"},{"name":"20060201-01-U","tags":["vendor-advisory","x_refsource_SGI"],"url":"ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"},{"name":"RHSA-2006:0160","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://www.redhat.com/support/errata/RHSA-2006-0160.html"},{"name":"17912","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/17912"},{"name":"MDKSA-2006:010","tags":["vendor-advisory","x_refsource_MANDRAKE"],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"},{"name":"17921","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/17921"},{"name":"DSA-940","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"http://www.debian.org/security/2005/dsa-940"},{"name":"MDKSA-2006:004","tags":["vendor-advisory","x_refsource_MANDRIVA"],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"},{"name":"ADV-2005-2790","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2005/2790"},{"name":"18389","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/18389"},{"name":"18192","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/18192"},{"name":"ADV-2005-2856","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2005/2856"},{"name":"SSA:2006-045-04","tags":["vendor-advisory","x_refsource_SLACKWARE"],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747"},{"name":"19377","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/19377"},{"name":"FLSA:175404","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"http://www.securityfocus.com/archive/1/427990/100/0/threaded"},{"name":"DSA-961","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"http://www.debian.org/security/2006/dsa-961"},{"name":"SCOSA-2006.21","tags":["vendor-advisory","x_refsource_SCO"],"url":"ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt"},{"name":"18675","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/18675"},{"name":"1015324","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1015324"},{"name":"18913","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/18913"},{"name":"DSA-938","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"http://www.debian.org/security/2005/dsa-938"},{"name":"SUSE-SR:2005:029","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://www.novell.com/linux/security/advisories/2005_29_sr.html"},{"name":"ADV-2005-2787","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2005/2787"},{"name":"RHSA-2005:878","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://www.redhat.com/support/errata/RHSA-2005-878.html"},{"name":"FEDORA-2005-1141","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html"},{"name":"17920","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/17920"},{"name":"DSA-950","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"http://www.debian.org/security/2006/dsa-950"},{"name":"17955","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/17955"},{"name":"17976","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/17976"},{"name":"18387","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/18387"},{"name":"MDKSA-2006:011","tags":["vendor-advisory","x_refsource_MANDRIVA"],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"},{"name":"18385","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/18385"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2005-3191","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KDE kpdf, (d) pdftohtml, (e) KOffice KWord, (f) CUPS, and (g) libextractor allow user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with an out-of-range number of components (numComps), which is used as an array index."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"234","refsource":"SREASON","url":"http://securityreason.com/securityalert/234"},{"name":"17929","refsource":"SECUNIA","url":"http://secunia.com/advisories/17929"},{"name":"19797","refsource":"SECUNIA","url":"http://secunia.com/advisories/19797"},{"name":"SCOSA-2006.20","refsource":"SCO","url":"ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt"},{"name":"233","refsource":"SREASON","url":"http://securityreason.com/securityalert/233"},{"name":"DSA-932","refsource":"DEBIAN","url":"http://www.debian.org/security/2005/dsa-932"},{"name":"18349","refsource":"SECUNIA","url":"http://secunia.com/advisories/18349"},{"name":"18147","refsource":"SECUNIA","url":"http://secunia.com/advisories/18147"},{"name":"SCOSA-2006.15","refsource":"SCO","url":"ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"},{"name":"18055","refsource":"SECUNIA","url":"http://secunia.com/advisories/18055"},{"name":"http://www.kde.org/info/security/advisory-20051207-1.txt","refsource":"CONFIRM","url":"http://www.kde.org/info/security/advisory-20051207-1.txt"},{"name":"18503","refsource":"SECUNIA","url":"http://secunia.com/advisories/18503"},{"name":"18549","refsource":"SECUNIA","url":"http://secunia.com/advisories/18549"},{"name":"http://www.kde.org/info/security/advisory-20051207-2.txt","refsource":"CONFIRM","url":"http://www.kde.org/info/security/advisory-20051207-2.txt"},{"name":"18679","refsource":"SECUNIA","url":"http://secunia.com/advisories/18679"},{"name":"18189","refsource":"SECUNIA","url":"http://secunia.com/advisories/18189"},{"name":"26413","refsource":"SECUNIA","url":"http://secunia.com/advisories/26413"},{"name":"17940","refsource":"SECUNIA","url":"http://secunia.com/advisories/17940"},{"name":"oval:org.mitre.oval:def:9760","refsource":"OVAL","url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9760"},{"name":"xpdf-dctstream-baseline-bo(23444)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/23444"},{"name":"18303","refsource":"SECUNIA","url":"http://secunia.com/advisories/18303"},{"name":"DSA-931","refsource":"DEBIAN","url":"http://www.debian.org/security/2005/dsa-931"},{"name":"18554","refsource":"SECUNIA","url":"http://secunia.com/advisories/18554"},{"name":"MDKSA-2006:003","refsource":"MANDRIVA","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"},{"name":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289","refsource":"MISC","url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289"},{"name":"19230","refsource":"SECUNIA","url":"http://secunia.com/advisories/19230"},{"name":"102972","refsource":"SUNALERT","url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"},{"name":"MDKSA-2006:012","refsource":"MANDRIVA","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"},{"name":"DSA-962","refsource":"DEBIAN","url":"http://www.debian.org/security/2006/dsa-962"},{"name":"1015309","refsource":"SECTRACK","url":"http://securitytracker.com/id?1015309"},{"name":"DSA-937","refsource":"DEBIAN","url":"http://www.debian.org/security/2005/dsa-937"},{"name":"18398","refsource":"SECUNIA","url":"http://secunia.com/advisories/18398"},{"name":"FLSA-2006:176751","refsource":"FEDORA","url":"http://www.securityfocus.com/archive/1/427053/100/0/threaded"},{"name":"SUSE-SA:2006:001","refsource":"SUSE","url":"http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"},{"name":"DSA-936","refsource":"DEBIAN","url":"http://www.debian.org/security/2006/dsa-936"},{"name":"17916","refsource":"SECUNIA","url":"http://secunia.com/advisories/17916"},{"name":"20051205 Multiple Vendor xpdf DCTStream Progressive Heap Overflow","refsource":"IDEFENSE","url":"http://www.idefense.com/application/poi/display?id=343&type=vulnerabilities"},{"name":"RHSA-2005:840","refsource":"REDHAT","url":"http://www.redhat.com/support/errata/RHSA-2005-840.html"},{"name":"ADV-2005-2789","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2005/2789"},{"name":"RHSA-2005:867","refsource":"REDHAT","url":"http://www.redhat.com/support/errata/RHSA-2005-867.html"},{"name":"18674","refsource":"SECUNIA","url":"http://secunia.com/advisories/18674"},{"name":"MDKSA-2006:005","refsource":"MANDRIVA","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"},{"name":"18313","refsource":"SECUNIA","url":"http://secunia.com/advisories/18313"},{"name":"15727","refsource":"BID","url":"http://www.securityfocus.com/bid/15727"},{"name":"https://issues.rpath.com/browse/RPL-1609","refsource":"CONFIRM","url":"https://issues.rpath.com/browse/RPL-1609"},{"name":"RHSA-2005:868","refsource":"REDHAT","url":"http://rhn.redhat.com/errata/RHSA-2005-868.html"},{"name":"20051201-01-U","refsource":"SGI","url":"ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"},{"name":"20060101-01-U","refsource":"SGI","url":"ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"},{"name":"18448","refsource":"SECUNIA","url":"http://secunia.com/advisories/18448"},{"name":"18436","refsource":"SECUNIA","url":"http://secunia.com/advisories/18436"},{"name":"18428","refsource":"SECUNIA","url":"http://secunia.com/advisories/18428"},{"name":"18380","refsource":"SECUNIA","url":"http://secunia.com/advisories/18380"},{"name":"GLSA-200512-08","refsource":"GENTOO","url":"http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml"},{"name":"FEDORA-2005-1126","refsource":"FEDORA","url":"http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html"},{"name":"18416","refsource":"SECUNIA","url":"http://secunia.com/advisories/18416"},{"name":"ADV-2007-2280","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2007/2280"},{"name":"15726","refsource":"BID","url":"http://www.securityfocus.com/bid/15726"},{"name":"GLSA-200601-02","refsource":"GENTOO","url":"http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"},{"name":"FEDORA-2005-1142","refsource":"FEDORA","url":"http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html"},{"name":"18336","refsource":"SECUNIA","url":"http://secunia.com/advisories/18336"},{"name":"18061","refsource":"SECUNIA","url":"http://secunia.com/advisories/18061"},{"name":"18407","refsource":"SECUNIA","url":"http://secunia.com/advisories/18407"},{"name":"18009","refsource":"SECUNIA","url":"http://secunia.com/advisories/18009"},{"name":"17908","refsource":"SECUNIA","url":"http://secunia.com/advisories/17908"},{"name":"USN-227-1","refsource":"UBUNTU","url":"http://www.ubuntulinux.org/usn/usn-227-1"},{"name":"17897","refsource":"SECUNIA","url":"http://secunia.com/advisories/17897"},{"name":"Multiple Vendor xpdf DCTStream Baseline Heap Overflow Vulnerability","refsource":"IDEFENSE","url":"http://www.idefense.com/application/poi/display?id=342&type=vulnerabilities"},{"name":"18517","refsource":"SECUNIA","url":"http://secunia.com/advisories/18517"},{"name":"18582","refsource":"SECUNIA","url":"http://secunia.com/advisories/18582"},{"name":"SUSE-SR:2006:002","refsource":"SUSE","url":"http://www.novell.com/linux/security/advisories/2006_02_sr.html"},{"name":"18534","refsource":"SECUNIA","url":"http://secunia.com/advisories/18534"},{"name":"SSA:2006-045-09","refsource":"SLACKWARE","url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683"},{"name":"TSLSA-2005-0072","refsource":"TRUSTIX","url":"http://www.trustix.org/errata/2005/0072/"},{"name":"FEDORA-2005-1127","refsource":"FEDORA","url":"http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html"},{"name":"20051207 [KDE Security Advisory] multiple buffer overflows in kpdf/koffice","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/418883/100/0/threaded"},{"name":"xpdf-dctstream-progressive-bo(23443)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/23443"},{"name":"18908","refsource":"SECUNIA","url":"http://secunia.com/advisories/18908"},{"name":"25729","refsource":"SECUNIA","url":"http://secunia.com/advisories/25729"},{"name":"ADV-2005-2786","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2005/2786"},{"name":"MDKSA-2006:006","refsource":"MANDRIVA","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"},{"name":"ADV-2005-2788","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2005/2788"},{"name":"17926","refsource":"SECUNIA","url":"http://secunia.com/advisories/17926"},{"name":"19798","refsource":"SECUNIA","url":"http://secunia.com/advisories/19798"},{"name":"MDKSA-2006:008","refsource":"MANDRIVA","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"},{"name":"18191","refsource":"SECUNIA","url":"http://secunia.com/advisories/18191"},{"name":"20060201-01-U","refsource":"SGI","url":"ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"},{"name":"RHSA-2006:0160","refsource":"REDHAT","url":"http://www.redhat.com/support/errata/RHSA-2006-0160.html"},{"name":"17912","refsource":"SECUNIA","url":"http://secunia.com/advisories/17912"},{"name":"MDKSA-2006:010","refsource":"MANDRAKE","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"},{"name":"17921","refsource":"SECUNIA","url":"http://secunia.com/advisories/17921"},{"name":"DSA-940","refsource":"DEBIAN","url":"http://www.debian.org/security/2005/dsa-940"},{"name":"MDKSA-2006:004","refsource":"MANDRIVA","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"},{"name":"ADV-2005-2790","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2005/2790"},{"name":"18389","refsource":"SECUNIA","url":"http://secunia.com/advisories/18389"},{"name":"18192","refsource":"SECUNIA","url":"http://secunia.com/advisories/18192"},{"name":"ADV-2005-2856","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2005/2856"},{"name":"SSA:2006-045-04","refsource":"SLACKWARE","url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747"},{"name":"19377","refsource":"SECUNIA","url":"http://secunia.com/advisories/19377"},{"name":"FLSA:175404","refsource":"FEDORA","url":"http://www.securityfocus.com/archive/1/427990/100/0/threaded"},{"name":"DSA-961","refsource":"DEBIAN","url":"http://www.debian.org/security/2006/dsa-961"},{"name":"SCOSA-2006.21","refsource":"SCO","url":"ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt"},{"name":"18675","refsource":"SECUNIA","url":"http://secunia.com/advisories/18675"},{"name":"1015324","refsource":"SECTRACK","url":"http://securitytracker.com/id?1015324"},{"name":"18913","refsource":"SECUNIA","url":"http://secunia.com/advisories/18913"},{"name":"DSA-938","refsource":"DEBIAN","url":"http://www.debian.org/security/2005/dsa-938"},{"name":"SUSE-SR:2005:029","refsource":"SUSE","url":"http://www.novell.com/linux/security/advisories/2005_29_sr.html"},{"name":"ADV-2005-2787","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2005/2787"},{"name":"RHSA-2005:878","refsource":"REDHAT","url":"http://www.redhat.com/support/errata/RHSA-2005-878.html"},{"name":"FEDORA-2005-1141","refsource":"FEDORA","url":"http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html"},{"name":"17920","refsource":"SECUNIA","url":"http://secunia.com/advisories/17920"},{"name":"DSA-950","refsource":"DEBIAN","url":"http://www.debian.org/security/2006/dsa-950"},{"name":"17955","refsource":"SECUNIA","url":"http://secunia.com/advisories/17955"},{"name":"17976","refsource":"SECUNIA","url":"http://secunia.com/advisories/17976"},{"name":"18387","refsource":"SECUNIA","url":"http://secunia.com/advisories/18387"},{"name":"MDKSA-2006:011","refsource":"MANDRIVA","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"},{"name":"18385","refsource":"SECUNIA","url":"http://secunia.com/advisories/18385"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2005-3191","datePublished":"2005-12-07T01:00:00.000Z","dateReserved":"2005-10-14T00:00:00.000Z","dateUpdated":"2024-08-07T23:01:58.841Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2005-12-07 01:03:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["CWE-119","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:H/Au:N/C:P/I:P/A:P","baseScore":5.1,"accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":4.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":true,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*","matchCriteriaId":"28CC6233-E207-40CC-81FF-A8670EEA4295"},{"vulnerable":true,"criteria":"cpe:2.3:a:xpdf:xpdf:0.91:*:*:*:*:*:*:*","matchCriteriaId":"64DD9B5C-3DB8-4E15-B4A6-541E4E221C1D"},{"vulnerable":true,"criteria":"cpe:2.3:a:xpdf:xpdf:0.92:*:*:*:*:*:*:*","matchCriteriaId":"0304E1E3-8766-40D0-8879-A652B4E9E72D"},{"vulnerable":true,"criteria":"cpe:2.3:a:xpdf:xpdf:0.93:*:*:*:*:*:*:*","matchCriteriaId":"188F1343-8082-4B54-8DA4-E344818ABD52"},{"vulnerable":true,"criteria":"cpe:2.3:a:xpdf:xpdf:1.0:*:*:*:*:*:*:*","matchCriteriaId":"B95DA7DE-B786-4EE7-A3F4-C077A7986D5F"},{"vulnerable":true,"criteria":"cpe:2.3:a:xpdf:xpdf:1.0a:*:*:*:*:*:*:*","matchCriteriaId":"C5306C05-4A71-4175-8C22-F2DE0F2FE4C4"},{"vulnerable":true,"criteria":"cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*","matchCriteriaId":"3B9DEF16-ECD5-4BBE-8986-52A6171B3D9F"},{"vulnerable":true,"criteria":"cpe:2.3:a:xpdf:xpdf:2.0:*:*:*:*:*:*:*","matchCriteriaId":"CFFDBEEC-B2C1-47F0-82D3-FC9147B590A9"},{"vulnerable":true,"criteria":"cpe:2.3:a:xpdf:xpdf:2.1:*:*:*:*:*:*:*","matchCriteriaId":"354487CF-0086-4AE2-872B-0032E3EB89EE"},{"vulnerable":true,"criteria":"cpe:2.3:a:xpdf:xpdf:2.2:*:*:*:*:*:*:*","matchCriteriaId":"96767060-505A-42D2-A68A-6AD810DE800A"},{"vulnerable":true,"criteria":"cpe:2.3:a:xpdf:xpdf:2.3:*:*:*:*:*:*:*","matchCriteriaId":"1169B802-7279-437F-AF59-621A67DC92EC"},{"vulnerable":true,"criteria":"cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*","matchCriteriaId":"7B93B3ED-AF82-49A9-8C7F-E5F652F19669"},{"vulnerable":true,"criteria":"cpe:2.3:a:xpdf:xpdf:3.0.1:*:*:*:*:*:*:*","matchCriteriaId":"2B77866E-6818-4DE6-9457-39416871952C"},{"vulnerable":true,"criteria":"cpe:2.3:a:xpdf:xpdf:3.0_pl2:*:*:*:*:*:*:*","matchCriteriaId":"F6D23CF8-2B6C-4D2A-8E5E-6AACE99A7C19"},{"vulnerable":true,"criteria":"cpe:2.3:a:xpdf:xpdf:3.0_pl3:*:*:*:*:*:*:*","matchCriteriaId":"9107B531-7254-4908-97F0-3BF1EA0495AC"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2005","CveId":"3191","Ordinal":"1","Title":"CVE-2005-3191","CVE":"CVE-2005-3191","Year":"2005"},"notes":[{"CveYear":"2005","CveId":"3191","Ordinal":"1","NoteData":"Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KDE kpdf, (d) pdftohtml, (e) KOffice KWord, (f) CUPS, and (g) libextractor allow user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with an out-of-range number of components (numComps), which is used as an array index.","Type":"Description","Title":"CVE-2005-3191"},{"CveYear":"2005","CveId":"3191","Ordinal":"2","NoteData":"2005-12-06","Type":"Other","Title":"Published"},{"CveYear":"2005","CveId":"3191","Ordinal":"3","NoteData":"2018-10-19","Type":"Other","Title":"Modified"}]}}}