{"api_version":"1","generated_at":"2026-04-22T23:08:47+00:00","cve":"CVE-2006-1244","urls":{"html":"https://cve.report/CVE-2006-1244","api":"https://cve.report/api/cve/CVE-2006-1244.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2006-1244","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2006-1244"},"summary":{"title":"CVE-2006-1244","description":"Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc.  NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed.  Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature.","state":"PUBLISHED","assigner":"mitre","published_at":"2006-03-15 19:06:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"7.6","severity":"","vector":"AV:N/AC:H/Au:N/C:C/I:C/A:C","data":{"version":"2.0","vectorString":"AV:N/AC:H/Au:N/C:C/I:C/A:C","baseScore":7.6,"accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"}}],"references":[{"url":"http://secunia.com/advisories/19644","name":"http://secunia.com/advisories/19644","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Secunia - Advisories - Ubuntu Updates for Multiple Packages","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/19164","name":"http://secunia.com/advisories/19164","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Secunia - Advisories - Debian update for libextractor","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/19065","name":"http://secunia.com/advisories/19065","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Debian update for gpdf - Secunia Advisories - Vulnerability Intelligence - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/19021","name":"http://secunia.com/advisories/19021","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Debian update for pdftohtml - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.debian.org/security/2006/dsa-998","name":"http://www.debian.org/security/2006/dsa-998","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Debian -- Security Information -- DSA-998-1 libextractor","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.debian.org/security/2006/dsa-979","name":"http://www.debian.org/security/2006/dsa-979","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Debian -- Security Information -- DSA-979-1 pdfkit.framework","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.debian.org/security/2006/dsa-984","name":"http://www.debian.org/security/2006/dsa-984","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Debian -- Security Information -- DSA-984-1 xpdf","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.debian.org/security/2006/dsa-982","name":"http://www.debian.org/security/2006/dsa-982","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Debian -- Security Information -- DSA-982-1 gpdf","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3.diff.gz","name":"http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3.diff.gz","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"404 Not Found","mime":"text/x-diff","httpstatus":"404","archivestatus":"200"},{"url":"http://www.osvdb.org/23834","name":"http://www.osvdb.org/23834","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"https://usn.ubuntu.com/270-1/","name":"https://usn.ubuntu.com/270-1/","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"USN-270-1: xpdf vulnerabilities | Ubuntu security notices","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/16748","name":"http://www.securityfocus.com/bid/16748","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"XPDF Multiple Unspecified Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://secunia.com/advisories/19091","name":"http://secunia.com/advisories/19091","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Debian update for xpdf - Secunia Advisories - Vulnerability Intelligence - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/18948","name":"http://secunia.com/advisories/18948","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Secunia - Advisories - Debian update for pdfkit.framework","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/19364","name":"http://secunia.com/advisories/19364","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Secunia - Advisories - Debian update for koffice","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.debian.org/security/2006/dsa-983","name":"http://www.debian.org/security/2006/dsa-983","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Debian -- Security Information -- DSA-983-1 pdftohtml","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.debian.org/security/2006/dsa-1019","name":"http://www.debian.org/security/2006/dsa-1019","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Debian -- Security Information -- DSA-1019-1 koffice","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2006-1244","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2006-1244","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"3.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"3.1","cpe7":"*","cpe8":"alpha","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"3.1","cpe7":"*","cpe8":"amd64","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"3.1","cpe7":"*","cpe8":"arm","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"3.1","cpe7":"*","cpe8":"hppa","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"3.1","cpe7":"*","cpe8":"ia-32","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"3.1","cpe7":"*","cpe8":"ia-64","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"3.1","cpe7":"*","cpe8":"m68k","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"3.1","cpe7":"*","cpe8":"mips","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"3.1","cpe7":"*","cpe8":"mipsel","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"3.1","cpe7":"*","cpe8":"ppc","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"3.1","cpe7":"*","cpe8":"s-390","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"3.1","cpe7":"*","cpe8":"sparc","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"gpdf","cpe6":"2.8.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"libextractor","cpe5":"libextractor","cpe6":"0.3.11","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"libextractor","cpe5":"libextractor","cpe6":"0.3.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"libextractor","cpe5":"libextractor","cpe6":"0.3.7","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"libextractor","cpe5":"libextractor","cpe6":"0.3.8","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"libextractor","cpe5":"libextractor","cpe6":"0.3.9","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"libextractor","cpe5":"libextractor","cpe6":"0.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"libextractor","cpe5":"libextractor","cpe6":"0.4.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"libextractor","cpe5":"libextractor","cpe6":"0.4.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"libextractor","cpe5":"libextractor","cpe6":"0.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xpdf","cpe5":"xpdf","cpe6":"0.90","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xpdf","cpe5":"xpdf","cpe6":"0.91","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xpdf","cpe5":"xpdf","cpe6":"0.92","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xpdf","cpe5":"xpdf","cpe6":"0.93","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xpdf","cpe5":"xpdf","cpe6":"1.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xpdf","cpe5":"xpdf","cpe6":"1.0a","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xpdf","cpe5":"xpdf","cpe6":"1.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xpdf","cpe5":"xpdf","cpe6":"2.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xpdf","cpe5":"xpdf","cpe6":"2.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xpdf","cpe5":"xpdf","cpe6":"2.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xpdf","cpe5":"xpdf","cpe6":"2.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xpdf","cpe5":"xpdf","cpe6":"3.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xpdf","cpe5":"xpdf","cpe6":"3.0.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xpdf","cpe5":"xpdf","cpe6":"3.0.1_pl1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xpdf","cpe5":"xpdf","cpe6":"3.0_pl2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1244","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xpdf","cpe5":"xpdf","cpe6":"3.0_pl3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2006","cve_id":"1244","cve":"CVE-2006-1244","epss":"0.034720000","percentile":"0.875630000","score_date":"2026-04-17","updated_at":"2026-04-18 00:07:15"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T17:03:28.588Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"19644","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/19644"},{"name":"DSA-979","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"http://www.debian.org/security/2006/dsa-979"},{"name":"DSA-998","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"http://www.debian.org/security/2006/dsa-998"},{"name":"19164","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/19164"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3.diff.gz"},{"name":"19364","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/19364"},{"name":"DSA-983","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"http://www.debian.org/security/2006/dsa-983"},{"name":"DSA-982","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"http://www.debian.org/security/2006/dsa-982"},{"name":"19091","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/19091"},{"name":"19065","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/19065"},{"name":"23834","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://www.osvdb.org/23834"},{"name":"DSA-1019","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"http://www.debian.org/security/2006/dsa-1019"},{"name":"16748","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/16748"},{"name":"18948","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/18948"},{"name":"DSA-984","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"http://www.debian.org/security/2006/dsa-984"},{"name":"19021","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/19021"},{"name":"USN-270-1","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"https://usn.ubuntu.com/270-1/"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2006-02-17T00:00:00.000Z","descriptions":[{"lang":"en","value":"Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc.  NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed.  Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2018-10-03T20:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"19644","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/19644"},{"name":"DSA-979","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"http://www.debian.org/security/2006/dsa-979"},{"name":"DSA-998","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"http://www.debian.org/security/2006/dsa-998"},{"name":"19164","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/19164"},{"tags":["x_refsource_MISC"],"url":"http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3.diff.gz"},{"name":"19364","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/19364"},{"name":"DSA-983","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"http://www.debian.org/security/2006/dsa-983"},{"name":"DSA-982","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"http://www.debian.org/security/2006/dsa-982"},{"name":"19091","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/19091"},{"name":"19065","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/19065"},{"name":"23834","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://www.osvdb.org/23834"},{"name":"DSA-1019","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"http://www.debian.org/security/2006/dsa-1019"},{"name":"16748","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/16748"},{"name":"18948","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/18948"},{"name":"DSA-984","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"http://www.debian.org/security/2006/dsa-984"},{"name":"19021","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/19021"},{"name":"USN-270-1","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"https://usn.ubuntu.com/270-1/"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2006-1244","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc.  NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed.  Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"19644","refsource":"SECUNIA","url":"http://secunia.com/advisories/19644"},{"name":"DSA-979","refsource":"DEBIAN","url":"http://www.debian.org/security/2006/dsa-979"},{"name":"DSA-998","refsource":"DEBIAN","url":"http://www.debian.org/security/2006/dsa-998"},{"name":"19164","refsource":"SECUNIA","url":"http://secunia.com/advisories/19164"},{"name":"http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3.diff.gz","refsource":"MISC","url":"http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3.diff.gz"},{"name":"19364","refsource":"SECUNIA","url":"http://secunia.com/advisories/19364"},{"name":"DSA-983","refsource":"DEBIAN","url":"http://www.debian.org/security/2006/dsa-983"},{"name":"DSA-982","refsource":"DEBIAN","url":"http://www.debian.org/security/2006/dsa-982"},{"name":"19091","refsource":"SECUNIA","url":"http://secunia.com/advisories/19091"},{"name":"19065","refsource":"SECUNIA","url":"http://secunia.com/advisories/19065"},{"name":"23834","refsource":"OSVDB","url":"http://www.osvdb.org/23834"},{"name":"DSA-1019","refsource":"DEBIAN","url":"http://www.debian.org/security/2006/dsa-1019"},{"name":"16748","refsource":"BID","url":"http://www.securityfocus.com/bid/16748"},{"name":"18948","refsource":"SECUNIA","url":"http://secunia.com/advisories/18948"},{"name":"DSA-984","refsource":"DEBIAN","url":"http://www.debian.org/security/2006/dsa-984"},{"name":"19021","refsource":"SECUNIA","url":"http://secunia.com/advisories/19021"},{"name":"USN-270-1","refsource":"UBUNTU","url":"https://usn.ubuntu.com/270-1/"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2006-1244","datePublished":"2006-03-15T19:00:00.000Z","dateReserved":"2006-03-15T00:00:00.000Z","dateUpdated":"2024-08-07T17:03:28.588Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2006-03-15 19:06:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:H/Au:N/C:C/I:C/A:C","baseScore":7.6,"accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":4.9,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:gpdf:2.8.2:*:*:*:*:*:*:*","matchCriteriaId":"06B06279-EFB2-4EC1-95F2-166DC5B1BB71"},{"vulnerable":true,"criteria":"cpe:2.3:a:libextractor:libextractor:0.3.6:*:*:*:*:*:*:*","matchCriteriaId":"D93638AD-2023-4216-89A3-DF417EA940AD"},{"vulnerable":true,"criteria":"cpe:2.3:a:libextractor:libextractor:0.3.7:*:*:*:*:*:*:*","matchCriteriaId":"7D411F34-B792-4B41-9FBE-0F0222D4F099"},{"vulnerable":true,"criteria":"cpe:2.3:a:libextractor:libextractor:0.3.8:*:*:*:*:*:*:*","matchCriteriaId":"54B9A148-A52E-4B77-A854-7BF3C03AD490"},{"vulnerable":true,"criteria":"cpe:2.3:a:libextractor:libextractor:0.3.9:*:*:*:*:*:*:*","matchCriteriaId":"BAEA984E-A346-42B8-ACA3-CE03D546EB3C"},{"vulnerable":true,"criteria":"cpe:2.3:a:libextractor:libextractor:0.3.11:*:*:*:*:*:*:*","matchCriteriaId":"146D08C1-C651-4B6E-9997-474A81948764"},{"vulnerable":true,"criteria":"cpe:2.3:a:libextractor:libextractor:0.4:*:*:*:*:*:*:*","matchCriteriaId":"4FAB7C4B-8017-42C4-AD3C-2A9846105D2A"},{"vulnerable":true,"criteria":"cpe:2.3:a:libextractor:libextractor:0.4.1:*:*:*:*:*:*:*","matchCriteriaId":"7B025EF7-1B61-40F0-9E03-C219C54E8E72"},{"vulnerable":true,"criteria":"cpe:2.3:a:libextractor:libextractor:0.4.2:*:*:*:*:*:*:*","matchCriteriaId":"9BF9CF5E-A531-4D75-B47E-6C81A7679BBA"},{"vulnerable":true,"criteria":"cpe:2.3:a:libextractor:libextractor:0.5:*:*:*:*:*:*:*","matchCriteriaId":"F68AC7F5-371B-4F02-85E4-829C2B012FE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*","matchCriteriaId":"28CC6233-E207-40CC-81FF-A8670EEA4295"},{"vulnerable":true,"criteria":"cpe:2.3:a:xpdf:xpdf:0.91:*:*:*:*:*:*:*","matchCriteriaId":"64DD9B5C-3DB8-4E15-B4A6-541E4E221C1D"},{"vulnerable":true,"criteria":"cpe:2.3:a:xpdf:xpdf:0.92:*:*:*:*:*:*:*","matchCriteriaId":"0304E1E3-8766-40D0-8879-A652B4E9E72D"},{"vulnerable":true,"criteria":"cpe:2.3:a:xpdf:xpdf:0.93:*:*:*:*:*:*:*","matchCriteriaId":"188F1343-8082-4B54-8DA4-E344818ABD52"},{"vulnerable":true,"criteria":"cpe:2.3:a:xpdf:xpdf:1.0:*:*:*:*:*:*:*","matchCriteriaId":"B95DA7DE-B786-4EE7-A3F4-C077A7986D5F"},{"vulnerable":true,"criteria":"cpe:2.3:a:xpdf:xpdf:1.0a:*:*:*:*:*:*:*","matchCriteriaId":"C5306C05-4A71-4175-8C22-F2DE0F2FE4C4"},{"vulnerable":true,"criteria":"cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*","matchCriteriaId":"3B9DEF16-ECD5-4BBE-8986-52A6171B3D9F"},{"vulnerable":true,"criteria":"cpe:2.3:a:xpdf:xpdf:2.0:*:*:*:*:*:*:*","matchCriteriaId":"CFFDBEEC-B2C1-47F0-82D3-FC9147B590A9"},{"vulnerable":true,"criteria":"cpe:2.3:a:xpdf:xpdf:2.1:*:*:*:*:*:*:*","matchCriteriaId":"354487CF-0086-4AE2-872B-0032E3EB89EE"},{"vulnerable":true,"criteria":"cpe:2.3:a:xpdf:xpdf:2.2:*:*:*:*:*:*:*","matchCriteriaId":"96767060-505A-42D2-A68A-6AD810DE800A"},{"vulnerable":true,"criteria":"cpe:2.3:a:xpdf:xpdf:2.3:*:*:*:*:*:*:*","matchCriteriaId":"1169B802-7279-437F-AF59-621A67DC92EC"},{"vulnerable":true,"criteria":"cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*","matchCriteriaId":"7B93B3ED-AF82-49A9-8C7F-E5F652F19669"},{"vulnerable":true,"criteria":"cpe:2.3:a:xpdf:xpdf:3.0.1:*:*:*:*:*:*:*","matchCriteriaId":"2B77866E-6818-4DE6-9457-39416871952C"},{"vulnerable":true,"criteria":"cpe:2.3:a:xpdf:xpdf:3.0.1_pl1:*:*:*:*:*:*:*","matchCriteriaId":"B0A09900-C462-4E3D-9399-0271F91DC5BD"},{"vulnerable":true,"criteria":"cpe:2.3:a:xpdf:xpdf:3.0_pl2:*:*:*:*:*:*:*","matchCriteriaId":"F6D23CF8-2B6C-4D2A-8E5E-6AACE99A7C19"},{"vulnerable":true,"criteria":"cpe:2.3:a:xpdf:xpdf:3.0_pl3:*:*:*:*:*:*:*","matchCriteriaId":"9107B531-7254-4908-97F0-3BF1EA0495AC"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*","matchCriteriaId":"A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*","matchCriteriaId":"5BF84240-1881-4EFB-BB2F-F9CE8AD09C7B"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*","matchCriteriaId":"AF8AE8C4-810F-41AB-A251-5A2D4DD6884D"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*","matchCriteriaId":"5EACF214-FA27-44FF-A431-927AB79377A1"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*","matchCriteriaId":"E2B58895-0E2A-4466-9CB2-0083349A83B2"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*","matchCriteriaId":"03F8220A-9B1C-40AA-AEAB-F9A93225FBD5"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*","matchCriteriaId":"2311919C-7864-469D-B0F6-9B11D8D0A1C3"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*","matchCriteriaId":"19876495-4C1A-487C-955A-C5AA46362A1F"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*","matchCriteriaId":"D75286DD-50BC-4B72-8AC8-E20730124DC2"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*","matchCriteriaId":"1998C972-497E-4916-B50E-FB32303EEA8E"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*","matchCriteriaId":"A6CD3DD9-3A8A-4716-A2D1-136A790AFF94"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*","matchCriteriaId":"6CE2020A-4FB2-4FCD-8561-7BD147CD95EB"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*","matchCriteriaId":"08E90AFA-C262-46D0-B60E-26B67C9602D5"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2006","CveId":"1244","Ordinal":"1","Title":"CVE-2006-1244","CVE":"CVE-2006-1244","Year":"2006"},"notes":[{"CveYear":"2006","CveId":"1244","Ordinal":"1","NoteData":"Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc.  NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed.  Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature.","Type":"Description","Title":"CVE-2006-1244"},{"CveYear":"2006","CveId":"1244","Ordinal":"2","NoteData":"2006-03-15","Type":"Other","Title":"Published"},{"CveYear":"2006","CveId":"1244","Ordinal":"3","NoteData":"2018-10-03","Type":"Other","Title":"Modified"}]}}}