Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| tetex | tetex | 2.0.2 |
| kde | koffice | 1.3_beta3 |
| pdftohtml | pdftohtml | 0.32b |
| gnome | gpdf | 0.131 |
| tetex | tetex | 2.0.1 |
| easy_software_products | cups | 1.1.1 |
| suse | suse_linux | 9.1 |
| redhat | fedora_core | core_2.0 |
| easy_software_products | cups | 1.0.4 |
| easy_software_products | cups | 1.1.12 |
| kde | kde | 3.2 |
| easy_software_products | cups | 1.1.4 |
| xpdf | xpdf | 1.0 |
| xpdf | xpdf | 1.1 |
| kde | kde | 3.2.1 |
| easy_software_products | cups | 1.1.16 |
| pdftohtml | pdftohtml | 0.36 |
| kde | koffice | 1.3_beta2 |
| kde | koffice | 1.3.2 |
| suse | suse_linux | 8.2 |
| xpdf | xpdf | 2.1 |
| pdftohtml | pdftohtml | 0.32a |
| kde | koffice | 1.3 |
| suse | suse_linux | 9.2 |
| gentoo | linux | * |
| tetex | tetex | 2.0 |
| ubuntu | ubuntu_linux | 4.1 |
| pdftohtml | pdftohtml | 0.33 |
| redhat | linux_advanced_workstation | 2.1 |
| easy_software_products | cups | 1.1.17 |
| easy_software_products | cups | 1.1.18 |
| kde | kde | 3.3.1 |
| easy_software_products | cups | 1.1.4_2 |
| xpdf | xpdf | 0.93 |
| kde | koffice | 1.3.3 |
| xpdf | xpdf | 0.90 |
| kde | kde | 3.3 |
| easy_software_products | cups | 1.0.4_8 |
| xpdf | xpdf | 0.91 |
| redhat | enterprise_linux | 2.1 |
| xpdf | xpdf | 0.92 |
| easy_software_products | cups | 1.1.10 |
| kde | kde | 3.2.3 |
| kde | koffice | 1.3.1 |
| pdftohtml | pdftohtml | 0.33a |
| kde | kde | 3.2.2 |
| pdftohtml | pdftohtml | 0.35 |
| debian | debian_linux | 3.0 |
| easy_software_products | cups | 1.1.4_3 |
| tetex | tetex | 1.0.7 |
| suse | suse_linux | 8.0 |
| easy_software_products | cups | 1.1.19 |
| easy_software_products | cups | 1.1.14 |
| easy_software_products | cups | 1.1.4_5 |
| xpdf | xpdf | 2.3 |
| easy_software_products | cups | 1.1.7 |
| redhat | enterprise_linux_desktop | 3.0 |
| easy_software_products | cups | 1.1.19_rc5 |
| xpdf | xpdf | 2.0 |
| xpdf | xpdf | 3.0 |
| suse | suse_linux | 8.1 |
| redhat | enterprise_linux | 3.0 |
| easy_software_products | cups | 1.1.13 |
| easy_software_products | cups | 1.1.20 |
| easy_software_products | cups | 1.1.6 |
| kde | koffice | 1.3_beta1 |
| easy_software_products | cups | 1.1.15 |
| kde | kpdf | 3.2 |
| pdftohtml | pdftohtml | 0.34 |
| xpdf | xpdf | 1.0a |
| gnome | gpdf | 0.112 |
| suse | suse_linux | 9.0 |
Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| tetex | tetex | 2.0.2 |
| kde | koffice | 1.3_beta3 |
| pdftohtml | pdftohtml | 0.32b |
| gnome | gpdf | 0.131 |
| tetex | tetex | 2.0.1 |
| easy_software_products | cups | 1.1.1 |
| suse | suse_linux | 9.1 |
| redhat | fedora_core | core_2.0 |
| easy_software_products | cups | 1.0.4 |
| easy_software_products | cups | 1.1.12 |
| kde | kde | 3.2 |
| easy_software_products | cups | 1.1.4 |
| xpdf | xpdf | 1.0 |
| xpdf | xpdf | 1.1 |
| kde | kde | 3.2.1 |
| easy_software_products | cups | 1.1.16 |
| pdftohtml | pdftohtml | 0.36 |
| kde | koffice | 1.3_beta2 |
| kde | koffice | 1.3.2 |
| suse | suse_linux | 8.2 |
| xpdf | xpdf | 2.1 |
| pdftohtml | pdftohtml | 0.32a |
| kde | koffice | 1.3 |
| suse | suse_linux | 9.2 |
| gentoo | linux | * |
| tetex | tetex | 2.0 |
| ubuntu | ubuntu_linux | 4.1 |
| pdftohtml | pdftohtml | 0.33 |
| redhat | linux_advanced_workstation | 2.1 |
| easy_software_products | cups | 1.1.17 |
| easy_software_products | cups | 1.1.18 |
| kde | kde | 3.3.1 |
| easy_software_products | cups | 1.1.4_2 |
| xpdf | xpdf | 0.93 |
| kde | koffice | 1.3.3 |
| xpdf | xpdf | 0.90 |
| kde | kde | 3.3 |
| easy_software_products | cups | 1.0.4_8 |
| xpdf | xpdf | 0.91 |
| redhat | enterprise_linux | 2.1 |
| xpdf | xpdf | 0.92 |
| easy_software_products | cups | 1.1.10 |
| kde | kde | 3.2.3 |
| kde | koffice | 1.3.1 |
| pdftohtml | pdftohtml | 0.33a |
| kde | kde | 3.2.2 |
| pdftohtml | pdftohtml | 0.35 |
| debian | debian_linux | 3.0 |
| easy_software_products | cups | 1.1.4_3 |
| tetex | tetex | 1.0.7 |
| suse | suse_linux | 8.0 |
| easy_software_products | cups | 1.1.19 |
| easy_software_products | cups | 1.1.14 |
| easy_software_products | cups | 1.1.4_5 |
| xpdf | xpdf | 2.3 |
| easy_software_products | cups | 1.1.7 |
| redhat | enterprise_linux_desktop | 3.0 |
| easy_software_products | cups | 1.1.19_rc5 |
| xpdf | xpdf | 2.0 |
| xpdf | xpdf | 3.0 |
| suse | suse_linux | 8.1 |
| redhat | enterprise_linux | 3.0 |
| easy_software_products | cups | 1.1.13 |
| easy_software_products | cups | 1.1.20 |
| easy_software_products | cups | 1.1.6 |
| kde | koffice | 1.3_beta1 |
| easy_software_products | cups | 1.1.15 |
| kde | kpdf | 3.2 |
| pdftohtml | pdftohtml | 0.34 |
| xpdf | xpdf | 1.0a |
| gnome | gpdf | 0.112 |
| suse | suse_linux | 9.0 |
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| tetex | tetex | 2.0.2 |
| suse | suse_linux | 7.1 |
| gnome | gpdf | 0.131 |
| tetex | tetex | 2.0.1 |
| redhat | fedora_core | core_3.0 |
| easy_software_products | cups | 1.1.1 |
| suse | suse_linux | 9.1 |
| redhat | fedora_core | core_2.0 |
| xpdf | xpdf | 1.0 |
| xpdf | xpdf | 1.1 |
| easy_software_products | cups | 1.1.16 |
| pdftohtml | pdftohtml | 0.36 |
| suse | suse_linux | 7.0 |
| kde | koffice | 1.3.2 |
| sgi | advanced_linux_environment | 3.0 |
| mandrakesoft | mandrake_linux_corporate_server | 3.0 |
| xpdf | xpdf | 2.1 |
| pdftohtml | pdftohtml | 0.32a |
| kde | koffice | 1.3 |
| suse | suse_linux | 1.0 |
| ubuntu | ubuntu_linux | 4.1 |
| pdftohtml | pdftohtml | 0.33 |
| suse | suse_linux | 4.4 |
| suse | suse_linux | 4.4.1 |
| suse | suse_linux | 2.0 |
| gnome | gpdf | 0.110 |
| suse | suse_linux | 5.0 |
| cstex | cstetex | 2.0.2 |
| easy_software_products | cups | 1.1.18 |
| kde | kde | 3.3.1 |
| sgi | propack | 3.0 |
| easy_software_products | cups | 1.1.4_2 |
| xpdf | xpdf | 0.93 |
| suse | suse_linux | 6.0 |
| xpdf | xpdf | 0.91 |
| redhat | enterprise_linux | 2.1 |
| easy_software_products | cups | 1.1.10 |
| redhat | linux | 9.0 |
| ascii | ptex | 3.1.4 |
| kde | koffice | 1.3.1 |
| pdftohtml | pdftohtml | 0.33a |
| pdftohtml | pdftohtml | 0.35 |
| suse | suse_linux | 4.0 |
| debian | debian_linux | 3.0 |
| easy_software_products | cups | 1.1.4_3 |
| tetex | tetex | 1.0.7 |
| suse | suse_linux | 8.0 |
| easy_software_products | cups | 1.1.14 |
| easy_software_products | cups | 1.1.4_5 |
| easy_software_products | cups | 1.1.19_rc5 |
| suse | suse_linux | 8.1 |
| redhat | enterprise_linux | 3.0 |
| easy_software_products | cups | 1.1.13 |
| easy_software_products | cups | 1.1.20 |
| easy_software_products | cups | 1.1.15 |
| suse | suse_linux | 6.1 |
| kde | kpdf | 3.2 |
| pdftohtml | pdftohtml | 0.34 |
| suse | suse_linux | 9.0 |
| kde | koffice | 1.3_beta3 |
| pdftohtml | pdftohtml | 0.32b |
| easy_software_products | cups | 1.0.4 |
| suse | suse_linux | 6.2 |
| easy_software_products | cups | 1.1.12 |
| kde | kde | 3.2 |
| easy_software_products | cups | 1.1.4 |
| kde | kde | 3.2.1 |
| redhat | fedora_core | core_1.0 |
| kde | koffice | 1.3_beta2 |
| suse | suse_linux | 7.2 |
| suse | suse_linux | 6.4 |
| suse | suse_linux | 8.2 |
| tetex | tetex | 1.0.6 |
| suse | suse_linux | 9.2 |
| gentoo | linux | * |
| tetex | tetex | 2.0 |
| suse | suse_linux | 3.0 |
| suse | suse_linux | 7.3 |
| suse | suse_linux | 4.3 |
| redhat | linux_advanced_workstation | 2.1 |
| easy_software_products | cups | 1.1.17 |
| suse | suse_linux | 5.2 |
| kde | koffice | 1.3.3 |
| xpdf | xpdf | 0.90 |
| kde | kde | 3.3 |
| easy_software_products | cups | 1.0.4_8 |
| xpdf | xpdf | 0.92 |
| kde | kde | 3.2.3 |
| kde | kde | 3.2.2 |
| easy_software_products | cups | 1.1.19 |
| suse | suse_linux | 5.3 |
| xpdf | xpdf | 2.3 |
| easy_software_products | cups | 1.1.7 |
| redhat | enterprise_linux_desktop | 3.0 |
| xpdf | xpdf | 2.0 |
| xpdf | xpdf | 3.0 |
| suse | suse_linux | 6.3 |
| easy_software_products | cups | 1.1.6 |
| kde | koffice | 1.3_beta1 |
| suse | suse_linux | 4.2 |
| suse | suse_linux | 5.1 |
| xpdf | xpdf | 1.0a |
| gnome | gpdf | 0.112 |