MidnightBSD

Advisories for pdftohtml

CVE-2004-0888 HIGH

Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
tetex tetex 2.0.2
kde koffice 1.3_beta3
pdftohtml pdftohtml 0.32b
gnome gpdf 0.131
tetex tetex 2.0.1
easy_software_products cups 1.1.1
suse suse_linux 9.1
redhat fedora_core core_2.0
easy_software_products cups 1.0.4
easy_software_products cups 1.1.12
kde kde 3.2
easy_software_products cups 1.1.4
xpdf xpdf 1.0
xpdf xpdf 1.1
kde kde 3.2.1
easy_software_products cups 1.1.16
pdftohtml pdftohtml 0.36
kde koffice 1.3_beta2
kde koffice 1.3.2
suse suse_linux 8.2
xpdf xpdf 2.1
pdftohtml pdftohtml 0.32a
kde koffice 1.3
suse suse_linux 9.2
gentoo linux *
tetex tetex 2.0
ubuntu ubuntu_linux 4.1
pdftohtml pdftohtml 0.33
redhat linux_advanced_workstation 2.1
easy_software_products cups 1.1.17
easy_software_products cups 1.1.18
kde kde 3.3.1
easy_software_products cups 1.1.4_2
xpdf xpdf 0.93
kde koffice 1.3.3
xpdf xpdf 0.90
kde kde 3.3
easy_software_products cups 1.0.4_8
xpdf xpdf 0.91
redhat enterprise_linux 2.1
xpdf xpdf 0.92
easy_software_products cups 1.1.10
kde kde 3.2.3
kde koffice 1.3.1
pdftohtml pdftohtml 0.33a
kde kde 3.2.2
pdftohtml pdftohtml 0.35
debian debian_linux 3.0
easy_software_products cups 1.1.4_3
tetex tetex 1.0.7
suse suse_linux 8.0
easy_software_products cups 1.1.19
easy_software_products cups 1.1.14
easy_software_products cups 1.1.4_5
xpdf xpdf 2.3
easy_software_products cups 1.1.7
redhat enterprise_linux_desktop 3.0
easy_software_products cups 1.1.19_rc5
xpdf xpdf 2.0
xpdf xpdf 3.0
suse suse_linux 8.1
redhat enterprise_linux 3.0
easy_software_products cups 1.1.13
easy_software_products cups 1.1.20
easy_software_products cups 1.1.6
kde koffice 1.3_beta1
easy_software_products cups 1.1.15
kde kpdf 3.2
pdftohtml pdftohtml 0.34
xpdf xpdf 1.0a
gnome gpdf 0.112
suse suse_linux 9.0
CVE-2004-0889 HIGH

Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
tetex tetex 2.0.2
kde koffice 1.3_beta3
pdftohtml pdftohtml 0.32b
gnome gpdf 0.131
tetex tetex 2.0.1
easy_software_products cups 1.1.1
suse suse_linux 9.1
redhat fedora_core core_2.0
easy_software_products cups 1.0.4
easy_software_products cups 1.1.12
kde kde 3.2
easy_software_products cups 1.1.4
xpdf xpdf 1.0
xpdf xpdf 1.1
kde kde 3.2.1
easy_software_products cups 1.1.16
pdftohtml pdftohtml 0.36
kde koffice 1.3_beta2
kde koffice 1.3.2
suse suse_linux 8.2
xpdf xpdf 2.1
pdftohtml pdftohtml 0.32a
kde koffice 1.3
suse suse_linux 9.2
gentoo linux *
tetex tetex 2.0
ubuntu ubuntu_linux 4.1
pdftohtml pdftohtml 0.33
redhat linux_advanced_workstation 2.1
easy_software_products cups 1.1.17
easy_software_products cups 1.1.18
kde kde 3.3.1
easy_software_products cups 1.1.4_2
xpdf xpdf 0.93
kde koffice 1.3.3
xpdf xpdf 0.90
kde kde 3.3
easy_software_products cups 1.0.4_8
xpdf xpdf 0.91
redhat enterprise_linux 2.1
xpdf xpdf 0.92
easy_software_products cups 1.1.10
kde kde 3.2.3
kde koffice 1.3.1
pdftohtml pdftohtml 0.33a
kde kde 3.2.2
pdftohtml pdftohtml 0.35
debian debian_linux 3.0
easy_software_products cups 1.1.4_3
tetex tetex 1.0.7
suse suse_linux 8.0
easy_software_products cups 1.1.19
easy_software_products cups 1.1.14
easy_software_products cups 1.1.4_5
xpdf xpdf 2.3
easy_software_products cups 1.1.7
redhat enterprise_linux_desktop 3.0
easy_software_products cups 1.1.19_rc5
xpdf xpdf 2.0
xpdf xpdf 3.0
suse suse_linux 8.1
redhat enterprise_linux 3.0
easy_software_products cups 1.1.13
easy_software_products cups 1.1.20
easy_software_products cups 1.1.6
kde koffice 1.3_beta1
easy_software_products cups 1.1.15
kde kpdf 3.2
pdftohtml pdftohtml 0.34
xpdf xpdf 1.0a
gnome gpdf 0.112
suse suse_linux 9.0
CVE-2005-0206 HIGH

The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
tetex tetex 2.0.2
suse suse_linux 7.1
gnome gpdf 0.131
tetex tetex 2.0.1
redhat fedora_core core_3.0
easy_software_products cups 1.1.1
suse suse_linux 9.1
redhat fedora_core core_2.0
xpdf xpdf 1.0
xpdf xpdf 1.1
easy_software_products cups 1.1.16
pdftohtml pdftohtml 0.36
suse suse_linux 7.0
kde koffice 1.3.2
sgi advanced_linux_environment 3.0
mandrakesoft mandrake_linux_corporate_server 3.0
xpdf xpdf 2.1
pdftohtml pdftohtml 0.32a
kde koffice 1.3
suse suse_linux 1.0
ubuntu ubuntu_linux 4.1
pdftohtml pdftohtml 0.33
suse suse_linux 4.4
suse suse_linux 4.4.1
suse suse_linux 2.0
gnome gpdf 0.110
suse suse_linux 5.0
cstex cstetex 2.0.2
easy_software_products cups 1.1.18
kde kde 3.3.1
sgi propack 3.0
easy_software_products cups 1.1.4_2
xpdf xpdf 0.93
suse suse_linux 6.0
xpdf xpdf 0.91
redhat enterprise_linux 2.1
easy_software_products cups 1.1.10
redhat linux 9.0
ascii ptex 3.1.4
kde koffice 1.3.1
pdftohtml pdftohtml 0.33a
pdftohtml pdftohtml 0.35
suse suse_linux 4.0
debian debian_linux 3.0
easy_software_products cups 1.1.4_3
tetex tetex 1.0.7
suse suse_linux 8.0
easy_software_products cups 1.1.14
easy_software_products cups 1.1.4_5
easy_software_products cups 1.1.19_rc5
suse suse_linux 8.1
redhat enterprise_linux 3.0
easy_software_products cups 1.1.13
easy_software_products cups 1.1.20
easy_software_products cups 1.1.15
suse suse_linux 6.1
kde kpdf 3.2
pdftohtml pdftohtml 0.34
suse suse_linux 9.0
kde koffice 1.3_beta3
pdftohtml pdftohtml 0.32b
easy_software_products cups 1.0.4
suse suse_linux 6.2
easy_software_products cups 1.1.12
kde kde 3.2
easy_software_products cups 1.1.4
kde kde 3.2.1
redhat fedora_core core_1.0
kde koffice 1.3_beta2
suse suse_linux 7.2
suse suse_linux 6.4
suse suse_linux 8.2
tetex tetex 1.0.6
suse suse_linux 9.2
gentoo linux *
tetex tetex 2.0
suse suse_linux 3.0
suse suse_linux 7.3
suse suse_linux 4.3
redhat linux_advanced_workstation 2.1
easy_software_products cups 1.1.17
suse suse_linux 5.2
kde koffice 1.3.3
xpdf xpdf 0.90
kde kde 3.3
easy_software_products cups 1.0.4_8
xpdf xpdf 0.92
kde kde 3.2.3
kde kde 3.2.2
easy_software_products cups 1.1.19
suse suse_linux 5.3
xpdf xpdf 2.3
easy_software_products cups 1.1.7
redhat enterprise_linux_desktop 3.0
xpdf xpdf 2.0
xpdf xpdf 3.0
suse suse_linux 6.3
easy_software_products cups 1.1.6
kde koffice 1.3_beta1
suse suse_linux 4.2
suse suse_linux 5.1
xpdf xpdf 1.0a
gnome gpdf 0.112