CVE-2004-1125

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded.

References

ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000921

http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030241.html

http://marc.info/?t=110378596500001&r=1&w=2

http://secunia.com/advisories/17277

http://securitytracker.com/id?1012646

http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml

http://www.gentoo.org/security/en/glsa/glsa-200501-13.xml

http://www.gentoo.org/security/en/glsa/glsa-200501-17.xml

http://www.idefense.com/application/poi/display?id=172&type=vulnerabilities

http://www.kde.org/info/security/advisory-20041223-1.txt

http://www.novell.com/linux/security/advisories/2005_01_sr.html

http://www.redhat.com/support/errata/RHSA-2005-013.html

http://www.redhat.com/support/errata/RHSA-2005-018.html

http://www.redhat.com/support/errata/RHSA-2005-026.html

http://www.redhat.com/support/errata/RHSA-2005-034.html

http://www.redhat.com/support/errata/RHSA-2005-053.html

http://www.redhat.com/support/errata/RHSA-2005-057.html

http://www.redhat.com/support/errata/RHSA-2005-066.html

http://www.redhat.com/support/errata/RHSA-2005-354.html

http://www.securityfocus.com/bid/12070

https://bugzilla.fedora.us/show_bug.cgi?id=2352

https://bugzilla.fedora.us/show_bug.cgi?id=2353

https://exchange.xforce.ibmcloud.com/vulnerabilities/18641

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10830

https://usn.ubuntu.com/50-1/

Details

Source: MITRE

Published: 2005-01-10

Updated: 2018-10-03

Type: CWE-20

Risk Information

CVSS v2

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

Tenable Plugins

View all (31 total)

IDNameProductFamilySeverity
21809CentOS 3 : tetex (CESA-2005:354)NessusCentOS Local Security Checks
critical
20668Ubuntu 4.10 : cupsys vulnerabilities (USN-50-1)NessusUbuntu Local Security Checks
high
20665Ubuntu 4.10 : xpdf, tetex-bin vulnerabilities (USN-48-1)NessusUbuntu Local Security Checks
high
19147FreeBSD : xpdf -- buffer overflow vulnerability (e3e266e9-5473-11d9-a9e7-0001020eed82)NessusFreeBSD Local Security Checks
high
17680RHEL 2.1 / 3 : tetex (RHSA-2005:354)NessusRed Hat Local Security Checks
critical
17338RHEL 4 : tetex (RHSA-2005:026)NessusRed Hat Local Security Checks
high
17178RHEL 4 : kdegraphics (RHSA-2005:066)NessusRed Hat Local Security Checks
critical
17175RHEL 4 : gpdf (RHSA-2005:057)NessusRed Hat Local Security Checks
high
17174RHEL 4 : CUPS (RHSA-2005:053)NessusRed Hat Local Security Checks
critical
17168RHEL 4 : xpdf (RHSA-2005:034)NessusRed Hat Local Security Checks
high
16422GLSA-200501-31 : teTeX, pTeX, CSTeX: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
16408GLSA-200501-17 : KPdf, KOffice: More vulnerabilities in included XpdfNessusGentoo Local Security Checks
high
16404GLSA-200501-13 : pdftohtml: Vulnerabilities in included XpdfNessusGentoo Local Security Checks
high
16149RHEL 3 : xpdf (RHSA-2005:018)NessusRed Hat Local Security Checks
high
16146RHEL 3 : cups (RHSA-2005:013)NessusRed Hat Local Security Checks
high
16099Fedora Core 3 : tetex-2.0.2-21.2 (2004-585)NessusFedora Local Security Checks
high
16098Fedora Core 2 : tetex-2.0.2-14FC2.1 / tetex-2.0.2-14FC2.1 (2004-584)NessusFedora Local Security Checks
high
16083Mandrake Linux Security Advisory : tetex (MDKSA-2004:166)NessusMandriva Local Security Checks
critical
16082Mandrake Linux Security Advisory : koffice (MDKSA-2004:165)NessusMandriva Local Security Checks
critical
16081Mandrake Linux Security Advisory : cups (MDKSA-2004:164)NessusMandriva Local Security Checks
high
16080Mandrake Linux Security Advisory : kdegraphics (MDKSA-2004:163)NessusMandriva Local Security Checks
high
16079Mandrake Linux Security Advisory : gpdf (MDKSA-2004:162)NessusMandriva Local Security Checks
high
16078Mandrake Linux Security Advisory : xpdf (MDKSA-2004:161)NessusMandriva Local Security Checks
high
16074Debian DSA-621-1 : cupsys - buffer overflowNessusDebian Local Security Checks
high
16072Debian DSA-619-1 : xpdf - buffer overflowNessusDebian Local Security Checks
high
16067GLSA-200412-25 : CUPS: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
16066GLSA-200412-24 : Xpdf, GPdf: New integer overflowsNessusGentoo Local Security Checks
high
16055Fedora Core 2 : cups-1.1.20-11.8 (2004-574)NessusFedora Local Security Checks
high
16052Fedora Core 3 : cups-1.1.22-0.rc1.8.2 (2004-575)NessusFedora Local Security Checks
high
16051Fedora Core 3 : xpdf-3.00-10.1 (2004-573)NessusFedora Local Security Checks
high
16050Fedora Core 2 : xpdf-3.00-3.6 (2004-572)NessusFedora Local Security Checks
high