CVE-2006-0301

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap.

References

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt

http://rhn.redhat.com/errata/RHSA-2006-0206.html

http://secunia.com/advisories/18274

http://secunia.com/advisories/18677

http://secunia.com/advisories/18707

http://secunia.com/advisories/18825

http://secunia.com/advisories/18826

http://secunia.com/advisories/18834

http://secunia.com/advisories/18837

http://secunia.com/advisories/18838

http://secunia.com/advisories/18839

http://secunia.com/advisories/18860

http://secunia.com/advisories/18862

http://secunia.com/advisories/18864

http://secunia.com/advisories/18875

http://secunia.com/advisories/18882

http://secunia.com/advisories/18908

http://secunia.com/advisories/18913

http://secunia.com/advisories/18983

http://secunia.com/advisories/19377

http://securityreason.com/securityalert/470

http://securitytracker.com/id?1015576

http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683

http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747

http://www.debian.org/security/2006/dsa-971

http://www.debian.org/security/2006/dsa-972

http://www.debian.org/security/2006/dsa-974

http://www.gentoo.org/security/en/glsa/glsa-200602-04.xml

http://www.gentoo.org/security/en/glsa/glsa-200602-05.xml

http://www.gentoo.org/security/en/glsa/glsa-200602-12.xml

http://www.kde.org/info/security/advisory-20060202-1.txt

http://www.mandriva.com/security/advisories?name=MDKSA-2006:030

http://www.mandriva.com/security/advisories?name=MDKSA-2006:031

http://www.mandriva.com/security/advisories?name=MDKSA-2006:032

http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00039.html

http://www.redhat.com/support/errata/RHSA-2006-0201.html

http://www.securityfocus.com/archive/1/423899/100/0/threaded

http://www.securityfocus.com/archive/1/427990/100/0/threaded

http://www.ubuntu.com/usn/usn-249-1

http://www.vupen.com/english/advisories/2006/0389

http://www.vupen.com/english/advisories/2006/0422

https://bugzilla.novell.com/show_bug.cgi?id=141242

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179046

https://exchange.xforce.ibmcloud.com/vulnerabilities/24391

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10850

Details

Source: MITRE

Published: 2006-01-30

Updated: 2018-10-19

Type: CWE-119

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:xpdf:xpdf:*:*:*:*:*:*:*:*

Tenable Plugins

View all (19 total)

IDNameProductFamilySeverity
22864Debian DSA-998-1 : libextractor - several vulnerabilitiesNessusDebian Local Security Checks
high
22840Debian DSA-974-1 : gpdf - buffer overflowsNessusDebian Local Security Checks
high
22838Debian DSA-972-1 : pdfkit.framework - buffer overflowsNessusDebian Local Security Checks
high
22837Debian DSA-971-1 : xpdf - buffer overflowNessusDebian Local Security Checks
high
21986CentOS 4 : kdegraphics (CESA-2006:0206)NessusCentOS Local Security Checks
high
21984CentOS 4 : xpdf (CESA-2006:0201)NessusCentOS Local Security Checks
high
21419FreeBSD : kpdf -- heap based buffer overflow (432bf98d-9e25-11da-b410-000e0c2e438a)NessusFreeBSD Local Security Checks
high
21058Ubuntu 4.10 / 5.04 / 5.10 : xpdf, poppler, kdegraphics vulnerabilities (USN-249-1)NessusUbuntu Local Security Checks
high
20962GLSA-200602-12 : GPdf: heap overflows in included Xpdf codeNessusGentoo Local Security Checks
high
20920Slackware 10.0 / 10.1 / 10.2 / 9.0 / 9.1 / current : xpdf (SSA:2006-045-09)NessusSlackware Local Security Checks
critical
20915Slackware 10.0 / 10.1 / 10.2 / current : kdegraphics (SSA:2006-045-04)NessusSlackware Local Security Checks
critical
20900RHEL 4 : kdegraphics (RHSA-2006:0206)NessusRed Hat Local Security Checks
high
20898RHEL 4 : xpdf (RHSA-2006:0201)NessusRed Hat Local Security Checks
high
20895GLSA-200602-05 : KPdf: Heap based overflowNessusGentoo Local Security Checks
high
20894GLSA-200602-04 : Xpdf, Poppler: Heap overflowNessusGentoo Local Security Checks
high
20881Fedora Core 4 : poppler-0.4.5-1.1 (2006-103)NessusFedora Local Security Checks
high
20853Mandrake Linux Security Advisory : xpdf (MDKSA-2006:032)NessusMandriva Local Security Checks
high
20852Mandrake Linux Security Advisory : kdegraphics (MDKSA-2006:031)NessusMandriva Local Security Checks
high
20851Mandrake Linux Security Advisory : poppler (MDKSA-2006:030)NessusMandriva Local Security Checks
high