CVE-2005-0064

Current Description

Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value.

Basic Data

PublishedMay 02, 2005
Last ModifiedOctober 11, 2017
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactPARTIAL
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score7.5
SeverityHIGH
Exploitability Score10.0
Impact Score6.4
Obtain All Privilegefalse
Obtain User Privilegetrue
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationXpdfXpdf0.2*******
    2.3ApplicationXpdfXpdf0.3*******
    2.3ApplicationXpdfXpdf0.4*******
    2.3ApplicationXpdfXpdf0.5*******
    2.3ApplicationXpdfXpdf0.5a*******
    2.3ApplicationXpdfXpdf0.6*******
    2.3ApplicationXpdfXpdf0.7*******
    2.3ApplicationXpdfXpdf0.7a*******
    2.3ApplicationXpdfXpdf0.80*******
    2.3ApplicationXpdfXpdf0.90*******
    2.3ApplicationXpdfXpdf0.91*******
    2.3ApplicationXpdfXpdf0.91a*******
    2.3ApplicationXpdfXpdf0.91b*******
    2.3ApplicationXpdfXpdf0.91c*******
    2.3ApplicationXpdfXpdf0.92*******
    2.3ApplicationXpdfXpdf0.92a*******
    2.3ApplicationXpdfXpdf0.92b*******
    2.3ApplicationXpdfXpdf0.92c*******
    2.3ApplicationXpdfXpdf0.92d*******
    2.3ApplicationXpdfXpdf0.92e*******
    2.3ApplicationXpdfXpdf0.93*******
    2.3ApplicationXpdfXpdf0.93a*******
    2.3ApplicationXpdfXpdf0.93b*******
    2.3ApplicationXpdfXpdf0.93c*******
    2.3ApplicationXpdfXpdf1.0*******
    2.3ApplicationXpdfXpdf1.0a*******
    2.3ApplicationXpdfXpdf1.1*******
    2.3ApplicationXpdfXpdf2.0*******
    2.3ApplicationXpdfXpdf2.1*******
    2.3ApplicationXpdfXpdf2.2*******
    2.3ApplicationXpdfXpdf2.3*******
    2.3ApplicationXpdfXpdf3.0*******

Vulnerable Software List

VendorProductVersions
Xpdf Xpdf 0.2, 0.3, 0.4, 0.5, 0.5a, 0.6, 0.7, 0.7a, 0.80, 0.90, 0.91, 0.91a, 0.91b, 0.91c, 0.92, 0.92a, 0.92b, 0.92c, 0.92d, 0.92e, 0.93, 0.93a, 0.93b, 0.93c, 1.0, 1.0a, 1.1, 2.0, 2.1, 2.2, 2.3, 3.0

References

NameSourceURLTags
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patchftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patchCONFIRMPatch
SCOSA-2005.42ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txtSCO
CLA-2005:921http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000921CONECTIVAPatch Vendor Advisory
20050119 [USN-64-1] xpdf, CUPS vulnerabilitieshttp://marc.info/?l=bugtraq&m=110625368019554&w=2BUGTRAQ
17277http://secunia.com/advisories/17277SECUNIA
DSA-645http://www.debian.org/security/2005/dsa-645DEBIANPatch Vendor Advisory
DSA-648http://www.debian.org/security/2005/dsa-648DEBIANPatch Vendor Advisory
20050118 Multiple Unix/Linux Vendor Xpdf makeFileKey2 Stack Overflowhttp://www.idefense.com/application/poi/display?id=186&type=vulnerabilitiesIDEFENSEExploit Patch Vendor Advisory
MDKSA-2005:016http://www.mandriva.com/security/advisories?name=MDKSA-2005:016MANDRAKE
MDKSA-2005:017http://www.mandriva.com/security/advisories?name=MDKSA-2005:017MANDRAKE
MDKSA-2005:018http://www.mandriva.com/security/advisories?name=MDKSA-2005:018MANDRAKE
MDKSA-2005:019http://www.mandriva.com/security/advisories?name=MDKSA-2005:019MANDRAKE
MDKSA-2005:020http://www.mandriva.com/security/advisories?name=MDKSA-2005:020MANDRAKE
MDKSA-2005:021http://www.mandriva.com/security/advisories?name=MDKSA-2005:021MANDRAKE
RHSA-2005:026http://www.redhat.com/support/errata/RHSA-2005-026.htmlREDHAT
RHSA-2005:034http://www.redhat.com/support/errata/RHSA-2005-034.htmlREDHATPatch Vendor Advisory
RHSA-2005:053http://www.redhat.com/support/errata/RHSA-2005-053.htmlREDHATPatch Vendor Advisory
RHSA-2005:057http://www.redhat.com/support/errata/RHSA-2005-057.htmlREDHATPatch Vendor Advisory
RHSA-2005:059http://www.redhat.com/support/errata/RHSA-2005-059.htmlREDHATPatch Vendor Advisory
RHSA-2005:066http://www.redhat.com/support/errata/RHSA-2005-066.htmlREDHATPatch Vendor Advisory
2005-0003http://www.trustix.org/errata/2005/0003/TRUSTIXPatch Vendor Advisory
FLSA:2352https://bugzilla.fedora.us/show_bug.cgi?id=2352FEDORAPatch Vendor Advisory
FLSA:2353https://bugzilla.fedora.us/show_bug.cgi?id=2353FEDORAPatch Vendor Advisory
oval:org.mitre.oval:def:11781https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11781OVAL
GLSA-200501-28https://security.gentoo.org/glsa/200501-28GENTOO
GLSA-200502-10https://security.gentoo.org/glsa/200502-10GENTOO