CVE-2006-0301

Current Description

Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap.

Referenced by CVEs:CVE-2006-1244

Basic Data

PublishedJanuary 30, 2006
Last ModifiedOctober 19, 2018
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-119
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactPARTIAL
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score7.5
SeverityHIGH
Exploitability Score10.0
Impact Score6.4
Obtain All Privilegefalse
Obtain User Privilegetrue
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationXpdfXpdf********

Vulnerable Software List

VendorProductVersions
Xpdf Xpdf *

References

NameSourceURLTags
SCOSA-2006.15ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txtSCOPatch Vendor Advisory
RHSA-2006:0206http://rhn.redhat.com/errata/RHSA-2006-0206.htmlREDHATPatch Vendor Advisory
18274http://secunia.com/advisories/18274SECUNIAVendor Advisory
18677http://secunia.com/advisories/18677SECUNIAPatch Vendor Advisory
18707http://secunia.com/advisories/18707SECUNIAPatch Vendor Advisory
18825http://secunia.com/advisories/18825SECUNIAPatch Vendor Advisory
18826http://secunia.com/advisories/18826SECUNIAPatch Vendor Advisory
18834http://secunia.com/advisories/18834SECUNIAPatch Vendor Advisory
18837http://secunia.com/advisories/18837SECUNIAPatch Vendor Advisory
18838http://secunia.com/advisories/18838SECUNIAPatch Vendor Advisory
18839http://secunia.com/advisories/18839SECUNIAPatch Vendor Advisory
18860http://secunia.com/advisories/18860SECUNIAPatch Vendor Advisory
18862http://secunia.com/advisories/18862SECUNIAPatch Vendor Advisory
18864http://secunia.com/advisories/18864SECUNIAPatch Vendor Advisory
18875http://secunia.com/advisories/18875SECUNIAVendor Advisory
18882http://secunia.com/advisories/18882SECUNIAPatch Vendor Advisory
18908http://secunia.com/advisories/18908SECUNIAPatch Vendor Advisory
18913http://secunia.com/advisories/18913SECUNIAPatch Vendor Advisory
18983http://secunia.com/advisories/18983SECUNIAPatch Vendor Advisory
19377http://secunia.com/advisories/19377SECUNIAPatch Vendor Advisory
470http://securityreason.com/securityalert/470SREASON
1015576http://securitytracker.com/id?1015576SECTRACKPatch
SSA:2006-045-09http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683SLACKWAREPatch
SSA:2006-045-04http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747SLACKWAREPatch
DSA-971http://www.debian.org/security/2006/dsa-971DEBIANPatch Vendor Advisory
DSA-972http://www.debian.org/security/2006/dsa-972DEBIANPatch Vendor Advisory
DSA-974http://www.debian.org/security/2006/dsa-974DEBIANPatch Vendor Advisory
GLSA-200602-04http://www.gentoo.org/security/en/glsa/glsa-200602-04.xmlGENTOOPatch Vendor Advisory
GLSA-200602-05http://www.gentoo.org/security/en/glsa/glsa-200602-05.xmlGENTOOPatch Vendor Advisory
GLSA-200602-12http://www.gentoo.org/security/en/glsa/glsa-200602-12.xmlGENTOOPatch Vendor Advisory
http://www.kde.org/info/security/advisory-20060202-1.txthttp://www.kde.org/info/security/advisory-20060202-1.txtMISCPatch Vendor Advisory
MDKSA-2006:030http://www.mandriva.com/security/advisories?name=MDKSA-2006:030MANDRIVA
MDKSA-2006:031http://www.mandriva.com/security/advisories?name=MDKSA-2006:031MANDRIVA
MDKSA-2006:032http://www.mandriva.com/security/advisories?name=MDKSA-2006:032MANDRIVA
FEDORA-2006-103http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00039.htmlFEDORAPatch Vendor Advisory
RHSA-2006:0201http://www.redhat.com/support/errata/RHSA-2006-0201.htmlREDHATPatch Vendor Advisory
20060202 [KDE Security Advisory] kpdf/xpdf heap based buffer overflowhttp://www.securityfocus.com/archive/1/423899/100/0/threadedBUGTRAQPatch Vendor Advisory
FLSA:175404http://www.securityfocus.com/archive/1/427990/100/0/threadedFEDORA
USN-249-1http://www.ubuntu.com/usn/usn-249-1UBUNTUPatch
ADV-2006-0389http://www.vupen.com/english/advisories/2006/0389VUPENVendor Advisory
ADV-2006-0422http://www.vupen.com/english/advisories/2006/0422VUPENVendor Advisory
https://bugzilla.novell.com/show_bug.cgi?id=141242https://bugzilla.novell.com/show_bug.cgi?id=141242CONFIRM
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179046https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179046MISC
xpdf-splash-bo(24391)https://exchange.xforce.ibmcloud.com/vulnerabilities/24391XF
oval:org.mitre.oval:def:10850https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10850OVAL