CVE-2005-3191Improper Restriction of Operations within the Bounds of a Memory Buffer in Xpdf

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer34 documents8 sources
Severity
5.1MEDIUMNVD
EPSS
3.0%
top 13.33%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Apple CupsFreedesktop PopplerGNU Libextractor+1 more
Timeline
PublishedDec 7
Latest updateMay 3

Description

Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KDE kpdf, (d) pdftohtml, (e) KOffice KWord, (f) CUPS, and (g) libextractor allow user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with an out-of-range number of components

CVSS vector

AV:N/AC:H/C:P/I:P/A:PExploitability: 4.9 | Impact: 6.4

Affected Packages5 packages

Debianxpdf/xpdf< 3.01-3+3
Debianapple/cups< 1.1.23-13+3
Debiangnu/libextractor< 0.5.8-1+3
Debianfreedesktop/poppler< 0.4.2-1.1+3
NVDxpdf/xpdf15 versions+14

Patches

Patch: www.idefense.comPatch: www.idefense.comPatch: www.idefense.com

🔴Vulnerability Details

3
GHSA
GHSA-wc46-2g2w-q2mc: Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing c2022-05-03
OSV
CVE-2005-3191: Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing c2005-12-07
CVEList
CVE-2005-3191: Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing c2005-12-07

📋Vendor Advisories

3
Ubuntu
xpdf vulnerabilities2005-12-12
Red Hat
security flaw2005-12-06
Debian
CVE-2005-3191: cups - Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF an...2005

💬Community

26
Bugzilla
CVE-2005-3191 security flaw2018-08-16
Bugzilla
CVE-2005-3191 xpdf issues in FC5test2 (CVE-2005-3192 CVE-2005-3193 CVE-2005-3624 CVE-2005-3625 CVE-2005-3626 CVE-2005-3627 CVE-2005-3628)2006-01-16
Bugzilla
CVE-2005-3624 xpdf issues in tetex for FC5test2 (CVE-2005-3625 CVE-2005-3626 CVE-2005-3627)2006-01-16
Bugzilla
CVE-2005-3191 xpdf issues affect poppler in FC5test2 (CVE-2005-3192 CVE-2005-3193 CVE-2005-3624 CVE-2005-3625 CVE-2005-3626 CVE-2005-3627 CVE-2005-3628)2006-01-16
Bugzilla
CVE-2005-3191 xpdf issues affect kdegraphics in FC5test2 (CVE-2005-3192 CVE-2005-3193 CVE-2005-3624 CVE-2005-3625 CVE-2005-3626 CVE-2005-3627 CVE-2005-3628)2006-01-16
CVE-2005-3191 — Xpdf vulnerability | cvebase