CVE-2005-3624
published 2005-12-31CVE-2005-3624: The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to…
medium5CVSS 3.1
AVNACLAuNCNIPAN
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
Affected
114 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | cups | >= 0 < 1.1.22-7 | 1.1.22-7 |
| apple | cups | >= 0 < 1.1.22-7 | 1.1.22-7 |
| apple | cups | >= 0 < 1.1.22-7 | 1.1.22-7 |
| apple | cups | >= 0 < 1.1.22-7 | 1.1.22-7 |
| conectiva | linux | — | — |
| debian | cups | < cups 1.1.22-7 (bookworm) | cups 1.1.22-7 (bookworm) |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | libextractor | < cups 1.1.22-7 (bookworm) | cups 1.1.22-7 (bookworm) |
| debian | poppler | < cups 1.1.22-7 (bookworm) | cups 1.1.22-7 (bookworm) |
| debian | xpdf | < cups 1.1.22-7 (bookworm) | cups 1.1.22-7 (bookworm) |
| debian | xpdf | — | — |
| easy_software_products | cups | — | — |
| easy_software_products | cups | — | — |
| easy_software_products | cups | — | — |
| easy_software_products | cups | — | — |
| freedesktop | poppler | >= 0 < 0.4.4-1 | 0.4.4-1 |
| freedesktop | poppler | >= 0 < 0.4.4-1 | 0.4.4-1 |
| freedesktop | poppler | >= 0 < 0.4.4-1 | 0.4.4-1 |
| freedesktop | poppler | >= 0 < 0.4.4-1 | 0.4.4-1 |
| gnome | gpdf | — | — |
| gnu | libextractor | >= 0 < 0.5.9-1 | 0.5.9-1 |
| gnu | libextractor | >= 0 < 0.5.9-1 | 0.5.9-1 |
| gnu | libextractor | >= 0 < 0.5.9-1 | 0.5.9-1 |
| gnu | libextractor | >= 0 < 0.5.9-1 | 0.5.9-1 |
CVSS provenance
nvd7.6HIGHAV:N/AC:H/Au:N/C:C/I:C/A:C
osv5.0MEDIUM