CVE-2005-3625
published 2005-12-31CVE-2005-3625: Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service…
critical10CVSS 3.1
AVNACLAuNCCICAC
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."
Affected
88 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | cups | >= 0 < 1.1.22-7 | 1.1.22-7 |
| apple | cups | >= 0 < 1.1.22-7 | 1.1.22-7 |
| apple | cups | >= 0 < 1.1.22-7 | 1.1.22-7 |
| apple | cups | >= 0 < 1.1.22-7 | 1.1.22-7 |
| conectiva | linux | — | — |
| debian | cups | < cups 1.1.22-7 (bookworm) | cups 1.1.22-7 (bookworm) |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | libextractor | < cups 1.1.22-7 (bookworm) | cups 1.1.22-7 (bookworm) |
| debian | poppler | < cups 1.1.22-7 (bookworm) | cups 1.1.22-7 (bookworm) |
| debian | xpdf | < cups 1.1.22-7 (bookworm) | cups 1.1.22-7 (bookworm) |
| easy_software_products | cups | — | — |
| easy_software_products | cups | — | — |
| easy_software_products | cups | — | — |
| easy_software_products | cups | — | — |
| freedesktop | poppler | >= 0 < 0.4.4-1 | 0.4.4-1 |
| freedesktop | poppler | >= 0 < 0.4.4-1 | 0.4.4-1 |
| freedesktop | poppler | >= 0 < 0.4.4-1 | 0.4.4-1 |
| freedesktop | poppler | >= 0 < 0.4.4-1 | 0.4.4-1 |
| gnu | libextractor | >= 0 < 0.5.9-1 | 0.5.9-1 |
| gnu | libextractor | >= 0 < 0.5.9-1 | 0.5.9-1 |
| gnu | libextractor | >= 0 < 0.5.9-1 | 0.5.9-1 |
| gnu | libextractor | >= 0 < 0.5.9-1 | 0.5.9-1 |
| kde | kdegraphics | — | — |
| kde | kdegraphics | — | — |
CVSS provenance
nvd10.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
osv10.0CRITICAL