CVE-2006-0301Improper Restriction of Operations within the Bounds of a Memory Buffer in Poppler

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer17 documents8 sources
Severity
7.5HIGHNVD
EPSS
3.1%
top 13.21%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Freedesktop PopplerGNU LibextractorXpdf
Timeline
PublishedJan 30
Latest updateMay 3

Description

Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages3 packages

Debianxpdf/xpdf< 3.01-6+3
Debianfreedesktop/poppler< 0.4.5-1+3
Debiangnu/libextractor< 0.5.10-1+3

Patches

Patch: ftp.sco.comPatch: rhn.redhat.comPatch: secunia.com

🔴Vulnerability Details

3
GHSA
GHSA-rj3h-g34f-3227: Heap-based buffer overflow in Splash2022-05-03
CVEList
CVE-2006-0301: Heap-based buffer overflow in Splash2006-01-30
OSV
CVE-2006-0301: Heap-based buffer overflow in Splash2006-01-30

📋Vendor Advisories

3
Ubuntu
xpdf/poppler/kpdf vulnerabilities2006-02-15
Red Hat
security flaw2006-01-05
Debian
CVE-2006-0301: libextractor - Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such ...2006

💬Community

10
Bugzilla
CVE-2006-0301 security flaw2018-08-16
Bugzilla
CVE-2006-0301 PDF splash handling heap overflow (FC5test2)2006-01-31
Bugzilla
CVE-2006-0301 PDF splash handling heap overflow (FC5test2)2006-01-31
Bugzilla
CVE-2006-0301 PDF splash handling heap overflow (FC5 test2)2006-01-31
Bugzilla
CVE-2006-0301 PDF splash handling heap overflow2006-01-26
CVE-2006-0301 — Freedesktop Poppler vulnerability | cvebase