CVE-2006-0301
published 2006-01-30CVE-2006-0301: Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others…
high7.5CVSS 3.1
AVNACLAuNCPIPAP
Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap.
Affected
43 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | libextractor | < libextractor 0.5.10-1 (bookworm) | libextractor 0.5.10-1 (bookworm) |
| debian | poppler | < libextractor 0.5.10-1 (bookworm) | libextractor 0.5.10-1 (bookworm) |
| debian | xpdf | < libextractor 0.5.10-1 (bookworm) | libextractor 0.5.10-1 (bookworm) |
| debian | xpdf | — | — |
| freedesktop | poppler | >= 0 < 0.4.5-1 | 0.4.5-1 |
| freedesktop | poppler | >= 0 < 0.4.5-1 | 0.4.5-1 |
| freedesktop | poppler | >= 0 < 0.4.5-1 | 0.4.5-1 |
| freedesktop | poppler | >= 0 < 0.4.5-1 | 0.4.5-1 |
| gnome | gpdf | — | — |
| gnu | libextractor | >= 0 < 0.5.10-1 | 0.5.10-1 |
| gnu | libextractor | >= 0 < 0.5.10-1 | 0.5.10-1 |
| gnu | libextractor | >= 0 < 0.5.10-1 | 0.5.10-1 |
| gnu | libextractor | >= 0 < 0.5.10-1 | 0.5.10-1 |
| libextractor | libextractor | — | — |
| libextractor | libextractor | — | — |
| libextractor | libextractor | — | — |
| libextractor | libextractor | — | — |
| libextractor | libextractor | — | — |
| libextractor | libextractor | — | — |
| libextractor | libextractor | — | — |
| libextractor | libextractor | — | — |
| libextractor | libextractor | — | — |
| xpdf | xpdf | — | — |
| xpdf | xpdf | — | — |
CVSS provenance
nvd7.6HIGHAV:N/AC:H/Au:N/C:C/I:C/A:C
osv7.5HIGH