CVE-2006-1244

5 documents5 sources

Severity

7.6HIGH

EPSS

3.5%

top 12.45%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Debian Debian Linux Gnome Gpdf Libextractor Libextractor +1 more

Timeline

PublishedMar 15

Latest updateMay 1

Description

Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-…

CVSS vector

AV:N/AC:H/C:C/I:C/A:CExploitability: 4.9 | Impact: 10.0

Affected Packages3 packages

▶NVDxpdf/xpdf16 versions+15

▶NVDgnome/gpdf2.8.2

▶NVDlibextractor/libextractor9 versions+8

Also affects: Debian Linux 3.1

Patches

Patch: secunia.com ↗Patch: secunia.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-2hp4-p7vf-34wc: Unspecified vulnerability in certain versions of xpdf after 3↗2022-05-01

▶

CVEList

CVE-2006-1244: Unspecified vulnerability in certain versions of xpdf after 3↗2006-03-15

▶

📋Vendor Advisories

Ubuntu

xpdf vulnerabilities↗2006-04-13

▶

Debian

CVE-2006-1244: xpdf - Unspecified vulnerability in certain versions of xpdf after 3.00, as used in var...↗2006

▶