CVE-2004-1125 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2004-1125
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2004-1125

Description: Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/18641 UBUNTU http://www.ubuntulinux.org/support/documentation/usn/usn-50-1 SUSE http://www.novell.com/linux/security/advisories/2005_01_sr.html ST 1012646 SCO SAID Secunia Advisory: SA17277 REDHAT http://www.redhat.com/support/errata/RHSA-2005-354.html http://www.redhat.com/support/errata/RHSA-2005-066.html http://www.redhat.com/support/errata/RHSA-2005-057.html http://www.redhat.com/support/errata/RHSA-2005-053.html http://www.redhat.com/support/errata/RHSA-2005-034.html http://www.redhat.com/support/errata/RHSA-2005-018.html http://www.redhat.com/support/errata/RHSA-2005-013.html http://www.redhat.com/support/errata/RHSA-2005-026.html IDEFENSE http://http://www.idefense.com/application/poi/display?id=172&type=vulnerabilities GENTOO http://www.gentoo.org/security/en/glsa/glsa-200501-17.xml http://www.gentoo.org/security/en/glsa/glsa-200501-13.xml http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml FULLDISC http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030241.html FEDORA CONFIRM http://www.kde.org/info/security/advisory-20041223-1.txt CONECTIVA http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000921 BUGTRAQ http://marc.theaimsgroup.com/?t=110378596500001&r=1&w=2 BID 12070

Return to the previous page.