CVE-2005-3192 - CVE Reference - Advisories

Software Inspectors

	Scan Online

	Personal (PSI)

	Network (NSI 2.0)

Solutions For

	Security Professionals

	Security Vendors

Free Solutions For

	Open Communities

	Journalists & Media

Secunia Advisories

	Search

	Historic Advisories

	Listed By Product

	Listed By Vendor

	Statistics / Graphs

	Secunia Research

	Report Vulnerability

	About Advisories

Virus Information

	Chronological List

	Last 10 Virus Alerts

	About Virus Information

Secunia Customers

	Customer Area

CVE Reference: CVE-2005-3192

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2005-3192

Description: Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitrary code via a PDF file with an out-of-range numComps (number of components) field.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/23442 UBUNTU http://www.ubuntulinux.org/usn/usn-227-1 TRUSTIX http://www.trustix.org/errata/2005/0072/ SUSE http://www.novell.com/linux/security/advisories/2005_29_sr.html http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html http://www.novell.com/linux/security/advisories/2006_02_sr.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 ST 1015324 1015309 SREASON http://securityreason.com/securityalert/235 http://securityreason.com/securityalert/240 SLACKWARE http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 SGI SCO SAID Secunia Advisory: SA18428 Secunia Advisory: SA18380 Secunia Advisory: SA18503 Secunia Advisory: SA19377 Secunia Advisory: SA19230 Secunia Advisory: SA18913 Secunia Advisory: SA18908 Secunia Advisory: SA18679 Secunia Advisory: SA18675 Secunia Advisory: SA18674 Secunia Advisory: SA17955 Secunia Advisory: SA18554 Secunia Advisory: SA18517 Secunia Advisory: SA18303 Secunia Advisory: SA18582 Secunia Advisory: SA18549 Secunia Advisory: SA18534 Secunia Advisory: SA18407 Secunia Advisory: SA18398 Secunia Advisory: SA18448 Secunia Advisory: SA18389 Secunia Advisory: SA18385 Secunia Advisory: SA18349 Secunia Advisory: SA18416 Secunia Advisory: SA18387 Secunia Advisory: SA18336 Secunia Advisory: SA18313 Secunia Advisory: SA18189 Secunia Advisory: SA18192 Secunia Advisory: SA18191 Secunia Advisory: SA17926 Secunia Advisory: SA18061 Secunia Advisory: SA18055 Secunia Advisory: SA18009 Secunia Advisory: SA17976 Secunia Advisory: SA17940 Secunia Advisory: SA17929 Secunia Advisory: SA17920 Secunia Advisory: SA17921 Secunia Advisory: SA17916 Secunia Advisory: SA17908 Secunia Advisory: SA17897 Secunia Advisory: SA17912 Secunia Advisory: SA18436 Secunia Advisory: SA19797 Secunia Advisory: SA19798 Secunia Advisory: SA25729 Secunia Advisory: SA26413 REDHAT http://www.redhat.com/support/errata/RHSA-2006-0160.html http://rhn.redhat.com/errata/RHSA-2005-868.html http://www.redhat.com/support/errata/RHSA-2005-878.html http://www.redhat.com/support/errata/RHSA-2005-867.html http://www.redhat.com/support/errata/RHSA-2005-840.html MISC http://scary.beasts.org/security/CESA-2005-003.txt http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289 MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:010 http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:011 http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:005 http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:006 http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:008 http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:004 http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:003 MANDRAKE http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:010 IDEFENSE http://www.idefense.com/application/poi/display?id=344&type=vulnerabilities GENTOO http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml FEDORA http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html http://www.securityfocus.com/archive/1/archive/1/427053/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/427990/100/0/threaded http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html DEBIAN http://www.debian.org/security/2006/dsa-937 http://www.debian.org/security/2006/dsa-961 http://www.debian.org/security/2006/dsa-962 http://www.debian.org/security/2005/dsa-932 http://www.debian.org/security/2006/dsa-936 http://www.debian.org/security/2006/dsa-950 http://www.debian.org/security/2005/dsa-931 CONFIRM http://www.kde.org/info/security/advisory-20051207-2.txt http://www.kde.org/info/security/advisory-20051207-1.txt BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/418883/100/0/threaded BID 15725

Return to the previous page.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	OpenBSD BIND Query Port DNS Cache Poisoning

2.	Red Hat update for kernel

3.	Drupal Session Fixation Vulnerability

4.	Debian update for clamav

5.	Linux Kernel LDT Buffer Size Handling Vulnerability

6.	IPCop update for perl

7.	Ubuntu update for php

8.	Debian update for xulrunner

9.	dnsmasq Denial of Service and DNS Cache Poisoning

10.	Apple Safari Cross-Domain Cookie Injection Vulnerability