CVE-2006-0301
Published: 30 January 2006
Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap.
Priority
Status
Package | Release | Status |
---|---|---|
gpdf Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life, was needed)
|
edgy |
Released
(2.10.0-4)
|
|
feisty |
Does not exist
|
|
upstream |
Needs triage
|
|
kdegraphics Launchpad, Ubuntu, Debian |
dapper |
Not vulnerable
|
edgy |
Not vulnerable
|
|
feisty |
Not vulnerable
|
|
upstream |
Needs triage
|
|
libextractor Launchpad, Ubuntu, Debian |
upstream |
Needs triage
|
dapper |
Released
(0.5.14-1)
|
|
edgy |
Released
(0.5.14-1)
|
|
feisty |
Released
(0.5.14-1)
|
|
pdftohtml Launchpad, Ubuntu, Debian |
dapper |
Released
(0.36-13)
|
edgy |
Released
(0.36-13)
|
|
feisty |
Released
(0.36-13)
|
|
upstream |
Needs triage
|
|
poppler Launchpad, Ubuntu, Debian |
dapper |
Released
(0.5.1-0ubuntu7.2)
|
edgy |
Released
(0.5.4-0ubuntu4.2)
|
|
feisty |
Released
(0.5.4-0ubuntu8.1)
|
|
upstream |
Needs triage
|
|
xpdf Launchpad, Ubuntu, Debian |
dapper |
Released
(3.01-7ubuntu0.1)
|
edgy |
Released
(3.01-9ubuntu1.1)
|
|
feisty |
Released
(3.01-9ubuntu3)
|
|
upstream |
Needs triage
|