What is the severity of CVE-2004-0888?

CVE-2004-0888 is considered critical as it can lead to denial of service and potential arbitrary code execution.

How do I fix CVE-2004-0888?

To fix CVE-2004-0888, upgrade to the patched versions of affected packages such as cups, gpdf, and kdegraphics.

Which software is affected by CVE-2004-0888?

CVE-2004-0888 affects xpdf, cups, gpdf, and kdegraphics among other packages utilizing xpdf code.

What type of vulnerability is CVE-2004-0888?

CVE-2004-0888 involves multiple integer overflows in certain PDF processing software.

Is remote exploitation possible with CVE-2004-0888?

Yes, CVE-2004-0888 allows remote attackers to exploit the vulnerability to crash the application.

Vulnerability/
CVE-2004-0888

critical

CWE

NVD-CWE-Other 190

26/10/2004

8/8/2024

CVE-2004-0888: Integer Overflow

First published: Tue Oct 26 2004(Updated: )

Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889.

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
ubuntu/cupsys	<1.2.0-0ubuntu5	1.2.0-0ubuntu5
ubuntu/cupsys	<1.2.0-0ubuntu5	1.2.0-0ubuntu5
ubuntu/cupsys	<1.2.0-0ubuntu5	1.2.0-0ubuntu5
ubuntu/gpdf	<2.10.0-2	2.10.0-2
ubuntu/gpdf	<2.10.0-2	2.10.0-2
ubuntu/kdegraphics	<3.5.2-0ubuntu6	3.5.2-0ubuntu6
ubuntu/kdegraphics	<3.5.2-0ubuntu6	3.5.2-0ubuntu6
ubuntu/kdegraphics	<3.5.2-0ubuntu6	3.5.2-0ubuntu6
ubuntu/koffice	<1.5.0-0ubuntu9.2	1.5.0-0ubuntu9.2
ubuntu/koffice	<1.5.2-0ubuntu2.2	1.5.2-0ubuntu2.2
ubuntu/koffice	<1.6.2-0ubuntu1.1	1.6.2-0ubuntu1.1
ubuntu/pdftohtml	<0.36-13	0.36-13
ubuntu/pdftohtml	<0.36-13	0.36-13
ubuntu/pdftohtml	<0.36-13	0.36-13
ubuntu/tetex-bin	<3.0-13ubuntu6	3.0-13ubuntu6
ubuntu/tetex-bin	<3.0-13ubuntu6	3.0-13ubuntu6
ubuntu/tetex-bin	<3.0-13ubuntu6	3.0-13ubuntu6
debian/cups		2.3.3op2-3+deb11u6 2.3.3op2-3+deb11u2 2.4.2-3+deb12u5 2.4.10-1
debian/xpdf		3.04+git20210103-3 3.04+git20220601-1 3.04+git20240613-1
CUPS (Common UNIX Printing System)	=1.0.4
CUPS (Common UNIX Printing System)	=1.0.4_8
CUPS (Common UNIX Printing System)	=1.1.1
CUPS (Common UNIX Printing System)	=1.1.4
CUPS (Common UNIX Printing System)	=1.1.4_2
CUPS (Common UNIX Printing System)	=1.1.4_3
CUPS (Common UNIX Printing System)	=1.1.4_5
CUPS (Common UNIX Printing System)	=1.1.6
CUPS (Common UNIX Printing System)	=1.1.7
CUPS (Common UNIX Printing System)	=1.1.10
CUPS (Common UNIX Printing System)	=1.1.12
CUPS (Common UNIX Printing System)	=1.1.13
CUPS (Common UNIX Printing System)	=1.1.14
CUPS (Common UNIX Printing System)	=1.1.15
CUPS (Common UNIX Printing System)	=1.1.16
CUPS (Common UNIX Printing System)	=1.1.17
CUPS (Common UNIX Printing System)	=1.1.18
CUPS (Common UNIX Printing System)	=1.1.19
CUPS (Common UNIX Printing System)	=1.1.19_rc5
CUPS (Common UNIX Printing System)	=1.1.20
GNOME GPDF	=0.112
GNOME GPDF	=0.131
KDE KOffice	=1.3
KDE KOffice	=1.3.1
KDE KOffice	=1.3.2
KDE KOffice	=1.3.3
KDE KOffice	=1.3_beta1
KDE KOffice	=1.3_beta2
KDE KOffice	=1.3_beta3
KDE KPDF	=3.2
pdftohtml	=0.32a
pdftohtml	=0.32b
pdftohtml	=0.33
pdftohtml	=0.33a
pdftohtml	=0.34
pdftohtml	=0.35
pdftohtml	=0.36
teTeX	=1.0.7
teTeX	=2.0
teTeX	=2.0.1
teTeX	=2.0.2
Xpdf	=0.90
Xpdf	=0.91
Xpdf	=0.92
Xpdf	=0.93
Xpdf	=1.0
Xpdf	=1.0a
Xpdf	=1.1
Xpdf	=2.0
Xpdf	=2.1
Xpdf	=2.3
Xpdf	=3.0
Debian	=3.0
Debian	=3.0
Debian	=3.0
Debian	=3.0
Debian	=3.0
Debian	=3.0
Debian	=3.0
Debian	=3.0
Debian	=3.0
Debian	=3.0
Debian	=3.0
Debian	=3.0
Gentoo Linux
KDE KDE	=3.2
KDE KDE	=3.2.1
KDE KDE	=3.2.2
KDE KDE	=3.2.3
KDE KDE	=3.3
KDE KDE	=3.3.1
Red Hat Enterprise Linux	=2.1
Red Hat Enterprise Linux	=2.1
Red Hat Enterprise Linux	=2.1
Red Hat Enterprise Linux	=2.1
Red Hat Enterprise Linux	=2.1
Red Hat Enterprise Linux	=2.1
Red Hat Enterprise Linux	=3.0
Red Hat Enterprise Linux	=3.0
Red Hat Enterprise Linux	=3.0
redhat enterprise Linux desktop	=3.0
Red Hat Fedora Core	=core_2.0
Red Hat Linux Advanced Workstation	=2.1
Red Hat Linux Advanced Workstation	=2.1
SUSE Linux	=8.0
SUSE Linux	=8.1
SUSE Linux	=8.2
SUSE Linux	=9.0
SUSE Linux	=9.0
SUSE Linux	=9.1
SUSE Linux	=9.2
Ubuntu	=4.1
Ubuntu	=4.1

Remedy

http://www.redhat.com/support/errata/RHSA-2004-543.html

Remedy

http://www.securityfocus.com/bid/11501

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2004-0888?
CVE-2004-0888 is considered critical as it can lead to denial of service and potential arbitrary code execution.
How do I fix CVE-2004-0888?
To fix CVE-2004-0888, upgrade to the patched versions of affected packages such as cups, gpdf, and kdegraphics.
Which software is affected by CVE-2004-0888?
CVE-2004-0888 affects xpdf, cups, gpdf, and kdegraphics among other packages utilizing xpdf code.
What type of vulnerability is CVE-2004-0888?
CVE-2004-0888 involves multiple integer overflows in certain PDF processing software.
Is remote exploitation possible with CVE-2004-0888?
Yes, CVE-2004-0888 allows remote attackers to exploit the vulnerability to crash the application.

agent/type
agent/remedy
collector/usn-cve
source/Ubuntu
agent/software-canonical-lookup
agent/severity
agent/weakness
agent/description
collector/launchpad-cve
source/Launchpad
agent/author
agent/references
collector/security-tracker-debian
source/Debian
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/trending
agent/source
agent/tags
agent/softwarecombine
collector/nvd-cve
source/NVD
agent/software-canonical-lookup-request
collector/nvd-historical
vendor/pdftohtml
product/pdftohtml
canonical/pdftohtml pdftohtml
vendor/easy software products
product/cups
canonical/easy software products cups
vendor/xpdf
product/xpdf
canonical/xpdf xpdf
vendor/kde
product/koffice
canonical/kde koffice
vendor/gnome
product/gpdf
canonical/gnome gpdf
vendor/tetex
product/tetex
canonical/tetex tetex
product/kpdf
canonical/kde kpdf
vendor/redhat
product/enterprise linux
canonical/redhat enterprise linux
product/fedora core
canonical/redhat fedora core
vendor/suse
product/suse linux
canonical/suse suse linux
product/enterprise linux desktop
canonical/redhat enterprise linux desktop
vendor/debian
product/debian linux
canonical/debian debian linux
vendor/ubuntu
product/ubuntu linux
canonical/ubuntu ubuntu linux
product/linux advanced workstation
canonical/redhat linux advanced workstation
product/kde
canonical/kde kde
vendor/gentoo
product/linux
canonical/gentoo linux
collector/nvd-index
package-manager/ubuntu
package-manager/debian
canonical/cups (common unix printing system)
version/cups (common unix printing system)/1.0.4
version/cups (common unix printing system)/1.0.4_8
version/cups (common unix printing system)/1.1.1
version/cups (common unix printing system)/1.1.4
version/cups (common unix printing system)/1.1.4_2
version/cups (common unix printing system)/1.1.4_3
version/cups (common unix printing system)/1.1.4_5
version/cups (common unix printing system)/1.1.6
version/cups (common unix printing system)/1.1.7
version/cups (common unix printing system)/1.1.10
version/cups (common unix printing system)/1.1.12
version/cups (common unix printing system)/1.1.13
version/cups (common unix printing system)/1.1.14
version/cups (common unix printing system)/1.1.15
version/cups (common unix printing system)/1.1.16
version/cups (common unix printing system)/1.1.17
version/cups (common unix printing system)/1.1.18
version/cups (common unix printing system)/1.1.19
version/cups (common unix printing system)/1.1.19_rc5
version/cups (common unix printing system)/1.1.20
version/gnome gpdf/0.112
version/gnome gpdf/0.131
version/kde koffice/1.3
version/kde koffice/1.3.1
version/kde koffice/1.3.2
version/kde koffice/1.3.3
version/kde koffice/1.3_beta1
version/kde koffice/1.3_beta2
version/kde koffice/1.3_beta3
version/kde kpdf/3.2
canonical/pdftohtml
version/pdftohtml/0.32a
version/pdftohtml/0.32b
version/pdftohtml/0.33
version/pdftohtml/0.33a
version/pdftohtml/0.34
version/pdftohtml/0.35
version/pdftohtml/0.36
canonical/tetex
version/tetex/1.0.7
version/tetex/2.0
version/tetex/2.0.1
version/tetex/2.0.2
canonical/xpdf
version/xpdf/0.90
version/xpdf/0.91
version/xpdf/0.92
version/xpdf/0.93
version/xpdf/1.0
version/xpdf/1.0a
version/xpdf/1.1
version/xpdf/2.0
version/xpdf/2.1
version/xpdf/2.3
version/xpdf/3.0
canonical/debian
version/debian/3.0
version/kde kde/3.2
version/kde kde/3.2.1
version/kde kde/3.2.2
version/kde kde/3.2.3
version/kde kde/3.3
version/kde kde/3.3.1
canonical/red hat enterprise linux
version/red hat enterprise linux/2.1
version/red hat enterprise linux/3.0
version/redhat enterprise linux desktop/3.0
canonical/red hat fedora core
version/red hat fedora core/core_2.0
canonical/red hat linux advanced workstation
version/red hat linux advanced workstation/2.1
canonical/suse linux
version/suse linux/8.0
version/suse linux/8.1
version/suse linux/8.2
version/suse linux/9.0
version/suse linux/9.1
version/suse linux/9.2
canonical/ubuntu
version/ubuntu/4.1

CVE-2004-0888: Integer Overflow

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2004-0888?

How do I fix CVE-2004-0888?

Which software is affected by CVE-2004-0888?

What type of vulnerability is CVE-2004-0888?

Is remote exploitation possible with CVE-2004-0888?

Company

Resources

Contact