What is the severity of CVE-2005-3191?

CVE-2005-3191 is considered to have a high severity due to multiple heap-based buffer overflows that can be exploited.

How do I fix CVE-2005-3191?

To fix CVE-2005-3191, you should upgrade to a version of Xpdf that is newer than 3.01, which no longer contains this vulnerability.

What software is affected by CVE-2005-3191?

CVE-2005-3191 affects multiple software products including Xpdf, Poppler, and KDE kpdf among others.

What are the potential impacts of exploiting CVE-2005-3191?

Exploiting CVE-2005-3191 may allow an attacker to execute arbitrary code or crash the application.

When was CVE-2005-3191 disclosed?

CVE-2005-3191 was publicly disclosed in 2005, prompting the need for immediate security updates.

Vulnerability/
CVE-2005-3191

medium

5.1

CWE

119

7/12/2005

7/8/2024

CVE-2005-3191: Buffer Overflow

First published: Wed Dec 07 2005(Updated: )

Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KDE kpdf, (d) pdftohtml, (e) KOffice KWord, (f) CUPS, and (g) libextractor allow user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with an out-of-range number of components (numComps), which is used as an array index.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Xpdf	=2.0
Xpdf	=3.0_pl3
Xpdf	=1.0
Xpdf	=0.91
Xpdf	=2.3
Xpdf	=0.92
Xpdf	=3.0.1
Xpdf	=1.0a
Xpdf	=2.2
Xpdf	=3.0_pl2
Xpdf	=2.1
Xpdf	=0.90
Xpdf	=3.0
Xpdf	=0.93
Xpdf	=1.1

Remedy

http://www.idefense.com/application/poi/display?id=342&type=vulnerabilities

Remedy

http://www.idefense.com/application/poi/display?id=343&type=vulnerabilities

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2005-3191?
CVE-2005-3191 is considered to have a high severity due to multiple heap-based buffer overflows that can be exploited.
How do I fix CVE-2005-3191?
To fix CVE-2005-3191, you should upgrade to a version of Xpdf that is newer than 3.01, which no longer contains this vulnerability.
What software is affected by CVE-2005-3191?
CVE-2005-3191 affects multiple software products including Xpdf, Poppler, and KDE kpdf among others.
What are the potential impacts of exploiting CVE-2005-3191?
Exploiting CVE-2005-3191 may allow an attacker to execute arbitrary code or crash the application.
When was CVE-2005-3191 disclosed?
CVE-2005-3191 was publicly disclosed in 2005, prompting the need for immediate security updates.

agent/references
agent/type
agent/softwarecombine
agent/remedy
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/severity
agent/author
agent/weakness
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/xpdf
canonical/xpdf
version/xpdf/2.0
version/xpdf/3.0_pl3
version/xpdf/1.0
version/xpdf/0.91
version/xpdf/2.3
version/xpdf/0.92
version/xpdf/3.0.1
version/xpdf/1.0a
version/xpdf/2.2
version/xpdf/3.0_pl2
version/xpdf/2.1
version/xpdf/0.90
version/xpdf/3.0
version/xpdf/0.93
version/xpdf/1.1

CVE-2005-3191: Buffer Overflow

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2005-3191?

How do I fix CVE-2005-3191?

What software is affected by CVE-2005-3191?

What are the potential impacts of exploiting CVE-2005-3191?

When was CVE-2005-3191 disclosed?

Company

Resources

Contact