medium
5
CWE
189 190
Advisory Published
CVE Published
Updated

CVE-2005-3624: Integer Overflow

First published: Sat Dec 31 2005(Updated: )

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.

Credit: secalert@redhat.com

Affected SoftwareAffected VersionHow to fix
Easy Software Products Cups=1.1.22
Kde Kpdf=3.4.3
Kde Kdegraphics=3.4.3
Tetex Tetex=3.0
Kde Koffice=1.4.1
Kde Kword=1.4.2
Poppler Poppler=0.4.2
Tetex Tetex=1.0.7
SGI ProPack=3.0-sp6
Easy Software Products Cups=1.1.23_rc1
Kde Kdegraphics=3.2
Kde Koffice=1.4.2
Libextractor Libextractor
Easy Software Products Cups=1.1.22_rc1
Xpdf Xpdf=3.0
Tetex Tetex=2.0.2
Tetex Tetex=2.0.1
Conectiva Linux=10.0
Kde Kpdf=3.2
Easy Software Products Cups=1.1.23
Kde Koffice=1.4
Tetex Tetex=2.0
Suse Suse Linux=9.0
Slackware Slackware Linux=9.0
Mandrakesoft Mandrake Linux=2006
Redhat Enterprise Linux=2.1
Debian Debian Linux=3.1
Suse Suse Linux=9.0
Redhat Fedora Core=core_2.0
Turbolinux Turbolinux Multimedia
Redhat Enterprise Linux=4.0
Slackware Slackware Linux=10.0
Slackware Slackware Linux=10.2
Trustix Secure Linux=2.0
Mandrakesoft Mandrake Linux Corporate Server=2.1
Redhat Enterprise Linux Desktop=3.0
Suse Suse Linux=9.0
Debian Debian Linux=3.0
Suse Suse Linux=9.1
Mandrakesoft Mandrake Linux=10.2
Debian Debian Linux=3.1
Ubuntu Ubuntu Linux=4.1
Redhat Linux Advanced Workstation=2.1
Debian Debian Linux=3.1
Debian Debian Linux=3.0
Debian Debian Linux=3.1
Redhat Enterprise Linux=4.0
Suse Suse Linux=10.0
Redhat Enterprise Linux=3.0
Redhat Enterprise Linux=2.1
Suse Suse Linux=9.3
Debian Debian Linux=3.0
Turbolinux Turbolinux Appliance Server=1.0_workgroup_edition
Redhat Linux Advanced Workstation=2.1
Suse Suse Linux=9.3
Debian Debian Linux=3.0
Debian Debian Linux=3.1
Debian Debian Linux=3.1
Slackware Slackware Linux=10.1
Slackware Slackware Linux=9.1
Redhat Enterprise Linux=2.1
Suse Suse Linux=9.0
Debian Debian Linux=3.1
Trustix Secure Linux=3.0
Redhat Fedora Core=core_1.0
Ubuntu Ubuntu Linux=5.04
Debian Debian Linux=3.1
Ubuntu Ubuntu Linux=5.10
Debian Debian Linux=3.0
Mandrakesoft Mandrake Linux=10.1
Debian Debian Linux=3.0
Ubuntu Ubuntu Linux=5.04
Ubuntu Ubuntu Linux=5.10
SCO OpenServer=5.0.7
Debian Debian Linux=3.0
Redhat Linux=9.0
Ubuntu Ubuntu Linux=5.10
Suse Suse Linux=9.2
Mandrakesoft Mandrake Linux Corporate Server=3.0
Redhat Fedora Core=core_4.0
Turbolinux Turbolinux Server=10.0_x86
Suse Suse Linux=10.0
Debian Debian Linux=3.0
Suse Suse Linux=1.0
Mandrakesoft Mandrake Linux Corporate Server=3.0
Turbolinux Turbolinux Home
Debian Debian Linux=3.1
Redhat Enterprise Linux=4.0
Debian Debian Linux=3.1
Turbolinux Turbolinux Workstation=8.0
Redhat Enterprise Linux=3.0
Turbolinux Turbolinux=fuji
Debian Debian Linux=3.0
Suse Suse Linux=9.0
Suse Suse Linux=9.1
Redhat Enterprise Linux=2.1
Debian Debian Linux=3.1
Debian Debian Linux=3.0
Turbolinux Turbolinux Personal
Turbolinux Turbolinux=10
Redhat Linux=7.3
SCO OpenServer=6.0
Redhat Enterprise Linux=2.1
Redhat Enterprise Linux Desktop=4.0
Ubuntu Ubuntu Linux=5.04
Trustix Secure Linux=2.2
Turbolinux Turbolinux Server=8.0
Suse Suse Linux=9.3
Redhat Fedora Core=core_3.0
Ubuntu Ubuntu Linux=4.1
Debian Debian Linux=3.1
Suse Suse Linux=9.2
Suse Suse Linux=9.2
Turbolinux Turbolinux Server=10.0
Gentoo Linux
Turbolinux Turbolinux Desktop=10.0
Suse Suse Linux=9.1
Mandrakesoft Mandrake Linux=10.2
Turbolinux Turbolinux Appliance Server=1.0_hosting_edition
Debian Debian Linux=3.0
Debian Debian Linux=3.0
Debian Debian Linux=3.1
Redhat Enterprise Linux=2.1
Mandrakesoft Mandrake Linux Corporate Server=2.1
Mandrakesoft Mandrake Linux=2006
Mandrakesoft Mandrake Linux=10.1
Redhat Enterprise Linux=3.0

Remedy

http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html

Remedy

http://rhn.redhat.com/errata/RHSA-2006-0177.html

Remedy

http://secunia.com/advisories/18303

Remedy

http://secunia.com/advisories/18312

Remedy

http://secunia.com/advisories/18313

Remedy

http://secunia.com/advisories/18338

Remedy

http://secunia.com/advisories/18349

Remedy

http://secunia.com/advisories/18385

Remedy

http://secunia.com/advisories/18387

Remedy

http://secunia.com/advisories/18389

Remedy

http://secunia.com/advisories/18398

Remedy

http://secunia.com/advisories/18407

Remedy

http://secunia.com/advisories/18416

Remedy

http://secunia.com/advisories/18448

Remedy

http://secunia.com/advisories/18517

Remedy

http://secunia.com/advisories/18534

Remedy

http://secunia.com/advisories/18554

Remedy

http://secunia.com/advisories/18582

Remedy

http://www.debian.org/security/2006/dsa-936

Remedy

http://www.debian.org/security/2006/dsa-950

Remedy

http://www.debian.org/security/2006/dsa-961

Remedy

http://www.debian.org/security/2006/dsa-962

Remedy

http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml

Remedy

http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml

Remedy

http://www.kde.org/info/security/advisory-20051207-2.txt

Remedy

http://www.redhat.com/support/errata/RHSA-2006-0160.html

Remedy

http://www.securityfocus.com/bid/16143

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203