SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Xpdf Vendors:   Glyph and Cog
Xpdf Integer Overflows in indexHigh and pageSize May Let Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1011865
SecurityTracker URL:  http://securitytracker.com/id/1011865
CVE Reference:   CVE-2004-0888, CVE-2004-0889, CVE-2005-0206   (Links to External Site)
Updated:  Feb 18 2005
Original Entry Date:  Oct 21 2004
Impact:   Execution of arbitrary code via network, User access via network

Version(s): 3.00
Description:   Some integer overflows were reported in Xpdf. A remote user may be able to execute arbitrary code on a target user's system.

Several vendors reported that there are integer overflows in Xpdf. A remote user can create a specially crafted PDF file that, when viewed by the target user, may execute arbitrary code.

The flaws reside in 'pdftops/Catalog.cc' and 'pdftops/XRef.cc'. A specially crafted Index color size (indexHigh) or Page size can trigger the overflow.

Chris Evans is credited with discovering these flaws.

CUPS, the Common UNIX Printing System, is also affected because it includes Xpdf.

Impact:   A remote user may be able to execute arbitrary code on a target user's system when the target user loads a malformed PDF file.
Solution:   No upstream solution was available at the time of this entry.

[Editor's note: Several Linux distribution vendors subsequently issued patches for these vulnerabilities. However, the patches for CVE number CVE-2004-0888 as distributed by some vendors did not fully correct the flaws on 64-bit systems. As a result, a new CVE number has been assigned (CVE-2005-0206) to identify the vulnerability due to the incomplete patch.]

Vendor URL:  www.foolabs.com/xpdf/ (Links to External Site)
Cause:   Boundary error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Oct 21 2004 (Gentoo Issues Fix) Xpdf Integer Overflows in indexHigh and pageSize May Let Remote Users Execute Arbitrary Code
Gentoo has released a fix.
Oct 21 2004 (Gentoo Issues Fix for CUPS) Xpdf Integer Overflows in indexHigh and pageSize May Let Remote Users Execute Arbitrary Code
Gentoo has released a fix for CUPS, which is affected by the Xpdf vulnerability.
Oct 21 2004 (Debian Issues Fix for CUPS) Xpdf Integer Overflows in indexHigh and pageSize May Let Remote Users Execute Arbitrary Code
Debian has released a fix for CUPS.
Oct 21 2004 (Fedora Issues Fix for FC2) Xpdf Integer Overflows in indexHigh and pageSize May Let Remote Users Execute Arbitrary Code
Fedora has released a fix for Fedora Core 2.
Oct 22 2004 (Mandrake Issues Fix) Xpdf Integer Overflows in indexHigh and pageSize May Let Remote Users Execute Arbitrary Code
Mandrake has released a fix.
Oct 22 2004 (Mandrake Issues Fix for kdegraphics) Xpdf Integer Overflows in indexHigh and pageSize May Let Remote Users Execute Arbitrary Code
Mandrake has released a fix for kdegraphics, which is affected by this vulnerability.
Oct 22 2004 (Mandrake Issues Fix for CUPS) Xpdf Integer Overflows in indexHigh and pageSize May Let Remote Users Execute Arbitrary Code
Mandrake has released a fix for CUPS, which is affected by the Xpdf vulnerability.
Oct 22 2004 (Mandrake Issues Fix for gpdf) Xpdf Integer Overflows in indexHigh and pageSize May Let Remote Users Execute Arbitrary Code
Mandrake has released a fix for gpdf, which is affected by the Xpdf vulnerability.
Oct 22 2004 (KDE Issues Fix for kpdf) Xpdf Integer Overflows in indexHigh and pageSize May Let Remote Users Execute Arbitrary Code
KDE has issued a fix for kpdf (part of the kdegraphics package), which is affected by the Xpdf vulnerability.
Oct 23 2004 (Red Hat Issues Fix for CUPS) Xpdf Integer Overflows in indexHigh and pageSize May Let Remote Users Execute Arbitrary Code
Red Hat has released a fix for CUPS on Red Hat Linux 3.
Oct 27 2004 (KDE Issues Fix for KOffice) Xpdf Integer Overflows in indexHigh and pageSize May Let Remote Users Execute Arbitrary Code
KDE has issued a fix for KOffice, which is affected by the PDF integer overflow vulnerability.
Oct 27 2004 (Red Hat Issues Fix) Xpdf Integer Overflows in indexHigh and pageSize May Let Remote Users Execute Arbitrary Code
Red Hat has released a fix for Red Hat Enterprise Linux 2.1 and 3.
Oct 28 2004 (Gentoo Issues Fix for KOffice) Xpdf Integer Overflows in indexHigh and pageSize May Let Remote Users Execute Arbitrary Code
Gentoo has released a fix for KOffice.
Oct 28 2004 (Gentoo Issues Fix for KDE) Xpdf Integer Overflows in indexHigh and pageSize May Let Remote Users Execute Arbitrary Code
Gentoo has issued a fix for KDE (kdegraphics).
Oct 28 2004 (Gentoo Issues Fix for GPdf) Xpdf Integer Overflows in indexHigh and pageSize May Let Remote Users Execute Arbitrary Code
Gentoo has released a fix for GPdf.
Oct 29 2004 (Fedroa Issues Fix for KDE on FC2) Xpdf Integer Overflows in indexHigh and pageSize May Let Remote Users Execute Arbitrary Code
Fedora has released a fix for kdegraphics on Fedora Core 2.
Nov 3 2004 (Debian Issues Fix) Xpdf Integer Overflows in indexHigh and pageSize May Let Remote Users Execute Arbitrary Code
Debian has released a fix.
Nov 8 2004 (Conectiva Issues Fix) Xpdf Integer Overflows in indexHigh and pageSize May Let Remote Users Execute Arbitrary Code
Conectiva has released a fix.
Nov 23 2004 (Gentoo Issues Fix for pdftohtml) Xpdf Integer Overflows in indexHigh and pageSize May Let Remote Users Execute Arbitrary Code
Gentoo has released a fix for pdftohtml.
Nov 25 2004 (Debian Issues Fix for tetex) Xpdf Integer Overflows in indexHigh and pageSize May Let Remote Users Execute Arbitrary Code
Debian has released a fix for tetex-bin to correct the Xpdf vulnerability.
Dec 31 2004 (Mandrake Issues Fix for tetex) Xpdf Integer Overflows in indexHigh and pageSize May Let Remote Users Execute Arbitrary Code
Mandrake has released a fix for tetex.
Dec 31 2004 (Mandrake Issues Fix for KOffice) Xpdf Integer Overflows in indexHigh and pageSize May Let Remote Users Execute Arbitrary Code
Mandrake has released a fix for KOffice.
Mar 4 2005 (Red Hat Issues Fix) Xpdf Integer Overflows in indexHigh and pageSize May Let Remote Users Execute Arbitrary Code
Red Hat has released a fix.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC