SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Xpdf Vendors:   Glyph and Cog
Xpdf Large Temporary Files May Let Remote Users Cause Denial of Service Conditions
SecurityTracker Alert ID:  1014645
SecurityTracker URL:  http://securitytracker.com/id/1014645
CVE Reference:   CVE-2005-2097   (Links to External Site)
Date:  Aug 10 2005
Impact:   Denial of service via local system, Denial of service via network

Version(s): 3.00pl3 and prior versions
Description:   A vulnerability was reported in Xpdf. A user can cause denial of service conditions.

A remote user can supply a specially crafted PDF file that, when processed by Xpdf, will fill up all available disk space. As a result, denial of service conditions may occur.

The xpdf code can be made to write a temporary file in the temporary directory that is large enough to fill up the available disk space.

Impact:   A local or remote user can create a file that, when processed using Xpdf, will consume all available disk space on the target system.
Solution:   No solution was available at the time of this entry.
Vendor URL:  www.foolabs.com/xpdf/ (Links to External Site)
Cause:   State error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Aug 10 2005 (Red Hat Issues Fix) Xpdf Large Temporary Files May Let Remote Users Cause Denial of Service Conditions
Red Hat has released a fix.
Aug 10 2005 (Red Hat Issues Fix for CUPS) Xpdf Large Temporary Files May Let Remote Users Cause Denial of Service Conditions
Red Hat has released a fix for CUPS, which is affected by the Xpdf vulnerability.
Aug 12 2005 (Red Hat Issues Fix for gpdf) Xpdf Large Temporary Files May Let Remote Users Cause Denial of Service Conditions
Red Hat has released a fix for gpdf.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC