CVE-2005-3192

Published: 08 December 2005

Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitrary code via a PDF file with an out-of-range numComps (number of components) field.

Priority

Unknown

Status

Package Release Status
cupsys
Launchpad, Ubuntu, Debian
Upstream Needs triage

gpdf
Launchpad, Ubuntu, Debian
Upstream Needs triage

kdegraphics
Launchpad, Ubuntu, Debian
Upstream Needs triage

koffice
Launchpad, Ubuntu, Debian
Upstream Needs triage

poppler
Launchpad, Ubuntu, Debian
Upstream Needs triage

tetex-bin
Launchpad, Ubuntu, Debian
Upstream Needs triage