CVE-2005-0064
https://notcve.org/view.php?id=CVE-2005-0064
Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value. • ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000921 http://marc.info/?l=bugtraq&m=110625368019554&w=2 http://secunia.com/advisories/17277 http://www.debian.org/security/2005/dsa-645 http://www.debian.org/security/2005/dsa-648 http://www.idefense.com/application/poi/display?id=186&type=vulnerabilities http://www.mandriva.com/s •
CVE-2004-0888
https://notcve.org/view.php?id=CVE-2004-0888
Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889. • http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000886 http://marc.info/?l=bugtraq&m=109880927526773&w=2 http://marc.info/?l=bugtraq&m=110815379627883&w=2 http://www.debian.org/security/2004/dsa-573 http://www.debian.org/security/2004/dsa-581 http://www.debian.org/security/2004/dsa-599 http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml http://www.mandriva.com/security/ •
CVE-2004-0889
https://notcve.org/view.php?id=CVE-2004-0889
Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888. • http://marc.info/?l=bugtraq&m=109880927526773&w=2 http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml http://www.mandriva.com/security/advisories?name=MDKSA-2004:113 http://www.securityfocus.com/bid/11501 https://exchange.xforce.ibmcloud.com/vulnerabilities/17819 •
CVE-2002-1384
https://notcve.org/view.php?id=CVE-2002-1384
Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf. Desbordamiento de enteros en pdftops, usado en Xpdf 2.01 y anteriores, y CUPS antes de 1.1.18, permite a usuarios locales ejecutar código arbitrario mediante una entrada ColorSpace con un número de elementos largo, como ha sido demostrado por cups-pdf. • http://marc.info/?l=bugtraq&m=104152282309980&w=2 http://www.debian.org/security/2003/dsa-222 http://www.debian.org/security/2003/dsa-226 http://www.debian.org/security/2003/dsa-232 http://www.idefense.com/advisory/12.23.02.txt http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001 http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:002 http://www.novell.com/linux/security/advisories/2003_002_cups.html http://www.redhat.com/support/errata/ •