CVE-2005-2097

Gentoo Linux Security Advisory 200508-8

Severity Score

5.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temporary file to be created when xpdf attempts to reconstruct the information.

infamous41md and Chris Evans discovered several heap based buffer overflows in xpdf, the Portable Document Format (PDF) suite, which is also present in libextractor, a library to extract arbitrary meta-data from files, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2005-06-30 CVE Reserved
2005-08-10 CVE Published
2024-08-07 CVE Updated
2025-03-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (24)

URL	Tag	Source
http://secunia.com/advisories/21339	Third Party Advisory
http://secunia.com/advisories/25729	Third Party Advisory
http://www.securityfocus.com/bid/14529	Vdb Entry
http://www.vupen.com/english/advisories/2007/2280	Vdb Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10280	Signature

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt	2018-10-19
http://secunia.com/advisories/17277	2018-10-19
http://secunia.com/advisories/18398	2018-10-19
http://secunia.com/advisories/18407	2018-10-19
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1	2018-10-19
http://www.debian.org/security/2005/dsa-780	2018-10-19
http://www.debian.org/security/2006/dsa-1136	2018-10-19
http://www.debian.org/security/2006/dsa-936	2018-10-19
http://www.mandriva.com/security/advisories?name=MDKSA-2005:138	2018-10-19
http://www.novell.com/linux/security/advisories/2005_19_sr.html	2018-10-19
http://www.redhat.com/support/errata/RHSA-2005-670.html	2018-10-19
http://www.redhat.com/support/errata/RHSA-2005-671.html	2018-10-19
http://www.redhat.com/support/errata/RHSA-2005-706.html	2018-10-19
http://www.redhat.com/support/errata/RHSA-2005-708.html	2018-10-19
http://www.securityfocus.com/archive/1/427053/100/0/threaded	2018-10-19
http://www.securityfocus.com/archive/1/427990/100/0/threaded	2018-10-19
https://usn.ubuntu.com/163-1	2018-10-19
https://access.redhat.com/security/cve/CVE-2005-2097	2005-08-10
https://bugzilla.redhat.com/show_bug.cgi?id=1617684	2005-08-10

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Kde Search vendor "Kde"		Kpdf Search vendor "Kde" for product "Kpdf"				*		-		Affected
Xpdf Search vendor "Xpdf"		Xpdf Search vendor "Xpdf" for product "Xpdf"				3.0 Search vendor "Xpdf" for product "Xpdf" and version "3.0"		-		Affected
Xpdf Search vendor "Xpdf"		Xpdf Search vendor "Xpdf" for product "Xpdf"				3.0_pl2 Search vendor "Xpdf" for product "Xpdf" and version "3.0_pl2"		-		Affected
Xpdf Search vendor "Xpdf"		Xpdf Search vendor "Xpdf" for product "Xpdf"				3.0_pl3 Search vendor "Xpdf" for product "Xpdf" and version "3.0_pl3"		-		Affected