CVE-2005-3191

Severity Score

5.1

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KDE kpdf, (d) pdftohtml, (e) KOffice KWord, (f) CUPS, and (g) libextractor allow user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with an out-of-range number of components (numComps), which is used as an array index.

*Credits: N/A

CVSS Scores

NISTv2 5.1

Attack Vector

Network

Attack Complexity

High

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2005-10-14 CVE Reserved
2005-12-07 CVE Published
2023-06-18 EPSS Updated
2024-08-07 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

CAPEC

References (118)

URL	Tag	Source
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342289	X_refsource_misc
http://secunia.com/advisories/17955	Third Party Advisory
http://secunia.com/advisories/18147	Third Party Advisory
http://secunia.com/advisories/18303	Third Party Advisory
http://secunia.com/advisories/18380	Third Party Advisory
http://secunia.com/advisories/18389	Third Party Advisory
http://secunia.com/advisories/18398	Third Party Advisory
http://secunia.com/advisories/18407	Third Party Advisory
http://secunia.com/advisories/18428	Third Party Advisory
http://secunia.com/advisories/18436	Third Party Advisory
http://secunia.com/advisories/18448	Third Party Advisory
http://secunia.com/advisories/18503	Third Party Advisory
http://secunia.com/advisories/18517	Third Party Advisory
http://secunia.com/advisories/18534	Third Party Advisory
http://secunia.com/advisories/18549	Third Party Advisory
http://secunia.com/advisories/18554	Third Party Advisory
http://secunia.com/advisories/18582	Third Party Advisory
http://secunia.com/advisories/18674	Third Party Advisory
http://secunia.com/advisories/18675	Third Party Advisory
http://secunia.com/advisories/18679	Third Party Advisory
http://secunia.com/advisories/18908	Third Party Advisory
http://secunia.com/advisories/18913	Third Party Advisory
http://secunia.com/advisories/19230	Third Party Advisory
http://secunia.com/advisories/19377	Third Party Advisory
http://secunia.com/advisories/19797	Third Party Advisory
http://secunia.com/advisories/19798	Third Party Advisory
http://secunia.com/advisories/25729	Third Party Advisory
http://secunia.com/advisories/26413	Third Party Advisory
http://securityreason.com/securityalert/233	Third Party Advisory
http://securityreason.com/securityalert/234	Third Party Advisory
http://securitytracker.com/id?1015309	Vdb Entry
http://securitytracker.com/id?1015324	Vdb Entry
http://www.kde.org/info/security/advisory-20051207-1.txt	X_refsource_confirm
http://www.kde.org/info/security/advisory-20051207-2.txt	X_refsource_confirm
http://www.securityfocus.com/archive/1/418883/100/0/threaded	Mailing List
http://www.securityfocus.com/bid/15726	Vdb Entry
http://www.securityfocus.com/bid/15727	Vdb Entry
http://www.vupen.com/english/advisories/2005/2786	Vdb Entry
http://www.vupen.com/english/advisories/2005/2787	Vdb Entry
http://www.vupen.com/english/advisories/2005/2788	Vdb Entry
http://www.vupen.com/english/advisories/2005/2789	Vdb Entry
http://www.vupen.com/english/advisories/2005/2790	Vdb Entry
http://www.vupen.com/english/advisories/2005/2856	Vdb Entry
http://www.vupen.com/english/advisories/2007/2280	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/23443	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/23444	Vdb Entry
https://issues.rpath.com/browse/RPL-1609	X_refsource_confirm
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9760	Signature

URL	Date	SRC

URL	Date	SRC
http://www.idefense.com/application/poi/display?id=342&type=vulnerabilities	2018-10-19
http://www.idefense.com/application/poi/display?id=343&type=vulnerabilities	2018-10-19

URL	Date	SRC
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt	2018-10-19
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt	2018-10-19
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt	2018-10-19
ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U	2018-10-19
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U	2018-10-19
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U	2018-10-19
http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html	2018-10-19
http://rhn.redhat.com/errata/RHSA-2005-868.html	2018-10-19
http://secunia.com/advisories/17897	2018-10-19
http://secunia.com/advisories/17908	2018-10-19
http://secunia.com/advisories/17912	2018-10-19
http://secunia.com/advisories/17916	2018-10-19
http://secunia.com/advisories/17920	2018-10-19
http://secunia.com/advisories/17921	2018-10-19
http://secunia.com/advisories/17926	2018-10-19
http://secunia.com/advisories/17929	2018-10-19
http://secunia.com/advisories/17940	2018-10-19
http://secunia.com/advisories/17976	2018-10-19
http://secunia.com/advisories/18009	2018-10-19
http://secunia.com/advisories/18055	2018-10-19
http://secunia.com/advisories/18061	2018-10-19
http://secunia.com/advisories/18189	2018-10-19
http://secunia.com/advisories/18191	2018-10-19
http://secunia.com/advisories/18192	2018-10-19
http://secunia.com/advisories/18313	2018-10-19
http://secunia.com/advisories/18336	2018-10-19
http://secunia.com/advisories/18349	2018-10-19
http://secunia.com/advisories/18385	2018-10-19
http://secunia.com/advisories/18387	2018-10-19
http://secunia.com/advisories/18416	2018-10-19
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683	2018-10-19
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747	2018-10-19
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1	2018-10-19
http://www.debian.org/security/2005/dsa-931	2018-10-19
http://www.debian.org/security/2005/dsa-932	2018-10-19
http://www.debian.org/security/2005/dsa-937	2018-10-19
http://www.debian.org/security/2005/dsa-938	2018-10-19
http://www.debian.org/security/2005/dsa-940	2018-10-19
http://www.debian.org/security/2006/dsa-936	2018-10-19
http://www.debian.org/security/2006/dsa-950	2018-10-19
http://www.debian.org/security/2006/dsa-961	2018-10-19
http://www.debian.org/security/2006/dsa-962	2018-10-19
http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml	2018-10-19
http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml	2018-10-19
http://www.mandriva.com/security/advisories?name=MDKSA-2006:003	2018-10-19
http://www.mandriva.com/security/advisories?name=MDKSA-2006:004	2018-10-19
http://www.mandriva.com/security/advisories?name=MDKSA-2006:005	2018-10-19
http://www.mandriva.com/security/advisories?name=MDKSA-2006:006	2018-10-19
http://www.mandriva.com/security/advisories?name=MDKSA-2006:008	2018-10-19
http://www.mandriva.com/security/advisories?name=MDKSA-2006:010	2018-10-19
http://www.mandriva.com/security/advisories?name=MDKSA-2006:011	2018-10-19
http://www.mandriva.com/security/advisories?name=MDKSA-2006:012	2018-10-19
http://www.novell.com/linux/security/advisories/2005_29_sr.html	2018-10-19
http://www.novell.com/linux/security/advisories/2006_02_sr.html	2018-10-19
http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html	2018-10-19
http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html	2018-10-19
http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html	2018-10-19
http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html	2018-10-19
http://www.redhat.com/support/errata/RHSA-2005-840.html	2018-10-19
http://www.redhat.com/support/errata/RHSA-2005-867.html	2018-10-19
http://www.redhat.com/support/errata/RHSA-2005-878.html	2018-10-19
http://www.redhat.com/support/errata/RHSA-2006-0160.html	2018-10-19
http://www.securityfocus.com/archive/1/427053/100/0/threaded	2018-10-19
http://www.securityfocus.com/archive/1/427990/100/0/threaded	2018-10-19
http://www.trustix.org/errata/2005/0072	2018-10-19
http://www.ubuntulinux.org/usn/usn-227-1	2018-10-19
https://access.redhat.com/security/cve/CVE-2005-3191	2006-01-19
https://bugzilla.redhat.com/show_bug.cgi?id=1617796	2006-01-19

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Xpdf Search vendor "Xpdf"		Xpdf Search vendor "Xpdf" for product "Xpdf"				0.90 Search vendor "Xpdf" for product "Xpdf" and version "0.90"		-		Affected
Xpdf Search vendor "Xpdf"		Xpdf Search vendor "Xpdf" for product "Xpdf"				0.91 Search vendor "Xpdf" for product "Xpdf" and version "0.91"		-		Affected
Xpdf Search vendor "Xpdf"		Xpdf Search vendor "Xpdf" for product "Xpdf"				0.92 Search vendor "Xpdf" for product "Xpdf" and version "0.92"		-		Affected
Xpdf Search vendor "Xpdf"		Xpdf Search vendor "Xpdf" for product "Xpdf"				0.93 Search vendor "Xpdf" for product "Xpdf" and version "0.93"		-		Affected
Xpdf Search vendor "Xpdf"		Xpdf Search vendor "Xpdf" for product "Xpdf"				1.0 Search vendor "Xpdf" for product "Xpdf" and version "1.0"		-		Affected
Xpdf Search vendor "Xpdf"		Xpdf Search vendor "Xpdf" for product "Xpdf"				1.0a Search vendor "Xpdf" for product "Xpdf" and version "1.0a"		-		Affected
Xpdf Search vendor "Xpdf"		Xpdf Search vendor "Xpdf" for product "Xpdf"				1.1 Search vendor "Xpdf" for product "Xpdf" and version "1.1"		-		Affected
Xpdf Search vendor "Xpdf"		Xpdf Search vendor "Xpdf" for product "Xpdf"				2.0 Search vendor "Xpdf" for product "Xpdf" and version "2.0"		-		Affected
Xpdf Search vendor "Xpdf"		Xpdf Search vendor "Xpdf" for product "Xpdf"				2.1 Search vendor "Xpdf" for product "Xpdf" and version "2.1"		-		Affected
Xpdf Search vendor "Xpdf"		Xpdf Search vendor "Xpdf" for product "Xpdf"				2.2 Search vendor "Xpdf" for product "Xpdf" and version "2.2"		-		Affected
Xpdf Search vendor "Xpdf"		Xpdf Search vendor "Xpdf" for product "Xpdf"				2.3 Search vendor "Xpdf" for product "Xpdf" and version "2.3"		-		Affected
Xpdf Search vendor "Xpdf"		Xpdf Search vendor "Xpdf" for product "Xpdf"				3.0 Search vendor "Xpdf" for product "Xpdf" and version "3.0"		-		Affected
Xpdf Search vendor "Xpdf"		Xpdf Search vendor "Xpdf" for product "Xpdf"				3.0.1 Search vendor "Xpdf" for product "Xpdf" and version "3.0.1"		-		Affected
Xpdf Search vendor "Xpdf"		Xpdf Search vendor "Xpdf" for product "Xpdf"				3.0_pl2 Search vendor "Xpdf" for product "Xpdf" and version "3.0_pl2"		-		Affected
Xpdf Search vendor "Xpdf"		Xpdf Search vendor "Xpdf" for product "Xpdf"				3.0_pl3 Search vendor "Xpdf" for product "Xpdf" and version "3.0_pl3"		-		Affected