CVE-2004-0888

Upstream information

CVE-2004-0888 at MITRE

Description

Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889.

---

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores

	National Vulnerability Database
Base Score	10
Vector	AV:N/AC:L/Au:N/C:C/I:C/A:C
Access Vector	Network
Access Complexity	Low
Authentication	None
Confidentiality Impact	Complete
Integrity Impact	Complete
Availability Impact	Complete

SUSE Bugzilla entries: 373540 [RESOLVED / INVALID], 58082 [RESOLVED / FIXED], 59963 [RESOLVED / FIXED], 62538 [RESOLVED / DUPLICATE], 62730 [RESOLVED / FIXED]

SUSE Security Advisories:

• SUSE-SA:2004:038, published Friday, Oct 22nd 2004 18:00 MEST
• SUSE-SA:2004:039, published Tuesday, Oct 26th 2004 10:30 MEST
• SUSE-SA:2004:040, published Monday, Nov 15th 2004 18:00 MEST
• SUSE-SR:2004:002, published Tuesday, Nov 30th 2004 14:00 MEST
• SUSE-SR:2005:008, published Fri, 18 Mar 2005 15:00:00 +0000

---

SUSE Timeline for this CVE

CVE page created: Fri Jun 28 00:59:27 2013
CVE page last modified: Fri Dec 8 16:10:16 2023