CVE-2005-3191

Upstream information

CVE-2005-3191 at MITRE

Description

Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KDE kpdf, (d) pdftohtml, (e) KOffice KWord, (f) CUPS, and (g) libextractor allow user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with an out-of-range number of components (numComps), which is used as an array index.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
	National Vulnerability Database
Base Score	5.1
Vector	AV:N/AC:H/Au:N/C:P/I:P/A:P
Access Vector	Network
Access Complexity	High
Authentication	None
Confidentiality Impact	Partial
Integrity Impact	Partial
Availability Impact	Partial

SUSE Bugzilla entries: 137156 [RESOLVED / FIXED], 142106 [RESOLVED / DUPLICATE]

SUSE Security Advisories:

SUSE-SA:2006:001, published Wed, 11 Jan 2006 11:00:00 +0000
SUSE-SR:2005:029, published Fri, 09 Dec 2005 16:00:00 +0000
SUSE-SR:2005:030, published Fri, 16 Dec 2005 16:00:00 +0000
SUSE-SR:2006:001, published Fri, 13 Jan 2006 14:00:00 +0000
SUSE-SR:2006:002, published Fri, 20 Jan 2006 15:00:00 +0000

List of released packages

Product(s)	Fixed package version(s)	References
SUSE LINUX 10.0	`pdftohtml >= 0.36-130.2`
SuSE Linux 9.0 for AMD64 SuSE Linux 9.0 for IA32	`pdftohtml >= 0.36-136`
SUSE LINUX 9.1 for IA32 SUSE LINUX 9.1 for x86-64	`pdftohtml >= 0.36-112.11`
SUSE LINUX 9.2	`pdftohtml >= 0.36-115.10`
SUSE LINUX 9.3	`pdftohtml >= 0.36-129.2`
SUSE LINUX 10.0	`poppler >= 0.4.2-3.2` `poppler-devel >= 0.4.2-3.2`
SuSE Linux Desktop 1.0	`koffice-wordprocessing >= 1.2.1-210`	Builds
SUSE LINUX 10.0	`xpdf >= 3.00-92.2`
SuSE Linux 9.0 for AMD64 SuSE Linux 9.0 for IA32	`xpdf >= 2.02pl1-150`
SUSE LINUX 9.1 for IA32 SUSE LINUX 9.1 for x86-64	`xpdf >= 3.00-64.35`
SUSE LINUX 9.2	`xpdf >= 3.00-78.11`
SUSE LINUX 9.3	`xpdf >= 3.00-87.2`
SUSE LINUX 10.0	`gpdf >= 2.10.0-12.2`
SUSE LINUX 9.1 for IA32 SUSE LINUX 9.1 for x86-64	`gpdf >= 0.112.1-26.10`
SUSE LINUX 9.2	`gpdf >= 0.131-11.10`
SUSE LINUX 9.3	`gpdf >= 2.10.0-4.4`
SUSE LINUX 10.0	`kdegraphics3-pdf >= 3.4.2-12.2`
SUSE LINUX 9.1 for IA32 SUSE LINUX 9.1 for x86-64	`kdegraphics3-pdf >= 3.2.1-67.16`
SUSE LINUX 9.2	`kdegraphics3-pdf >= 3.3.0-13.7`
SUSE LINUX 9.3	`kdegraphics3-pdf >= 3.4.0-11.5`
SLES SDK 9 for IBM S/390 and IBM zSeries SLES SDK 9 for IBM iSeries and IBM pSeries SLES SDK 9 for IBM zSeries SLES SDK 9 for IPF SLES SDK 9 for X86-64 SLES SDK 9 for x86	`xpdf >= 3.00-64.35`	core9.x86 core9.ia64 core9.ppc core9.s390 YOU Patch Nr: 10811
SUSE LINUX Retail Solution 8 SuSE Linux Desktop 1.0 SuSE Linux Enterprise Server 8 for AMD64 SuSE Linux Enterprise Server 8 for IBM iSeries and IBM pSeries SuSE Linux Enterprise Server 8 for IBM zSeries SuSE Linux Enterprise Server 8 for IPF SuSE Linux Openexchange Server 4 SuSE Linux School Server for i386 SuSE Linux Standard Server 8 UnitedLinux 1.0	`cups >= 1.1.15-181`	core9.ia64 core9.ppc sles9-nlpos.x86 core9.s390 core9.x86-64 slox4,2.x86 YOU Patch Nr: 10819
Novell Linux Desktop 9 for x86 Novell Linux Desktop 9 for x86_64 Open Enterprise Server	`cups >= 1.1.20-108.31`	core9.ia64 core9.ppc sles9-nlpos.x86 core9.s390 core9.x86-64 slox4,2.x86 YOU Patch Nr: 10819
SUSE LINUX 10.0	`koffice-wordprocessing >= 1.4.1-10.3`
SuSE Linux 9.0 for AMD64 SuSE Linux 9.0 for IA32	`koffice-wordprocessing >= 1.2.92-89`
SUSE LINUX 9.1 for IA32 SUSE LINUX 9.1 for x86-64	`koffice-wordprocessing >= 1.3-67.4`
SUSE LINUX 9.2	`koffice-wordprocessing >= 1.3.3-3.4`
SUSE LINUX 9.3	`koffice-wordprocessing >= 1.3.5-11.3`
SUSE LINUX 10.0	`cups >= 1.1.23-21.2`
SUSE LINUX 9.3	`cups >= 1.1.23-7.2`