Vulnerabilities > CVE-2006-1244

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed. Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature.

Nessus

  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-983.NASL
    descriptionDerek Noonburg has fixed several potential vulnerabilities in xpdf, which are also present in pdftohtml, a utility that translates PDF documents into HTML format.
    last seen2020-06-01
    modified2020-06-02
    plugin id22849
    published2006-10-14
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/22849
    titleDebian DSA-983-1 : pdftohtml - several vulnerabilities
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-979.NASL
    descriptionDerek Noonburg has fixed several potential vulnerabilities in xpdf, the Portable Document Format (PDF) suite, which are also present in pdfkit.framework, the GNUstep framework for rendering PDF content.
    last seen2020-06-01
    modified2020-06-02
    plugin id22845
    published2006-10-14
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/22845
    titleDebian DSA-979-1 : pdfkit.framework - several vulnerabilities
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-270-1.NASL
    descriptionDerek Noonburg discovered several integer overflows in the XPDF code, which is present in xpdf, the Poppler library, and tetex-bin. By tricking an user into opening a specially crafted PDF file, an attacker could exploit this to execute arbitrary code with the privileges of the application that processes the document. The CUPS printing system also uses XPDF code to convert PDF files to PostScript. By attempting to print such a crafted PDF file, a remote attacker could execute arbitrary code with the privileges of the printer server (user
    last seen2020-06-01
    modified2020-06-02
    plugin id21234
    published2006-04-17
    reporterUbuntu Security Notice (C) 2006-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/21234
    titleUbuntu 4.10 / 5.04 / 5.10 : kdegraphics, koffice, xpdf, cupsys, poppler, tetex-bin vulnerabilities (USN-270-1)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-982.NASL
    descriptionDerek Noonburg has fixed several potential vulnerabilities in xpdf, which are also present in gpdf, the Portable Document Format (PDF) viewer with Gtk bindings.
    last seen2020-06-01
    modified2020-06-02
    plugin id22848
    published2006-10-14
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/22848
    titleDebian DSA-982-1 : gpdf - several vulnerabilities
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1019.NASL
    descriptionDerek Noonburg has fixed several potential vulnerabilities in xpdf, the Portable Document Format (PDF) suite, which is also present in koffice, the KDE Office Suite.
    last seen2020-06-01
    modified2020-06-02
    plugin id22561
    published2006-10-14
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/22561
    titleDebian DSA-1019-1 : koffice - several vulnerabilities
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-984.NASL
    descriptionDerek Noonburg has fixed several potential vulnerabilities in xpdf, the Portable Document Format (PDF) suite. The old stable distribution (woody) does not seem to be affected.
    last seen2020-06-01
    modified2020-06-02
    plugin id22850
    published2006-10-14
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/22850
    titleDebian DSA-984-1 : xpdf - several vulnerabilities