1.1.22.rc1

DATE	CVE	VULNERABILITY TITLE	RISK
2005-12-31	CVE-2005-3626	Resource Management Errors vulnerability in multiple products Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. network low complexity easy-software-products kde libextractor poppler sgi tetex xpdf conectiva debian gentoo mandrakesoft redhat sco slackware suse trustix turbolinux ubuntu CWE-399	5.0
2005-12-31	CVE-2005-3625	Resource Management Errors vulnerability in multiple products Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins." network low complexity easy-software-products kde libextractor poppler sgi tetex xpdf conectiva debian gentoo mandrakesoft redhat sco slackware suse trustix turbolinux ubuntu CWE-399 critical	10.0
2005-12-31	CVE-2005-3624	Numeric Errors vulnerability in multiple products The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. network low complexity easy-software-products kde libextractor poppler sgi tetex xpdf conectiva debian gentoo mandrakesoft redhat sco slackware suse trustix turbolinux ubuntu CWE-189	5.0
2005-09-13	CVE-2005-2874	Unspecified vulnerability in Easy Software products Cups The is_path_absolute function in scheduler/client.c for the daemon in CUPS before 1.1.23 allows remote attackers to cause a denial of service (CPU consumption by tight loop) via a "..\.." URL in an HTTP request. network low complexity easy-software-products	5.0
2005-01-10	CVE-2004-1270	lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to passwd.new via certain user input that triggers an error message. local low complexity easy-software-products redhat	2.1
2005-01-10	CVE-2004-1269	lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it encounters a file-size resource limit while writing to passwd.new, which causes subsequent invocations of lppasswd to fail. network low complexity easy-software-products redhat	5.0
2005-01-10	CVE-2004-1268	lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file, which allows local users to corrupt the file by filling the associated file system and triggering the write errors. local low complexity easy-software-products redhat	2.1
2005-01-10	CVE-2004-1267	Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Buffer overflow in the ParseCommand function in hpgl-input.c in the hpgltops program for CUPS 1.1.22 allows remote attackers to execute arbitrary code via a crafted HPGL file. network low complexity easy-software-products redhat CWE-119	6.5