CVE-2005-0206

Description

The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.

Affected products

• ascii / ptex3.1.4 – 3.1.4
• cstex / cstetex2.0.2 – 2.0.2
• Debian / debian_linux3.0 – 3.0
• Debian / debian_linux3.0 – 3.0
• Debian / debian_linux3.0 – 3.0
• Debian / debian_linux3.0 – 3.0
• Debian / debian_linux3.0 – 3.0
• Debian / debian_linux3.0 – 3.0
• Debian / debian_linux3.0 – 3.0
• Debian / debian_linux3.0 – 3.0
• Debian / debian_linux3.0 – 3.0
• Debian / debian_linux3.0 – 3.0
• Debian / debian_linux3.0 – 3.0
• Debian / debian_linux3.0 – 3.0
• easy_software_products / cups1.1.14 – 1.1.14
• easy_software_products / cups1.1.15 – 1.1.15
• easy_software_products / cups1.1.16 – 1.1.16
• easy_software_products / cups1.1.17 – 1.1.17
• easy_software_products / cups1.1.18 – 1.1.18
• easy_software_products / cups1.1.19 – 1.1.19
• easy_software_products / cups1.1.19_rc5 – 1.1.19_rc5
• easy_software_products / cups1.1.20 – 1.1.20
• easy_software_products / cups1.0.4 – 1.0.4
• easy_software_products / cups1.0.4_8 – 1.0.4_8
• easy_software_products / cups1.1.1 – 1.1.1
• easy_software_products / cups1.1.4 – 1.1.4
• easy_software_products / cups1.1.4_2 – 1.1.4_2
• easy_software_products / cups1.1.4_3 – 1.1.4_3
• easy_software_products / cups1.1.4_5 – 1.1.4_5
• easy_software_products / cups1.1.6 – 1.1.6
• easy_software_products / cups1.1.7 – 1.1.7
• easy_software_products / cups1.1.10 – 1.1.10
• easy_software_products / cups1.1.12 – 1.1.12
• easy_software_products / cups1.1.13 – 1.1.13
• gentoo / linux
• GNOME / gpdf0.131 – 0.131
• GNOME / gpdf0.110 – 0.110
• GNOME / gpdf0.112 – 0.112
• KDE / kde3.2 – 3.2
• KDE / kde3.3.1 – 3.3.1
• KDE / kde3.3 – 3.3
• KDE / kde3.2.3 – 3.2.3
• KDE / kde3.2.2 – 3.2.2
• KDE / kde3.2.1 – 3.2.1
• KDE / koffice1.3_beta2 – 1.3_beta2
• KDE / koffice1.3_beta1 – 1.3_beta1
• KDE / koffice1.3.3 – 1.3.3
• KDE / koffice1.3.2 – 1.3.2
• KDE / koffice1.3.1 – 1.3.1
• KDE / koffice1.3 – 1.3
• KDE / koffice1.3_beta3 – 1.3_beta3
• KDE / kpdf3.2 – 3.2
• mandrakesoft / mandrake_linux_corporate_server3.0 – 3.0
• mandrakesoft / mandrake_linux_corporate_server3.0 – 3.0
• pdftohtml / pdftohtml0.33a – 0.33a
• pdftohtml / pdftohtml0.33 – 0.33
• pdftohtml / pdftohtml0.32a – 0.32a
• pdftohtml / pdftohtml0.36 – 0.36
• pdftohtml / pdftohtml0.32b – 0.32b
• pdftohtml / pdftohtml0.35 – 0.35
• pdftohtml / pdftohtml0.34 – 0.34
• RedHat / enterprise_linux3.0 – 3.0
• RedHat / enterprise_linux2.1 – 2.1
• RedHat / enterprise_linux2.1 – 2.1
• RedHat / enterprise_linux2.1 – 2.1
• RedHat / enterprise_linux2.1 – 2.1
• RedHat / enterprise_linux2.1 – 2.1
• RedHat / enterprise_linux2.1 – 2.1
• RedHat / enterprise_linux3.0 – 3.0
• RedHat / enterprise_linux3.0 – 3.0
• RedHat / enterprise_linux_desktop3.0 – 3.0
• RedHat / fedora_corecore_3.0 – core_3.0
• RedHat / fedora_corecore_1.0 – core_1.0
• RedHat / fedora_corecore_2.0 – core_2.0
• RedHat / linux9.0 – 9.0
• RedHat / linux_advanced_workstation2.1 – 2.1
• RedHat / linux_advanced_workstation2.1 – 2.1
• sgi / advanced_linux_environment3.0 – 3.0
• sgi / propack3.0 – 3.0
• SUSE / suse_linux7.1 – 7.1
• SUSE / suse_linux7.1 – 7.1
• SUSE / suse_linux7.1 – 7.1
• SUSE / suse_linux7.2 – 7.2
• SUSE / suse_linux7.2 – 7.2
• SUSE / suse_linux7.3 – 7.3
• SUSE / suse_linux7.3 – 7.3
• SUSE / suse_linux7.3 – 7.3
• SUSE / suse_linux7.3 – 7.3
• SUSE / suse_linux8.0 – 8.0
• SUSE / suse_linux8.0 – 8.0
• SUSE / suse_linux8.1 – 8.1
• SUSE / suse_linux8.2 – 8.2
• SUSE / suse_linux9.0 – 9.0
• SUSE / suse_linux9.0 – 9.0
• SUSE / suse_linux9.1 – 9.1
• SUSE / suse_linux9.1 – 9.1
• SUSE / suse_linux9.2 – 9.2
• SUSE / suse_linux9.2 – 9.2
• SUSE / suse_linux1.0 – 1.0
• SUSE / suse_linux2.0 – 2.0
• SUSE / suse_linux3.0 – 3.0
• SUSE / suse_linux4.0 – 4.0
• SUSE / suse_linux4.2 – 4.2
• SUSE / suse_linux4.3 – 4.3
• SUSE / suse_linux4.4 – 4.4
• SUSE / suse_linux4.4.1 – 4.4.1
• SUSE / suse_linux5.0 – 5.0
• SUSE / suse_linux5.1 – 5.1
• SUSE / suse_linux5.2 – 5.2
• SUSE / suse_linux5.3 – 5.3
• SUSE / suse_linux6.0 – 6.0
• SUSE / suse_linux6.1 – 6.1
• SUSE / suse_linux6.1 – 6.1
• SUSE / suse_linux6.2 – 6.2
• SUSE / suse_linux6.3 – 6.3
• SUSE / suse_linux6.3 – 6.3
• SUSE / suse_linux6.3 – 6.3
• SUSE / suse_linux6.4 – 6.4
• SUSE / suse_linux6.4 – 6.4
• SUSE / suse_linux6.4 – 6.4
• SUSE / suse_linux6.4 – 6.4
• SUSE / suse_linux7.0 – 7.0
• SUSE / suse_linux7.0 – 7.0
• SUSE / suse_linux7.0 – 7.0
• SUSE / suse_linux7.0 – 7.0
• SUSE / suse_linux7.0 – 7.0
• SUSE / suse_linux7.1 – 7.1
• SUSE / suse_linux7.1 – 7.1
• tetex / tetex2.0.2 – 2.0.2
• tetex / tetex2.0.1 – 2.0.1
• tetex / tetex2.0 – 2.0
• tetex / tetex1.0.7 – 1.0.7
• tetex / tetex1.0.6 – 1.0.6
• Ubuntu / ubuntu_linux4.1 – 4.1
• Ubuntu / ubuntu_linux4.1 – 4.1
• Xpdf / Xpdf2.0 – 2.0
• Xpdf / Xpdf2.1 – 2.1
• Xpdf / Xpdf3.0 – 3.0
• Xpdf / Xpdf0.93 – 0.93
• Xpdf / Xpdf2.3 – 2.3
• Xpdf / Xpdf0.92 – 0.92
• Xpdf / Xpdf0.91 – 0.91
• Xpdf / Xpdf0.90 – 0.90
• Xpdf / Xpdf1.0 – 1.0
• Xpdf / Xpdf1.0a – 1.0a
• Xpdf / Xpdf1.1 – 1.1

References

• MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107
• VENDOR_ADVISORYhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:041
• MISChttp://www.securityfocus.com/bid/11501
• MISChttp://www.redhat.com/support/errata/RHSA-2005-034.html
• VENDOR_ADVISORYhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:056
• VENDOR_ADVISORYhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:043
• MISChttp://www.redhat.com/support/errata/RHSA-2005-213.html
• VENDOR_ADVISORYhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:044
• MISChttp://www.redhat.com/support/errata/RHSA-2005-053.html
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/17818
• VENDOR_ADVISORYhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:052
• MISChttp://www.redhat.com/support/errata/RHSA-2005-132.html
• VENDOR_ADVISORYhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:042
• MISChttp://www.redhat.com/support/errata/RHSA-2005-057.html