CVE-2006-1244 : Détail

Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed. Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature.

Métriques

EPSS

Score EPSS

Percentile EPSS

Products Mentioned

Configuraton 0

Gnome>>Gpdf >> Version 2.8.2

Libextractor>>Libextractor >> Version 0.3.6

Libextractor>>Libextractor >> Version 0.3.7

Libextractor>>Libextractor >> Version 0.3.8

Libextractor>>Libextractor >> Version 0.3.9

Libextractor>>Libextractor >> Version 0.3.11

Libextractor>>Libextractor >> Version 0.4

Libextractor>>Libextractor >> Version 0.4.1

Libextractor>>Libextractor >> Version 0.4.2

Libextractor>>Libextractor >> Version 0.5

Xpdf>>Xpdf >> Version 0.90

Xpdf>>Xpdf >> Version 0.91

Xpdf>>Xpdf >> Version 0.92

Xpdf>>Xpdf >> Version 0.93

Xpdf>>Xpdf >> Version 1.0

Xpdf>>Xpdf >> Version 1.0a

Xpdf>>Xpdf >> Version 1.1

Xpdf>>Xpdf >> Version 2.0

Xpdf>>Xpdf >> Version 2.1

Xpdf>>Xpdf >> Version 2.2

Xpdf>>Xpdf >> Version 2.3

Xpdf>>Xpdf >> Version 3.0

Xpdf>>Xpdf >> Version 3.0.1

Xpdf>>Xpdf >> Version 3.0.1_pl1

Xpdf>>Xpdf >> Version 3.0_pl2

Xpdf>>Xpdf >> Version 3.0_pl3

Configuraton 0

Debian>>Debian_linux >> Version 3.1

Debian>>Debian_linux >> Version 3.1

Debian>>Debian_linux >> Version 3.1

Debian>>Debian_linux >> Version 3.1

Debian>>Debian_linux >> Version 3.1

Debian>>Debian_linux >> Version 3.1

Debian>>Debian_linux >> Version 3.1

Debian>>Debian_linux >> Version 3.1

Debian>>Debian_linux >> Version 3.1

Debian>>Debian_linux >> Version 3.1

Debian>>Debian_linux >> Version 3.1

Debian>>Debian_linux >> Version 3.1

Debian>>Debian_linux >> Version 3.1

Références