Описание
Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| xpdf | fixed | 3.00-13 | package | |
| gpdf | fixed | 2.8.2-1.2 | package | |
| pdftohtml | fixed | 0.36-11 | package | |
| kdegraphics | fixed | 4:3.3.2-2 | package | |
| tetex-bin | fixed | 2.0.2-26 | package | |
| cupsys | fixed | 1.1.22-6 | package | |
| cups | fixed | 1.1.22-6 | package |
Примечания
cupsys switched to an xpdf-utils wrapper in version 1.1.22-6.
In version 1.1.23-13, the dormant code in the source
package was fixed.
EPSS
Связанные уязвимости
Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value.
Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value.
Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value.
Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value.
EPSS