Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2006-1244

Опубликовано: 15 мар. 2006
Источник: nvd
CVSS2: 7.6
EPSS Низкий

Описание

Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed. Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:gnome:gpdf:2.8.2:*:*:*:*:*:*:*
cpe:2.3:a:libextractor:libextractor:0.3.6:*:*:*:*:*:*:*
cpe:2.3:a:libextractor:libextractor:0.3.7:*:*:*:*:*:*:*
cpe:2.3:a:libextractor:libextractor:0.3.8:*:*:*:*:*:*:*
cpe:2.3:a:libextractor:libextractor:0.3.9:*:*:*:*:*:*:*
cpe:2.3:a:libextractor:libextractor:0.3.11:*:*:*:*:*:*:*
cpe:2.3:a:libextractor:libextractor:0.4:*:*:*:*:*:*:*
cpe:2.3:a:libextractor:libextractor:0.4.1:*:*:*:*:*:*:*
cpe:2.3:a:libextractor:libextractor:0.4.2:*:*:*:*:*:*:*
cpe:2.3:a:libextractor:libextractor:0.5:*:*:*:*:*:*:*
cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*
cpe:2.3:a:xpdf:xpdf:0.91:*:*:*:*:*:*:*
cpe:2.3:a:xpdf:xpdf:0.92:*:*:*:*:*:*:*
cpe:2.3:a:xpdf:xpdf:0.93:*:*:*:*:*:*:*
cpe:2.3:a:xpdf:xpdf:1.0:*:*:*:*:*:*:*
cpe:2.3:a:xpdf:xpdf:1.0a:*:*:*:*:*:*:*
cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*
cpe:2.3:a:xpdf:xpdf:2.0:*:*:*:*:*:*:*
cpe:2.3:a:xpdf:xpdf:2.1:*:*:*:*:*:*:*
cpe:2.3:a:xpdf:xpdf:2.2:*:*:*:*:*:*:*
cpe:2.3:a:xpdf:xpdf:2.3:*:*:*:*:*:*:*
cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*
cpe:2.3:a:xpdf:xpdf:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:xpdf:xpdf:3.0.1_pl1:*:*:*:*:*:*:*
cpe:2.3:a:xpdf:xpdf:3.0_pl2:*:*:*:*:*:*:*
cpe:2.3:a:xpdf:xpdf:3.0_pl3:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*

EPSS

Процентиль: 87%
0.03472
Низкий

7.6 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

ubuntu логотип

CVE-2006-1244

ubuntu
больше 19 лет назад

Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed. Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature.

debian логотип

CVE-2006-1244

debian
больше 19 лет назад

Unspecified vulnerability in certain versions of xpdf after 3.00, as u ...

github логотип

GHSA-2hp4-p7vf-34wc

github
больше 3 лет назад

Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed. Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature.

EPSS

Процентиль: 87%
0.03472
Низкий

7.6 High

CVSS2

Дефекты

NVD-CWE-Other