Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Information
Published : 2005-12-30 21:00
Updated : 2018-10-19 08:37
NVD link : CVE-2005-3625
Mitre link : CVE-2005-3625
JSON object : View
CWE
CWE-399
Resource Management Errors
Products Affected
sgi
- propack
turbolinux
- turbolinux_multimedia
- turbolinux_workstation
- turbolinux_personal
- turbolinux_home
- turbolinux
- turbolinux_desktop
- turbolinux_server
- turbolinux_appliance_server
mandrakesoft
- mandrake_linux
- mandrake_linux_corporate_server
tetex
- tetex
kde
- koffice
- kdegraphics
- kword
- kpdf
ubuntu
- ubuntu_linux
conectiva
- linux
redhat
- enterprise_linux
- linux_advanced_workstation
- linux
- fedora_core
- enterprise_linux_desktop
debian
- debian_linux
trustix
- secure_linux
xpdf
- xpdf
sco
- openserver
easy_software_products
- cups
suse
- suse_linux
poppler
- poppler
libextractor
- libextractor
gentoo
- linux
slackware
- slackware_linux