CVE-2006-0301

Description

Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap.

Category

7.5

CVSS

Severity: High

CVSS 2.0 •

EPSS 3.08% Top 15%

Vendor Advisory sco.com Vendor Advisory mandriva.com Vendor Advisory mandriva.com Vendor Advisory gentoo.org Vendor Advisory redhat.com Vendor Advisory redhat.com Vendor Advisory mandriva.com Vendor Advisory gentoo.org Vendor Advisory debian.org Vendor Advisory debian.org Vendor Advisory redhat.com Vendor Advisory slackware.com Vendor Advisory gentoo.org Vendor Advisory ubuntu.com Vendor Advisory slackware.com Vendor Advisory securityfocus.com Vendor Advisory debian.org Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory kde.org Vendor Advisory securityfocus.com Vendor Advisory vupen.com Vendor Advisory vupen.com

Affected: n/a n/a

References

Link	Tags
http://secunia.com/advisories/18707	third party advisory patch vendor advisory
http://www.vupen.com/english/advisories/2006/0422	vdb entry vendor advisory
http://securitytracker.com/id?1015576	vdb entry patch
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt	patch vendor advisory
http://secunia.com/advisories/18837	third party advisory patch vendor advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/24391	vdb entry
http://secunia.com/advisories/18834	third party advisory patch vendor advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:031	vendor advisory
http://secunia.com/advisories/18983	third party advisory patch vendor advisory
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179046
http://www.mandriva.com/security/advisories?name=MDKSA-2006:030	vendor advisory
http://www.securityfocus.com/archive/1/423899/100/0/threaded	mailing list patch vendor advisory
http://secunia.com/advisories/18864	third party advisory patch vendor advisory
http://www.vupen.com/english/advisories/2006/0389	vdb entry vendor advisory
http://secunia.com/advisories/18677	third party advisory patch vendor advisory
http://www.gentoo.org/security/en/glsa/glsa-200602-12.xml	patch vendor advisory
http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00039.html	patch vendor advisory
http://www.redhat.com/support/errata/RHSA-2006-0201.html	patch vendor advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:032	vendor advisory
http://www.gentoo.org/security/en/glsa/glsa-200602-05.xml	patch vendor advisory
http://secunia.com/advisories/18882	third party advisory patch vendor advisory
http://secunia.com/advisories/18274	third party advisory vendor advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10850	vdb entry signature
http://www.debian.org/security/2006/dsa-974	patch vendor advisory
http://www.debian.org/security/2006/dsa-971	patch vendor advisory
http://secunia.com/advisories/18825	third party advisory patch vendor advisory
http://rhn.redhat.com/errata/RHSA-2006-0206.html	patch vendor advisory
http://www.kde.org/info/security/advisory-20060202-1.txt	patch vendor advisory
http://securityreason.com/securityalert/470	third party advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683	patch vendor advisory
http://secunia.com/advisories/18875	third party advisory vendor advisory
http://www.gentoo.org/security/en/glsa/glsa-200602-04.xml	patch vendor advisory
http://secunia.com/advisories/18860	third party advisory patch vendor advisory
http://secunia.com/advisories/18908	third party advisory patch vendor advisory
http://secunia.com/advisories/18839	third party advisory patch vendor advisory
http://www.ubuntu.com/usn/usn-249-1	patch vendor advisory
http://secunia.com/advisories/18862	third party advisory patch vendor advisory
https://bugzilla.novell.com/show_bug.cgi?id=141242
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747	patch vendor advisory
http://secunia.com/advisories/19377	third party advisory patch vendor advisory
http://www.securityfocus.com/archive/1/427990/100/0/threaded	vendor advisory
http://www.debian.org/security/2006/dsa-972	patch vendor advisory
http://secunia.com/advisories/18913	third party advisory patch vendor advisory
http://secunia.com/advisories/18838	third party advisory patch vendor advisory
http://secunia.com/advisories/18826	third party advisory patch vendor advisory

Frequently Asked Questions

What is the severity of CVE-2006-0301?: CVE-2006-0301 has been scored as a high severity vulnerability.
How to fix CVE-2006-0301?: To fix CVE-2006-0301, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2006-0301 being actively exploited in the wild?: It is possible that CVE-2006-0301 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~3% probability that this vulnerability will be exploited by malicious actors in the next 30 days.

Description

Category

CWE-119 – Improper Restriction of Operations within the Bounds of a Memory Buffer

References

Frequently Asked Questions