CVE-2005-3191
pdftohtml - several
EPSS 3.0%
Description
Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KDE kpdf, (d) pdftohtml, (e) KOffice KWord, (f) CUPS, and (g) libextractor allow user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with an out-of-range number of components (numComps), which is used as an array index.
How to fix CVE-2005-3191
To remediate CVE-2005-3191, upgrade the affected package to a fixed version below.
- —upgrade to 1.1.23-13 or later
- —upgrade to 1.1.14-5woody14 or later
- —upgrade to 2.8.2-1.2sarge2 or later
- —upgrade to 4:3.3.2-2sarge3 or later
- —upgrade to 1:1.3.5-4.sarge.2 or later
- —upgrade to 0.5.8-1 or later
- —upgrade to 0.8-2sarge1 or later
- —upgrade to 0.8-2sarge3 or later
- —upgrade to 0.36-11sarge2 or later
- —upgrade to 0.36-11sarge1 or later
- —upgrade to 0.4.2-1.1 or later
- —upgrade to 2.0.2-30sarge4 or later
- —upgrade to 1.00-3.8 or later
- —upgrade to 3.01-3 or later
Is CVE-2005-3191 being exploited?
Low — EPSS is 3.0%, meaning exploitation activity has not been observed at scale.
Affected packages (14)
- from 0, < 1.1.23-13
- from 0, < 1.1.14-5woody14
- from 0, < 2.8.2-1.2sarge2
- from 0, < 4:3.3.2-2sarge3
- from 0, < 1:1.3.5-4.sarge.2
- from 0, < 0.5.8-1
- from 0, < 0.8-2sarge1
- from 0, < 0.8-2sarge3
- from 0, < 0.36-11sarge2
- from 0, < 0.36-11sarge1
- from 0, < 0.4.2-1.1