1. Home
  2. CVE Database
  3. CVE-2004-0889
HIGH · 10.0

CVE-2004-0889

Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different...

Vulnerability Description

Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.

CVSS Score

10.0

HIGH

AV:N/AC:L/Au:N/C:C/I:C/A:C
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE

Affected Products

VendorProductVersions
Easy Software ProductsCups1.0.4
GnomeGpdf0.112
KdeKoffice1.3
KdeKpdf3.2
PdftohtmlPdftohtml0.32a
TetexTetex1.0.7
XpdfXpdf0.90
DebianDebian Linux3.0
GentooLinuxAll versions
KdeKde3.2
RedhatEnterprise Linux2.1
RedhatEnterprise Linux Desktop3.0
RedhatFedora Corecore_2.0
RedhatLinux Advanced Workstation2.1
SuseSuse Linux8.0
UbuntuUbuntu Linux4.1

References

FAQ

What is CVE-2004-0889?

CVE-2004-0889 is a vulnerability with a CVSS score of 10.0 (HIGH). Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different...

How severe is CVE-2004-0889?

CVE-2004-0889 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2004-0889?

Check the references section above for vendor advisories and patch information. Affected products include: Easy Software Products Cups, Gnome Gpdf, Kde Koffice, Kde Kpdf, Pdftohtml Pdftohtml.