Vulnerability Description
Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Xpdf | Xpdf | All versions |
Related Weaknesses (CWE)
References
- ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txtPatchVendor Advisory
- http://rhn.redhat.com/errata/RHSA-2006-0206.htmlPatchVendor Advisory
- http://secunia.com/advisories/18274Vendor Advisory
- http://secunia.com/advisories/18677PatchVendor Advisory
- http://secunia.com/advisories/18707PatchVendor Advisory
- http://secunia.com/advisories/18825PatchVendor Advisory
- http://secunia.com/advisories/18826PatchVendor Advisory
- http://secunia.com/advisories/18834PatchVendor Advisory
- http://secunia.com/advisories/18837PatchVendor Advisory
- http://secunia.com/advisories/18838PatchVendor Advisory
- http://secunia.com/advisories/18839PatchVendor Advisory
- http://secunia.com/advisories/18860PatchVendor Advisory
- http://secunia.com/advisories/18862PatchVendor Advisory
- http://secunia.com/advisories/18864PatchVendor Advisory
- http://secunia.com/advisories/18875Vendor Advisory
FAQ
What is CVE-2006-0301?
CVE-2006-0301 is a vulnerability with a CVSS score of 7.5 (HIGH). Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of servi...
How severe is CVE-2006-0301?
CVE-2006-0301 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-0301?
Check the references section above for vendor advisories and patch information. Affected products include: Xpdf Xpdf.