New Search

Stream.cc in Xpdf as used in products such as gpdf kpdf pdftohtml poppler teTeX CUPS libextractor and others allows attackers to modify memory and possibly execute arbitrary code via a DCTDecode stream with (1) a large "number of components" value that is not checked by DCTStream::readBaselineSOF or DCTStream::readProgressiveSOF (2) a large "Huffman table index" value that is not checked by DCTStream::readHuffmanTables and (3) certain uses of the scanInfo.numComps value by DCTStream::readScanInfo.

oval:org.mitre.oval:def:10200

Stream.cc in Xpdf as used in products such as gpdf kpdf pdftohtml poppler teTeX CUPS libextractor and others allows attackers to modify memory and possibly execute arbitrary code via a DCTDecode stream with (1) a large "number of components" value that is not checked by DCTStream::readBaselineSOF or DCTStream::readProgressiveSOF (2) a large "Huffman table index" value that is not checked by DCTStream::readHuffmanTables and (3) certain uses of the scanInfo.numComps value by DCTStream::readScanInfo.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • CentOS Linux 4
  • CentOS Linux 3
  • Oracle Linux 4
  • Red Hat Enterprise Linux 4
  • Red Hat Enterprise Linux 3
Class:
vulnerability
Reference(s):
  • CVE-2005-3627
Product(s):