Vulnerability Report

CVE-2005-3626

Title: Xpdf Denial of Service (DoS)

Denial of Service (DoS)

Proof Of Concept

No public PoC currently indexed for CVE-2005-3626.

CWE Category CWE-399
Published Date Dec 31, 2005
Modified Date Apr 03, 2025
Exploit Status Not Found
Score 5.0 CVSS v2.0
Exploit Probability (EPSS)
3.33%

Vulnerability Summary

CVE-2005-3626: Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.

Impacted Vendors

X
xpdf 1
E
easy_software_products 1
K
kde 4
P
poppler 1
T
tetex 1
S
sgi 1
L
libextractor 1
F
foolabs 1
T
tug 1

Reference Links

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html http://rhn.redhat.com/errata/RHSA-2006-0177.html http://scary.beasts.org/security/CESA-2005-003.txt http://secunia.com/advisories/18147 http://secunia.com/advisories/18303 http://secunia.com/advisories/18312 http://secunia.com/advisories/18313 http://secunia.com/advisories/18329 http://secunia.com/advisories/18332 http://secunia.com/advisories/18334 http://secunia.com/advisories/18335 http://secunia.com/advisories/18338 http://secunia.com/advisories/18349 http://secunia.com/advisories/18373 http://secunia.com/advisories/18375 http://secunia.com/advisories/18380 http://secunia.com/advisories/18385 http://secunia.com/advisories/18387 http://secunia.com/advisories/18389 http://secunia.com/advisories/18398 http://secunia.com/advisories/18407 http://secunia.com/advisories/18414 http://secunia.com/advisories/18416 http://secunia.com/advisories/18423 http://secunia.com/advisories/18425 http://secunia.com/advisories/18428 http://secunia.com/advisories/18436 http://secunia.com/advisories/18448 http://secunia.com/advisories/18463 http://secunia.com/advisories/18517 http://secunia.com/advisories/18534 http://secunia.com/advisories/18554 http://secunia.com/advisories/18582 http://secunia.com/advisories/18642 http://secunia.com/advisories/18644 http://secunia.com/advisories/18674 http://secunia.com/advisories/18675 http://secunia.com/advisories/18679 http://secunia.com/advisories/18908 http://secunia.com/advisories/18913 http://secunia.com/advisories/19230 http://secunia.com/advisories/19377 http://secunia.com/advisories/25729 http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 http://www.debian.org/security/2005/dsa-931 http://www.debian.org/security/2005/dsa-932 http://www.debian.org/security/2005/dsa-937 http://www.debian.org/security/2005/dsa-938 http://www.debian.org/security/2005/dsa-940 http://www.debian.org/security/2006/dsa-936 http://www.debian.org/security/2006/dsa-950 http://www.debian.org/security/2006/dsa-961 http://www.debian.org/security/2006/dsa-962 http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml http://www.kde.org/info/security/advisory-20051207-2.txt http://www.mandriva.com/security/advisories?name=MDKSA-2006:003 http://www.mandriva.com/security/advisories?name=MDKSA-2006:004 http://www.mandriva.com/security/advisories?name=MDKSA-2006:005 http://www.mandriva.com/security/advisories?name=MDKSA-2006:006 http://www.mandriva.com/security/advisories?name=MDKSA-2006:008 http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 http://www.mandriva.com/security/advisories?name=MDKSA-2006:012 http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html http://www.redhat.com/support/errata/RHSA-2006-0160.html http://www.redhat.com/support/errata/RHSA-2006-0163.html http://www.securityfocus.com/archive/1/427053/100/0/threaded http://www.securityfocus.com/archive/1/427990/100/0/threaded http://www.securityfocus.com/bid/16143 http://www.trustix.org/errata/2006/0002/ http://www.vupen.com/english/advisories/2006/0047 http://www.vupen.com/english/advisories/2007/2280 https://exchange.xforce.ibmcloud.com/vulnerabilities/24026 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992 https://usn.ubuntu.com/236-1/ ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html http://rhn.redhat.com/errata/RHSA-2006-0177.html http://scary.beasts.org/security/CESA-2005-003.txt http://secunia.com/advisories/18147 http://secunia.com/advisories/18303 http://secunia.com/advisories/18312 http://secunia.com/advisories/18313 http://secunia.com/advisories/18329 http://secunia.com/advisories/18332 http://secunia.com/advisories/18334 http://secunia.com/advisories/18335 http://secunia.com/advisories/18338 http://secunia.com/advisories/18349 http://secunia.com/advisories/18373 http://secunia.com/advisories/18375 http://secunia.com/advisories/18380 http://secunia.com/advisories/18385 http://secunia.com/advisories/18387 http://secunia.com/advisories/18389 http://secunia.com/advisories/18398 http://secunia.com/advisories/18407 http://secunia.com/advisories/18414 http://secunia.com/advisories/18416 http://secunia.com/advisories/18423 http://secunia.com/advisories/18425 http://secunia.com/advisories/18428 http://secunia.com/advisories/18436 http://secunia.com/advisories/18448 http://secunia.com/advisories/18463 http://secunia.com/advisories/18517 http://secunia.com/advisories/18534 http://secunia.com/advisories/18554 http://secunia.com/advisories/18582 http://secunia.com/advisories/18642 http://secunia.com/advisories/18644 http://secunia.com/advisories/18674 http://secunia.com/advisories/18675 http://secunia.com/advisories/18679 http://secunia.com/advisories/18908 http://secunia.com/advisories/18913 http://secunia.com/advisories/19230 http://secunia.com/advisories/19377 http://secunia.com/advisories/25729 http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683 http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 http://www.debian.org/security/2005/dsa-931 http://www.debian.org/security/2005/dsa-932 http://www.debian.org/security/2005/dsa-937 http://www.debian.org/security/2005/dsa-938 http://www.debian.org/security/2005/dsa-940 http://www.debian.org/security/2006/dsa-936 http://www.debian.org/security/2006/dsa-950 http://www.debian.org/security/2006/dsa-961 http://www.debian.org/security/2006/dsa-962 http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml http://www.kde.org/info/security/advisory-20051207-2.txt http://www.mandriva.com/security/advisories?name=MDKSA-2006:003 http://www.mandriva.com/security/advisories?name=MDKSA-2006:004 http://www.mandriva.com/security/advisories?name=MDKSA-2006:005 http://www.mandriva.com/security/advisories?name=MDKSA-2006:006 http://www.mandriva.com/security/advisories?name=MDKSA-2006:008 http://www.mandriva.com/security/advisories?name=MDKSA-2006:010 http://www.mandriva.com/security/advisories?name=MDKSA-2006:011 http://www.mandriva.com/security/advisories?name=MDKSA-2006:012 http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html http://www.redhat.com/support/errata/RHSA-2006-0160.html http://www.redhat.com/support/errata/RHSA-2006-0163.html http://www.securityfocus.com/archive/1/427053/100/0/threaded http://www.securityfocus.com/archive/1/427990/100/0/threaded http://www.securityfocus.com/bid/16143 http://www.trustix.org/errata/2006/0002/ http://www.vupen.com/english/advisories/2006/0047 http://www.vupen.com/english/advisories/2007/2280 https://exchange.xforce.ibmcloud.com/vulnerabilities/24026 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992 https://usn.ubuntu.com/236-1/
CVSS v2.0
Source Entity [email protected]
Severity MEDIUM
5.0
Access Vector
N/A
Authentication
N/A
RAW VECTOR AV:N/AC:L/Au:N/C:N/I:N/A:P

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2005-3626 Exploits & PoCs (Proof Of Concept)

No public PoCs found in our database for this CVE.

MODIFIED

Vulnerability data or affected products updated.

PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector N/A
Complexity N/A
Privileges N/A
Interaction NONE
CVSS Vector String AV:N/AC:L/Au:N/C:N/I:N/A:P

Affected Stack

No specific products linked.