[Poppler-bugs] [Bug 6588] New: CVE-2006-1244
bugzilla-daemon at annarchy.freedesktop.org
bugzilla-daemon at annarchy.freedesktop.org
Thu Apr 13 01:26:52 PDT 2006
Please do not reply to this email: if you want to comment on the bug, go to
the URL shown below and enter yourcomments there.
https://bugs.freedesktop.org/show_bug.cgi?id=6588
Summary: CVE-2006-1244
Product: poppler
Version: unspecified
Platform: PC
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-
1244
OS/Version: Linux
Status: NEW
Severity: critical
Priority: P2
Component: general
AssignedTo: poppler-bugs at lists.freedesktop.org
ReportedBy: ondrej at sury.org
Unspecified vulnerability in certain versions of xpdf after 3.00, as used in
various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, has
unknown impact and user-complicit attack vectors, possibly involving errors in
(1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc,
and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA
979, which is based on changes that were made after other vulnerabilities such
as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed. Some of
these newer fixes appear to be security-relevant, although it is not clear if
they fix specific issues or are defensive in nature.
--
Configure bugmail: https://bugs.freedesktop.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the Poppler-bugs
mailing list