[Poppler-bugs] [Bug 6588] New: CVE-2006-1244

[bugzilla-daemon at annarchy.freedesktop.org]

Please do not reply to this email: if you want to comment on the bug, go to    
       
the URL shown below and enter yourcomments there.     
   
https://bugs.freedesktop.org/show_bug.cgi?id=6588          
     
           Summary: CVE-2006-1244
           Product: poppler
           Version: unspecified
          Platform: PC
               URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-
                    1244
        OS/Version: Linux
            Status: NEW
          Severity: critical
          Priority: P2
         Component: general
        AssignedTo: poppler-bugs at lists.freedesktop.org
        ReportedBy: ondrej at sury.org


Unspecified vulnerability in certain versions of xpdf after 3.00, as used in
various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, has
unknown impact and user-complicit attack vectors, possibly involving errors in
(1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc,
and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA
979, which is based on changes that were made after other vulnerabilities such
as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed. Some of
these newer fixes appear to be security-relevant, although it is not clear if
they fix specific issues or are defensive in nature.          
     
     
--           
Configure bugmail: https://bugs.freedesktop.org/userprefs.cgi?tab=email         
     
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.