• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Xpdf PDFTOPS Multiple Integer Overflow Vulnerabilities

Bugtraq ID:	11501
Class:	Boundary Condition Error
CVE:	CVE-2004-0888 CVE-2004-0889 CVE-2005-0206 CVE-2008-1374
Remote:	Yes
Local:	No
Published:	Oct 21 2004 12:00AM
Updated:	Aug 06 2008 04:47PM
Credit:	Chris Evans discovered these vulnerabilities.
Vulnerable:	Xpdf Xpdf 3.0 0 Xpdf Xpdf 2.0 3 Xpdf Xpdf 2.0 1 + Conectiva Linux 9.0 + Conectiva Linux 9.0 + Conectiva Linux 9.0 + MandrakeSoft Linux Mandrake 9.1 ppc + MandrakeSoft Linux Mandrake 9.1 ppc + MandrakeSoft Linux Mandrake 9.1 ppc + MandrakeSoft Linux Mandrake 9.1 + MandrakeSoft Linux Mandrake 9.1 + MandrakeSoft Linux Mandrake 9.1 + Terra Soft Solutions Yellow Dog Linux 3.0 Xpdf Xpdf 2.0 Xpdf Xpdf 1.0 1 + Gentoo Linux 1.4 _rc1 + Gentoo Linux 1.4 _rc1 + Gentoo Linux 1.4 _rc1 + Gentoo Linux 1.2 + Gentoo Linux 1.2 + Gentoo Linux 1.2 + MandrakeSoft Corporate Server 2.1 x86_64 + MandrakeSoft Corporate Server 2.1 + MandrakeSoft Corporate Server 2.1 + MandrakeSoft Corporate Server 2.1 + MandrakeSoft Linux Mandrake 9.0 + MandrakeSoft Linux Mandrake 9.0 + MandrakeSoft Linux Mandrake 9.0 + MandrakeSoft Linux Mandrake 8.2 ppc + MandrakeSoft Linux Mandrake 8.2 ppc + MandrakeSoft Linux Mandrake 8.2 ppc + MandrakeSoft Linux Mandrake 8.2 + MandrakeSoft Linux Mandrake 8.2 + MandrakeSoft Linux Mandrake 8.2 + MandrakeSoft Linux Mandrake 8.1 ia64 + MandrakeSoft Linux Mandrake 8.1 ia64 + MandrakeSoft Linux Mandrake 8.1 ia64 + MandrakeSoft Linux Mandrake 8.1 + MandrakeSoft Linux Mandrake 8.1 + MandrakeSoft Linux Mandrake 8.1 + MandrakeSoft Linux Mandrake 8.0 ppc + MandrakeSoft Linux Mandrake 8.0 ppc + MandrakeSoft Linux Mandrake 8.0 ppc + MandrakeSoft Linux Mandrake 8.0 + MandrakeSoft Linux Mandrake 8.0 + MandrakeSoft Linux Mandrake 8.0 + MandrakeSoft Linux Mandrake 7.2 + MandrakeSoft Linux Mandrake 7.2 + MandrakeSoft Linux Mandrake 7.2 Xpdf Xpdf 1.0 0a Xpdf Xpdf 1.0 0 + Debian Linux 3.0 sparc + Debian Linux 3.0 sparc + Debian Linux 3.0 sparc + Debian Linux 3.0 s/390 + Debian Linux 3.0 s/390 + Debian Linux 3.0 s/390 + Debian Linux 3.0 ppc + Debian Linux 3.0 ppc + Debian Linux 3.0 ppc + Debian Linux 3.0 mipsel + Debian Linux 3.0 mipsel + Debian Linux 3.0 mipsel + Debian Linux 3.0 mips + Debian Linux 3.0 mips + Debian Linux 3.0 mips + Debian Linux 3.0 m68k + Debian Linux 3.0 m68k + Debian Linux 3.0 m68k + Debian Linux 3.0 ia-64 + Debian Linux 3.0 ia-64 + Debian Linux 3.0 ia-64 + Debian Linux 3.0 ia-32 + Debian Linux 3.0 ia-32 + Debian Linux 3.0 ia-32 + Debian Linux 3.0 hppa + Debian Linux 3.0 hppa + Debian Linux 3.0 hppa + Debian Linux 3.0 arm + Debian Linux 3.0 arm + Debian Linux 3.0 arm + Debian Linux 3.0 alpha + Debian Linux 3.0 alpha + Debian Linux 3.0 alpha + Debian Linux 3.0 + Debian Linux 3.0 + Debian Linux 3.0 + Turbolinux Turbolinux Server 8.0 + Turbolinux Turbolinux Server 8.0 + Turbolinux Turbolinux Server 8.0 + Turbolinux Turbolinux Workstation 8.0 Xpdf Xpdf 0.93 + Conectiva Linux 8.0 + Conectiva Linux 8.0 + Conectiva Linux 8.0 + Debian Linux 3.0 sparc + Debian Linux 3.0 s/390 + Debian Linux 3.0 s/390 + Debian Linux 3.0 ppc + Debian Linux 3.0 ppc + Debian Linux 3.0 mipsel + Debian Linux 3.0 mipsel + Debian Linux 3.0 mips + Debian Linux 3.0 mips + Debian Linux 3.0 m68k + Debian Linux 3.0 m68k + Debian Linux 3.0 ia-64 + Debian Linux 3.0 ia-64 + Debian Linux 3.0 ia-32 + Debian Linux 3.0 ia-32 + Debian Linux 3.0 hppa + Debian Linux 3.0 hppa + Debian Linux 3.0 arm + Debian Linux 3.0 arm + Debian Linux 3.0 alpha + Debian Linux 3.0 alpha + Debian Linux 3.0 + Debian Linux 3.0 Xpdf Xpdf 0.92 Xpdf Xpdf 0.91 - Debian Linux 2.2 Xpdf Xpdf 0.90 Ubuntu Ubuntu Linux 4.1 ppc Ubuntu Ubuntu Linux 4.1 ia64 Ubuntu Ubuntu Linux 4.1 ia32 Trustix Secure Linux 3.0 Trustix Secure Linux 2.2 Trustix Secure Enterprise Linux 2.0 teTeX teTeX 2.0.2 teTeX teTeX 2.0.1 teTeX teTeX 2.0 teTeX teTeX 1.0.7 teTeX teTeX 1.0.6 + Debian Linux 2.2 sparc + Debian Linux 2.2 sparc + Debian Linux 2.2 powerpc + Debian Linux 2.2 powerpc + Debian Linux 2.2 IA-32 + Debian Linux 2.2 arm + Debian Linux 2.2 arm + Debian Linux 2.2 alpha + Debian Linux 2.2 alpha + Debian Linux 2.2 68k + Debian Linux 2.2 68k + Debian Linux 2.2 + Debian Linux 2.2 + RedHat Linux 6.2 sparc + RedHat Linux 6.2 sparc + RedHat Linux 6.2 i386 + RedHat Linux 6.2 i386 + RedHat Linux 6.2 alpha + RedHat Linux 6.2 alpha + RedHat Linux 6.2 + RedHat Linux 6.2 SGI ProPack 3.0 SGI Advanced Linux Environment 3.0 S.u.S.E. Linux Personal 9.2 x86_64 S.u.S.E. Linux Personal 9.2 S.u.S.E. Linux Personal 9.1 x86_64 S.u.S.E. Linux Personal 9.1 S.u.S.E. Linux Personal 9.0 x86_64 S.u.S.E. Linux Personal 9.0 S.u.S.E. Linux Personal 8.2 S.u.S.E. Linux 8.1 S.u.S.E. Linux 8.0 i386 S.u.S.E. Linux 8.0 S.u.S.E. Linux 7.3 sparc S.u.S.E. Linux 7.3 ppc S.u.S.E. Linux 7.3 i386 S.u.S.E. Linux 7.3 S.u.S.E. Linux 7.2 i386 S.u.S.E. Linux 7.2 S.u.S.E. Linux 7.1 x86 S.u.S.E. Linux 7.1 sparc S.u.S.E. Linux 7.1 ppc S.u.S.E. Linux 7.1 alpha S.u.S.E. Linux 7.1 S.u.S.E. Linux 7.0 sparc S.u.S.E. Linux 7.0 ppc S.u.S.E. Linux 7.0 i386 S.u.S.E. Linux 7.0 alpha S.u.S.E. Linux 7.0 S.u.S.E. Linux 6.4 ppc S.u.S.E. Linux 6.4 i386 S.u.S.E. Linux 6.4 alpha S.u.S.E. Linux 6.4 S.u.S.E. Linux 6.3 ppc S.u.S.E. Linux 6.3 alpha S.u.S.E. Linux 6.3 S.u.S.E. Linux 6.2 S.u.S.E. Linux 6.1 alpha S.u.S.E. Linux 6.1 S.u.S.E. Linux 6.0 S.u.S.E. Linux 5.3 S.u.S.E. Linux 5.2 S.u.S.E. Linux 5.1 S.u.S.E. Linux 5.0 S.u.S.E. Linux 4.4.1 S.u.S.E. Linux 4.4 S.u.S.E. Linux 4.3 S.u.S.E. Linux 4.2 S.u.S.E. Linux 4.0 S.u.S.E. Linux 3.0 S.u.S.E. Linux 2.0 S.u.S.E. Linux 1.0 rPath rPath Linux 1 RedHat Linux 9.0 i386 RedHat Linux 7.3 i386 RedHat Fedora Core3 RedHat Fedora Core2 RedHat Fedora Core1 RedHat Enterprise Linux WS 4 RedHat Enterprise Linux WS 3 RedHat Enterprise Linux WS 2.1 IA64 RedHat Enterprise Linux WS 2.1 RedHat Enterprise Linux ES 4 RedHat Enterprise Linux ES 3 RedHat Enterprise Linux ES 2.1 IA64 RedHat Enterprise Linux ES 2.1 RedHat Enterprise Linux AS 4 RedHat Enterprise Linux AS 3 RedHat Enterprise Linux AS 2.1 IA64 RedHat Enterprise Linux AS 2.1 RedHat Desktop 4.0 RedHat Desktop 3.0 RedHat Advanced Workstation for the Itanium Processor 2.1 IA64 RedHat Advanced Workstation for the Itanium Processor 2.1 PDFTOHTML PDFTOHTML 0.36 PDFTOHTML PDFTOHTML 0.35 PDFTOHTML PDFTOHTML 0.34 PDFTOHTML PDFTOHTML 0.33 a PDFTOHTML PDFTOHTML 0.33 PDFTOHTML PDFTOHTML 0.32 b PDFTOHTML PDFTOHTML 0.32 a MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 KDE kpdf 3.2 KDE KOffice 1.3.3 + MandrakeSoft Linux Mandrake 10.1 x86_64 + MandrakeSoft Linux Mandrake 10.1 KDE KOffice 1.3.2 KDE KOffice 1.3.1 KDE KOffice 1.3 beta3 KDE KOffice 1.3 beta2 KDE KOffice 1.3 beta1 KDE KOffice 1.3 KDE KDE 3.3.1 + RedHat Fedora Core3 KDE KDE 3.3 KDE KDE 3.2.3 KDE KDE 3.2.2 + KDE KDE 3.2.2 + RedHat Fedora Core2 KDE KDE 3.2.1 KDE KDE 3.2 GNOME GPdf 0.131 GNOME GPdf 0.112 GNOME GPdf 0.110 + RedHat Fedora Core1 Gentoo Linux Easy Software Products CUPS 1.1.20 Easy Software Products CUPS 1.1.19 rc5 Easy Software Products CUPS 1.1.19 Easy Software Products CUPS 1.1.18 + Conectiva Linux 9.0 + MandrakeSoft Corporate Server 2.1 x86_64 + MandrakeSoft Corporate Server 2.1 + MandrakeSoft Linux Mandrake 9.0 + MandrakeSoft Multi Network Firewall 2.0 + S.u.S.E. Linux Personal 8.2 Easy Software Products CUPS 1.1.17 + RedHat Desktop 3.0 + RedHat Enterprise Linux AS 3 + RedHat Enterprise Linux ES 3 + RedHat Enterprise Linux WS 3 Easy Software Products CUPS 1.1.16 Easy Software Products CUPS 1.1.15 + Conectiva Linux Enterprise Edition 1.0 + S.u.S.E. Linux 8.1 Easy Software Products CUPS 1.1.14 + Conectiva Linux 8.0 + Debian Linux 3.0 sparc + Debian Linux 3.0 s/390 + Debian Linux 3.0 ppc + Debian Linux 3.0 mipsel + Debian Linux 3.0 mips + Debian Linux 3.0 m68k + Debian Linux 3.0 ia-64 + Debian Linux 3.0 ia-32 + Debian Linux 3.0 hppa + Debian Linux 3.0 arm + Debian Linux 3.0 alpha + Debian Linux 3.0 + MandrakeSoft Linux Mandrake 8.2 ppc + MandrakeSoft Linux Mandrake 8.2 Easy Software Products CUPS 1.1.13 Easy Software Products CUPS 1.1.12 + S.u.S.E. Linux 8.0 i386 + S.u.S.E. Linux 8.0 Easy Software Products CUPS 1.1.10 + Caldera OpenLinux Server 3.1.1 + Caldera OpenLinux Workstation 3.1.1 + Conectiva Linux 7.0 + Conectiva Linux 6.0 + MandrakeSoft Linux Mandrake 8.1 ia64 + MandrakeSoft Linux Mandrake 8.1 + S.u.S.E. Linux 7.3 sparc + S.u.S.E. Linux 7.3 ppc + S.u.S.E. Linux 7.3 i386 Easy Software Products CUPS 1.1.7 Easy Software Products CUPS 1.1.6 + Caldera OpenLinux Server 3.1 + Caldera OpenLinux Workstation 3.1 + MandrakeSoft Linux Mandrake 8.0 ppc + MandrakeSoft Linux Mandrake 8.0 + S.u.S.E. Linux 7.2 i386 + S.u.S.E. Linux 7.1 x86 + S.u.S.E. Linux 7.1 sparc + S.u.S.E. Linux 7.1 ppc + S.u.S.E. Linux 7.1 alpha Easy Software Products CUPS 1.1.4 -5 Easy Software Products CUPS 1.1.4 -3 + MandrakeSoft Linux Mandrake 7.2 Easy Software Products CUPS 1.1.4 -2 + Debian Linux 2.3 Easy Software Products CUPS 1.1.4 Easy Software Products CUPS 1.1.1 + RedHat PowerTools 7.0 Easy Software Products CUPS 1.0.4 -8 + Debian Linux 2.2 Easy Software Products CUPS 1.0.4 Debian Linux 3.0 sparc Debian Linux 3.0 s/390 Debian Linux 3.0 ppc Debian Linux 3.0 mipsel Debian Linux 3.0 mips Debian Linux 3.0 m68k Debian Linux 3.0 ia-64 Debian Linux 3.0 ia-32 Debian Linux 3.0 hppa Debian Linux 3.0 arm Debian Linux 3.0 alpha Debian Linux 3.0 CSTeX cstetex 2.0.2 ASCII pTeX 3.1.4
Not Vulnerable:	KDE KOffice 1.3.4