CVE-2004-0889

Publication date 27 January 2005

Last updated 24 July 2024

Ubuntu priority

Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
kdegraphics	7.04 feisty	Fixed 3.5.2-0ubuntu6
	6.10 edgy	Fixed 3.5.2-0ubuntu6
	6.06 LTS dapper	Fixed 3.5.2-0ubuntu6
koffice	7.04 feisty	Fixed 1.6.2-0ubuntu1.1
	6.10 edgy	Fixed 1.5.2-0ubuntu2.2
	6.06 LTS dapper	Fixed 1.5.0-0ubuntu9.2
xpdf	7.04 feisty	Fixed 3.01-9ubuntu3
	6.10 edgy	Fixed 3.01-9ubuntu1.1
	6.06 LTS dapper	Fixed 3.01-7ubuntu0.1

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-14-1
xpdf vulnerabilities
2 November 2004

USN-2-1
xpdf vulnerabilities
23 October 2004

Other references

https://www.cve.org/CVERecord?id=CVE-2004-0889