CVE-2006-0301

Publication date 30 January 2006

Last updated 24 July 2024

Ubuntu priority

Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
gpdf	7.04 feisty	Not in release
	6.10 edgy	Fixed 2.10.0-4
	6.06 LTS dapper	Ignored end of life, was needed
kdegraphics	7.04 feisty	Not affected
	6.10 edgy	Not affected
	6.06 LTS dapper	Not affected
libextractor	7.04 feisty	Fixed 0.5.14-1
	6.10 edgy	Fixed 0.5.14-1
	6.06 LTS dapper	Fixed 0.5.14-1
pdftohtml	7.04 feisty	Fixed 0.36-13
	6.10 edgy	Fixed 0.36-13
	6.06 LTS dapper	Fixed 0.36-13
poppler	7.04 feisty	Fixed 0.5.4-0ubuntu8.1
	6.10 edgy	Fixed 0.5.4-0ubuntu4.2
	6.06 LTS dapper	Fixed 0.5.1-0ubuntu7.2
xpdf	7.04 feisty	Fixed 3.01-9ubuntu3
	6.10 edgy	Fixed 3.01-9ubuntu1.1
	6.06 LTS dapper	Fixed 3.01-7ubuntu0.1

CVE-2006-0301

Status

References

Related Ubuntu Security Notices (USN)

Other references