Unrated severityNVD Advisory· Published May 2, 2005· Updated Apr 16, 2026
CVE-2005-0064
CVE-2005-0064
Description
Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value.
Affected products
32cpe:2.3:a:xpdf:xpdf:0.2:*:*:*:*:*:*:*+ 31 more
- cpe:2.3:a:xpdf:xpdf:0.2:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:0.3:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:0.4:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:0.5:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:0.5a:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:0.6:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:0.7:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:0.7a:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:0.80:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:0.91:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:0.91a:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:0.91b:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:0.91c:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:0.92:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:0.92a:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:0.92b:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:0.92c:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:0.92d:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:0.92e:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:0.93:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:0.93a:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:0.93b:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:0.93c:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:1.0a:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:2.3:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
26- ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patchnvdPatch
- distro.conectiva.com.br/atualizacoes/nvdPatchVendor Advisory
- www.debian.org/security/2005/dsa-645nvdPatchVendor Advisory
- www.debian.org/security/2005/dsa-648nvdPatchVendor Advisory
- www.redhat.com/support/errata/RHSA-2005-034.htmlnvdPatchVendor Advisory
- www.redhat.com/support/errata/RHSA-2005-053.htmlnvdPatchVendor Advisory
- www.redhat.com/support/errata/RHSA-2005-057.htmlnvdPatchVendor Advisory
- www.redhat.com/support/errata/RHSA-2005-059.htmlnvdPatchVendor Advisory
- www.redhat.com/support/errata/RHSA-2005-066.htmlnvdPatchVendor Advisory
- www.trustix.org/errata/2005/0003/nvdPatchVendor Advisory
- bugzilla.fedora.us/show_bug.cginvdPatchVendor Advisory
- bugzilla.fedora.us/show_bug.cginvdPatchVendor Advisory
- www.idefense.com/application/poi/displaynvdExploitPatchVendor Advisory
- ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txtnvd
- marc.infonvd
- secunia.com/advisories/17277nvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.redhat.com/support/errata/RHSA-2005-026.htmlnvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11781nvd
- security.gentoo.org/glsa/200501-28nvd
- security.gentoo.org/glsa/200502-10nvd
News mentions
0No linked articles in our index yet.