Unrated severityNVD Advisory· Published Dec 7, 2005· Updated Apr 16, 2026
CVE-2005-3193
CVE-2005-3193
Description
Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and (5) libextractor allows user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with large size values that cause insufficient memory to be allocated.
Affected products
15cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*+ 14 more
- cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:0.91:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:0.92:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:0.93:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:1.0a:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:2.3:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:3.0_pl2:*:*:*:*:*:*:*
- cpe:2.3:a:xpdf:xpdf:3.0_pl3:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
111- www.idefense.com/application/poi/displaynvdPatchVendor Advisory
- secunia.com/advisories/17897nvdVendor Advisory
- secunia.com/advisories/17912nvdVendor Advisory
- secunia.com/advisories/17916nvdVendor Advisory
- secunia.com/advisories/17920nvdVendor Advisory
- secunia.com/advisories/17926nvdVendor Advisory
- secunia.com/advisories/17929nvdVendor Advisory
- secunia.com/advisories/17940nvdVendor Advisory
- secunia.com/advisories/17976nvdVendor Advisory
- secunia.com/advisories/18009nvdVendor Advisory
- secunia.com/advisories/18055nvdVendor Advisory
- secunia.com/advisories/18061nvdVendor Advisory
- secunia.com/advisories/18189nvdVendor Advisory
- secunia.com/advisories/18191nvdVendor Advisory
- secunia.com/advisories/18192nvdVendor Advisory
- secunia.com/advisories/18313nvdVendor Advisory
- secunia.com/advisories/18336nvdVendor Advisory
- secunia.com/advisories/18349nvdVendor Advisory
- secunia.com/advisories/18385nvdVendor Advisory
- secunia.com/advisories/18387nvdVendor Advisory
- secunia.com/advisories/18389nvdVendor Advisory
- secunia.com/advisories/18398nvdVendor Advisory
- secunia.com/advisories/18416nvdVendor Advisory
- secunia.com/advisories/18448nvdVendor Advisory
- www.redhat.com/support/errata/RHSA-2005-840.htmlnvdVendor Advisory
- www.redhat.com/support/errata/RHSA-2005-867.htmlnvdVendor Advisory
- www.redhat.com/support/errata/RHSA-2005-878.htmlnvdVendor Advisory
- www.redhat.com/support/errata/RHSA-2006-0160.htmlnvdVendor Advisory
- ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txtnvd
- ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txtnvd
- ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txtnvd
- patches.sgi.com/support/free/security/advisories/20051201-01-Unvd
- patches.sgi.com/support/free/security/advisories/20060101-01-Unvd
- patches.sgi.com/support/free/security/advisories/20060201-01-Unvd
- lists.suse.com/archive/suse-security-announce/2006-Jan/0001.htmlnvd
- rhn.redhat.com/errata/RHSA-2005-868.htmlnvd
- secunia.com/advisories/17955nvd
- secunia.com/advisories/17956nvd
- secunia.com/advisories/17959nvd
- secunia.com/advisories/18147nvd
- secunia.com/advisories/18303nvd
- secunia.com/advisories/18380nvd
- secunia.com/advisories/18407nvd
- secunia.com/advisories/18517nvd
- secunia.com/advisories/18520nvd
- secunia.com/advisories/18534nvd
- secunia.com/advisories/18554nvd
- secunia.com/advisories/18582nvd
- secunia.com/advisories/18674nvd
- secunia.com/advisories/18675nvd
- secunia.com/advisories/18679nvd
- secunia.com/advisories/18908nvd
- secunia.com/advisories/18913nvd
- secunia.com/advisories/19125nvd
- secunia.com/advisories/19230nvd
- secunia.com/advisories/19377nvd
- secunia.com/advisories/19797nvd
- secunia.com/advisories/19798nvd
- secunia.com/advisories/25729nvd
- secunia.com/advisories/26413nvd
- securityreason.com/securityalert/236nvd
- securitytracker.com/idnvd
- securitytracker.com/idnvd
- slackware.com/security/viewer.phpnvd
- slackware.com/security/viewer.phpnvd
- sunsolve.sun.com/search/document.donvd
- www.debian.org/security/2005/dsa-931nvd
- www.debian.org/security/2005/dsa-932nvd
- www.debian.org/security/2005/dsa-937nvd
- www.debian.org/security/2005/dsa-938nvd
- www.debian.org/security/2005/dsa-940nvd
- www.debian.org/security/2006/dsa-936nvd
- www.debian.org/security/2006/dsa-950nvd
- www.debian.org/security/2006/dsa-961nvd
- www.debian.org/security/2006/dsa-962nvd
- www.gentoo.org/security/en/glsa/glsa-200512-08.xmlnvd
- www.gentoo.org/security/en/glsa/glsa-200601-02.xmlnvd
- www.gentoo.org/security/en/glsa/glsa-200603-02.xmlnvd
- www.kde.org/info/security/advisory-20051207-1.txtnvd
- www.kde.org/info/security/advisory-20051207-2.txtnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.novell.com/linux/security/advisories/2005_29_sr.htmlnvd
- www.redhat.com/archives/fedora-announce-list/2005-December/msg00014.htmlnvd
- www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.htmlnvd
- www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.htmlnvd
- www.redhat.com/archives/fedora-announce-list/2005-December/msg00022.htmlnvd
- www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.htmlnvd
- www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.htmlnvd
- www.redhat.com/archives/fedora-announce-list/2005-December/msg00073.htmlnvd
- www.redhat.com/archives/fedora-announce-list/2006-January/msg00043.htmlnvd
- www.securityfocus.com/archive/1/418883/100/0/threadednvd
- www.securityfocus.com/archive/1/427053/100/0/threadednvd
- www.securityfocus.com/archive/1/427990/100/0/threadednvd
- www.securityfocus.com/bid/15721nvd
- www.trustix.org/errata/2005/0072/nvd
- www.ubuntulinux.org/usn/usn-227-1nvd
- www.vupen.com/english/advisories/2005/2787nvd
- www.vupen.com/english/advisories/2005/2789nvd
- www.vupen.com/english/advisories/2005/2790nvd
- www.vupen.com/english/advisories/2005/2856nvd
- www.vupen.com/english/advisories/2007/2280nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/23441nvd
- issues.rpath.com/browse/RPL-1609nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11440nvd
News mentions
0No linked articles in our index yet.