Unrated severityNVD Advisory· Published Dec 31, 2005· Updated Apr 16, 2026
CVE-2005-3625
CVE-2005-3625
Description
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."
Affected products
127cpe:2.3:a:easy_software_products:cups:1.1.22:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:easy_software_products:cups:1.1.22:*:*:*:*:*:*:*
- cpe:2.3:a:easy_software_products:cups:1.1.22_rc1:*:*:*:*:*:*:*
- cpe:2.3:a:easy_software_products:cups:1.1.23:*:*:*:*:*:*:*
- cpe:2.3:a:easy_software_products:cups:1.1.23_rc1:*:*:*:*:*:*:*
cpe:2.3:a:kde:kdegraphics:3.2:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:kde:kdegraphics:3.2:*:*:*:*:*:*:*
- cpe:2.3:a:kde:kdegraphics:3.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:libextractor:libextractor:*:*:*:*:*:*:*:*
- cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*+ 24 more
- cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*
- cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:*
- cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:*:*:*:*:*:*
- cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:x86-64:*:*:*:*:*
- cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*
- cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86-64:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*
- cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*
- cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
- cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*+ 11 more
- cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:fedora_core:core_4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*
- cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*
cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*
- cpe:2.3:o:sco:openserver:6.0:*:*:*:*:*:*:*
cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:o:slackware:slackware_linux:10.1:*:*:*:*:*:*:*
- cpe:2.3:o:slackware:slackware_linux:10.2:*:*:*:*:*:*:*
- cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*+ 16 more
- cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:10.0:*:professional:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:9.0:*:personal:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:9.0:*:professional:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:9.0:*:s_390:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:9.1:*:personal:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:9.1:*:professional:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:9.2:*:personal:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:9.2:*:professional:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:9.3:*:personal:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:9.3:*:professional:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:9.3:*:x86_64:*:*:*:*:*
cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*
- cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*
- cpe:2.3:o:trustix:secure_linux:3.0:*:*:*:*:*:*:*
cpe:2.3:o:turbolinux:turbolinux:10:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:turbolinux:turbolinux:10:*:*:*:*:*:*:*
- cpe:2.3:o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*
cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_hosting_edition:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_hosting_edition:*:*:*:*:*:*:*
- cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_workgroup_edition:*:*:*:*:*:*:*
- cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*
- cpe:2.3:o:turbolinux:turbolinux_home:*:*:*:*:*:*:*:*
- cpe:2.3:o:turbolinux:turbolinux_multimedia:*:*:*:*:*:*:*:*
- cpe:2.3:o:turbolinux:turbolinux_personal:*:*:*:*:*:*:*:*
cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*
- cpe:2.3:o:turbolinux:turbolinux_server:10.0_x86:*:*:*:*:*:*:*
- cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*
cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*+ 7 more
- cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*
- cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*
- cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*
- cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*
- cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*
- cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*
- cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*
- cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
85- lists.suse.com/archive/suse-security-announce/2006-Jan/0001.htmlnvdPatch
- rhn.redhat.com/errata/RHSA-2006-0177.htmlnvdPatchVendor Advisory
- secunia.com/advisories/18303nvdPatchVendor Advisory
- secunia.com/advisories/18312nvdPatchVendor Advisory
- secunia.com/advisories/18313nvdPatchVendor Advisory
- secunia.com/advisories/18334nvdPatchVendor Advisory
- secunia.com/advisories/18335nvdPatchVendor Advisory
- secunia.com/advisories/18338nvdPatchVendor Advisory
- secunia.com/advisories/18349nvdPatchVendor Advisory
- secunia.com/advisories/18385nvdPatchVendor Advisory
- secunia.com/advisories/18387nvdPatchVendor Advisory
- secunia.com/advisories/18389nvdPatchVendor Advisory
- secunia.com/advisories/18398nvdPatchVendor Advisory
- secunia.com/advisories/18407nvdPatchVendor Advisory
- secunia.com/advisories/18416nvdPatchVendor Advisory
- secunia.com/advisories/18423nvdPatchVendor Advisory
- secunia.com/advisories/18448nvdPatchVendor Advisory
- secunia.com/advisories/18517nvdPatchVendor Advisory
- secunia.com/advisories/18534nvdPatchVendor Advisory
- secunia.com/advisories/18554nvdPatchVendor Advisory
- secunia.com/advisories/18582nvdPatchVendor Advisory
- www.debian.org/security/2006/dsa-936nvdPatchVendor Advisory
- www.debian.org/security/2006/dsa-950nvdPatchVendor Advisory
- www.debian.org/security/2006/dsa-961nvdPatchVendor Advisory
- www.gentoo.org/security/en/glsa/glsa-200601-02.xmlnvdPatchVendor Advisory
- www.kde.org/info/security/advisory-20051207-2.txtnvdPatchVendor Advisory
- www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.htmlnvdPatch
- www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.htmlnvdPatch
- www.redhat.com/support/errata/RHSA-2006-0160.htmlnvdPatchVendor Advisory
- www.securityfocus.com/bid/16143nvdPatch
- scary.beasts.org/security/CESA-2005-003.txtnvdExploit
- secunia.com/advisories/18329nvdVendor Advisory
- secunia.com/advisories/18332nvdVendor Advisory
- secunia.com/advisories/18375nvdVendor Advisory
- secunia.com/advisories/18642nvdVendor Advisory
- secunia.com/advisories/18644nvdVendor Advisory
- secunia.com/advisories/18674nvdVendor Advisory
- secunia.com/advisories/18675nvdVendor Advisory
- secunia.com/advisories/18679nvdVendor Advisory
- secunia.com/advisories/18908nvdVendor Advisory
- ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txtnvd
- patches.sgi.com/support/free/security/advisories/20051201-01-Unvd
- patches.sgi.com/support/free/security/advisories/20060101-01-Unvd
- patches.sgi.com/support/free/security/advisories/20060201-01-Unvd
- secunia.com/advisories/18147nvd
- secunia.com/advisories/18373nvd
- secunia.com/advisories/18380nvd
- secunia.com/advisories/18414nvd
- secunia.com/advisories/18425nvd
- secunia.com/advisories/18428nvd
- secunia.com/advisories/18436nvd
- secunia.com/advisories/18463nvd
- secunia.com/advisories/18913nvd
- secunia.com/advisories/19230nvd
- secunia.com/advisories/19377nvd
- secunia.com/advisories/25729nvd
- slackware.com/security/viewer.phpnvd
- slackware.com/security/viewer.phpnvd
- sunsolve.sun.com/search/document.donvd
- www.debian.org/security/2005/dsa-931nvd
- www.debian.org/security/2005/dsa-932nvd
- www.debian.org/security/2005/dsa-937nvd
- www.debian.org/security/2005/dsa-938nvd
- www.debian.org/security/2005/dsa-940nvd
- www.debian.org/security/2006/dsa-962nvd
- www.gentoo.org/security/en/glsa/glsa-200601-17.xmlnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.htmlnvd
- www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.htmlnvd
- www.redhat.com/support/errata/RHSA-2006-0163.htmlnvd
- www.securityfocus.com/archive/1/427053/100/0/threadednvd
- www.securityfocus.com/archive/1/427990/100/0/threadednvd
- www.trustix.org/errata/2006/0002/nvd
- www.vupen.com/english/advisories/2006/0047nvd
- www.vupen.com/english/advisories/2007/2280nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/24023nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575nvd
- usn.ubuntu.com/236-1/nvd
News mentions
0No linked articles in our index yet.