NVD Vulnerability Detail

CVE-2006-1244

Summary	Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed. Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature.
Publication Date	March 16, 2006, 4:06 a.m.
Registration Date	Jan. 29, 2021, 3:33 p.m.
Last Update	Oct. 4, 2018, 6:36 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:gnome:gpdf:2.8.2:::::::*
cpe:2.3:a:libextractor:libextractor:0.3.6:::::::*
cpe:2.3:a:libextractor:libextractor:0.3.7:::::::*
cpe:2.3:a:libextractor:libextractor:0.3.8:::::::*
cpe:2.3:a:libextractor:libextractor:0.3.9:::::::*
cpe:2.3:a:libextractor:libextractor:0.3.11:::::::*
cpe:2.3:a:libextractor:libextractor:0.4:::::::*
cpe:2.3:a:libextractor:libextractor:0.4.1:::::::*
cpe:2.3:a:libextractor:libextractor:0.4.2:::::::*
cpe:2.3:a:libextractor:libextractor:0.5:::::::*
cpe:2.3:a:xpdf:xpdf:0.90:::::::*
cpe:2.3:a:xpdf:xpdf:0.91:::::::*
cpe:2.3:a:xpdf:xpdf:0.92:::::::*
cpe:2.3:a:xpdf:xpdf:0.93:::::::*
cpe:2.3:a:xpdf:xpdf:1.0:::::::*
cpe:2.3:a:xpdf:xpdf:1.0a:::::::*
cpe:2.3:a:xpdf:xpdf:1.1:::::::*
cpe:2.3:a:xpdf:xpdf:2.0:::::::*
cpe:2.3:a:xpdf:xpdf:2.1:::::::*
cpe:2.3:a:xpdf:xpdf:2.2:::::::*
cpe:2.3:a:xpdf:xpdf:2.3:::::::*
cpe:2.3:a:xpdf:xpdf:3.0:::::::*
cpe:2.3:a:xpdf:xpdf:3.0.1:::::::*
cpe:2.3:a:xpdf:xpdf:3.0.1_pl1:::::::*
cpe:2.3:a:xpdf:xpdf:3.0_pl2:::::::*
cpe:2.3:a:xpdf:xpdf:3.0_pl3:::::::*

Configuration2	or higher	or less	more than	less than
cpe:2.3:o:debian:debian_linux:3.1:::::::*
cpe:2.3:o:debian:debian_linux:3.1::alpha:::::
cpe:2.3:o:debian:debian_linux:3.1::amd64:::::
cpe:2.3:o:debian:debian_linux:3.1::arm:::::
cpe:2.3:o:debian:debian_linux:3.1::hppa:::::
cpe:2.3:o:debian:debian_linux:3.1::ia-32:::::
cpe:2.3:o:debian:debian_linux:3.1::ia-64:::::
cpe:2.3:o:debian:debian_linux:3.1::m68k:::::
cpe:2.3:o:debian:debian_linux:3.1::mips:::::
cpe:2.3:o:debian:debian_linux:3.1::mipsel:::::
cpe:2.3:o:debian:debian_linux:3.1::ppc:::::
cpe:2.3:o:debian:debian_linux:3.1::s-390:::::
cpe:2.3:o:debian:debian_linux:3.1::sparc:::::

Related information, measures and tools

No	URL	refsource	タグ
1	http://secunia.com/advisories/18948	SECUNIA	Patch Vendor Advisory
2	http://secunia.com/advisories/19021	SECUNIA	Patch Vendor Advisory
3	http://secunia.com/advisories/19065	SECUNIA	Patch Vendor Advisory
4	http://secunia.com/advisories/19091	SECUNIA	Patch Vendor Advisory
5	http://secunia.com/advisories/19164	SECUNIA	Patch Vendor Advisory
6	http://secunia.com/advisories/19364	SECUNIA	Patch Vendor Advisory
7	http://secunia.com/advisories/19644	SECUNIA	Patch Vendor Advisory
8	http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3.diff.gz	MISC	Patch
9	http://www.debian.org/security/2006/dsa-1019	DEBIAN	Patch Vendor Advisory
10	http://www.debian.org/security/2006/dsa-979	DEBIAN	Patch Vendor Advisory
11	http://www.debian.org/security/2006/dsa-982	DEBIAN	Patch Vendor Advisory
12	http://www.debian.org/security/2006/dsa-983	DEBIAN	Patch Vendor Advisory
13	http://www.debian.org/security/2006/dsa-984	DEBIAN	Patch Vendor Advisory
14	http://www.debian.org/security/2006/dsa-998	DEBIAN	Patch Vendor Advisory
15	http://www.osvdb.org/23834	OSVDB
16	http://www.securityfocus.com/bid/16748	BID
17	https://usn.ubuntu.com/270-1/	UBUNTU

Common Vulnerabilities List

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:gnome:gpdf:2.8.2:::::::*
cpe:2.3:a:libextractor:libextractor:0.3.6:::::::*
cpe:2.3:a:libextractor:libextractor:0.3.7:::::::*
cpe:2.3:a:libextractor:libextractor:0.3.8:::::::*
cpe:2.3:a:libextractor:libextractor:0.3.9:::::::*
cpe:2.3:a:libextractor:libextractor:0.3.11:::::::*
cpe:2.3:a:libextractor:libextractor:0.4:::::::*
cpe:2.3:a:libextractor:libextractor:0.4.1:::::::*
cpe:2.3:a:libextractor:libextractor:0.4.2:::::::*
cpe:2.3:a:libextractor:libextractor:0.5:::::::*
cpe:2.3:a:xpdf:xpdf:0.90:::::::*
cpe:2.3:a:xpdf:xpdf:0.91:::::::*
cpe:2.3:a:xpdf:xpdf:0.92:::::::*
cpe:2.3:a:xpdf:xpdf:0.93:::::::*
cpe:2.3:a:xpdf:xpdf:1.0:::::::*
cpe:2.3:a:xpdf:xpdf:1.0a:::::::*
cpe:2.3:a:xpdf:xpdf:1.1:::::::*
cpe:2.3:a:xpdf:xpdf:2.0:::::::*
cpe:2.3:a:xpdf:xpdf:2.1:::::::*
cpe:2.3:a:xpdf:xpdf:2.2:::::::*
cpe:2.3:a:xpdf:xpdf:2.3:::::::*
cpe:2.3:a:xpdf:xpdf:3.0:::::::*
cpe:2.3:a:xpdf:xpdf:3.0.1:::::::*
cpe:2.3:a:xpdf:xpdf:3.0.1_pl1:::::::*
cpe:2.3:a:xpdf:xpdf:3.0_pl2:::::::*
cpe:2.3:a:xpdf:xpdf:3.0_pl3:::::::*

Configuration2	or higher	or less	more than	less than
cpe:2.3:o:debian:debian_linux:3.1:::::::*
cpe:2.3:o:debian:debian_linux:3.1::alpha:::::
cpe:2.3:o:debian:debian_linux:3.1::amd64:::::
cpe:2.3:o:debian:debian_linux:3.1::arm:::::
cpe:2.3:o:debian:debian_linux:3.1::hppa:::::
cpe:2.3:o:debian:debian_linux:3.1::ia-32:::::
cpe:2.3:o:debian:debian_linux:3.1::ia-64:::::
cpe:2.3:o:debian:debian_linux:3.1::m68k:::::
cpe:2.3:o:debian:debian_linux:3.1::mips:::::
cpe:2.3:o:debian:debian_linux:3.1::mipsel:::::
cpe:2.3:o:debian:debian_linux:3.1::ppc:::::
cpe:2.3:o:debian:debian_linux:3.1::s-390:::::
cpe:2.3:o:debian:debian_linux:3.1::sparc:::::