| 概要 | Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed. Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature. |
|---|---|
| 公表日 | 2006年3月16日4:06 |
| 登録日 | 2021年1月29日15:33 |
| 最終更新日 | 2018年10月4日6:36 |
| CVSS2.0 : HIGH | |
| スコア | 7.6 |
|---|---|
| ベクター | AV:N/AC:H/Au:N/C:C/I:C/A:C |
| 攻撃元区分(AV) | ネットワーク |
| 攻撃条件の複雑さ(AC) | 高 |
| 攻撃前の認証要否(Au) | 不要 |
| 機密性への影響(C) | 高 |
| 完全性への影響(I) | 高 |
| 可用性への影響(A) | 高 |
| 全ての特権を取得 | いいえ |
| ユーザー権限を取得 | いいえ |
| その他の権限を取得 | いいえ |
| ユーザー操作が必要 | はい |
| 構成1 | 以上 | 以下 | より上 | 未満 | |
| cpe:2.3:a:gnome:gpdf:2.8.2:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:libextractor:libextractor:0.3.6:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:libextractor:libextractor:0.3.7:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:libextractor:libextractor:0.3.8:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:libextractor:libextractor:0.3.9:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:libextractor:libextractor:0.3.11:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:libextractor:libextractor:0.4:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:libextractor:libextractor:0.4.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:libextractor:libextractor:0.4.2:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:libextractor:libextractor:0.5:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:xpdf:xpdf:0.91:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:xpdf:xpdf:0.92:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:xpdf:xpdf:0.93:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:xpdf:xpdf:1.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:xpdf:xpdf:1.0a:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:xpdf:xpdf:2.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:xpdf:xpdf:2.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:xpdf:xpdf:2.2:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:xpdf:xpdf:2.3:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:xpdf:xpdf:3.0.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:xpdf:xpdf:3.0.1_pl1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:xpdf:xpdf:3.0_pl2:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:xpdf:xpdf:3.0_pl3:*:*:*:*:*:*:* | |||||
| 構成2 | 以上 | 以下 | より上 | 未満 | |
| cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:* | |||||
| cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:* | |||||
| cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:* | |||||
| cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:* | |||||
| cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:* | |||||
| cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:* | |||||
| cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:* | |||||
| cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:* | |||||
| cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:* | |||||
| cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:* | |||||
| cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:* | |||||
| cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:* | |||||