CVE-2005-3625

Loading...

General

Score:10.0/10.0
Severity:High
Category:Resource Management Error

Impact Metrics

Confidentiality:Complete
Integrity:Complete
Availability:Complete

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Relative vulnerabilities

CVE-2005-3191, CVE-2005-3192, CVE-2005-3193, CVE-2005-3624, CVE-2005-3626, CVE-2005-3627, CVE-2005-3628

Published on 31/12/05 - Updated on 19/10/18

Description

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."

Category: Resource Management Error

CWE-399 (Resource Management Errors)
Weaknesses in this category are related to improper management of system resources.

Security Notices

US National Vulnerability DatabaseCVE-2005-3625
Renater 2006/VULN007, 2006/VULN025

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
conectivalinux
debiandebian_linux
easy_software_productscups
gentoolinux
kdekdegraphics
kdekoffice
kdekpdf
kdekword
libextractorlibextractor
mandrakesoftmandrake_linux
mandrakesoftmandrake_linux_corporate_server
popplerpoppler
redhatenterprise_linux
redhatenterprise_linux_desktop
redhatfedora_core
redhatlinux
redhatlinux_advanced_workstation
scoopenserver
sgipropack
slackwareslackware_linux
susesuse_linux
tetextetex
trustixsecure_linux
turbolinuxturbolinux
turbolinuxturbolinux_appliance_server
turbolinuxturbolinux_desktop
turbolinuxturbolinux_home
turbolinuxturbolinux_multimedia
turbolinuxturbolinux_personal
turbolinuxturbolinux_server
turbolinuxturbolinux_workstation
ubuntuubuntu_linux
xpdfxpdf

Share this vulnerability with:

Twitter Facebook LinkedIn Mail