漏洞信息详情
多家厂商xpdf JPX流阅读器堆溢出漏洞
- CNNVD编号:CNNVD-200512-111
- 危害等级: 中危
- CVE编号: CVE-2005-3193
- 漏洞类型: 缓冲区溢出
- 发布时间: 2005-12-06
- 威胁类型: 远程
- 更新时间: 2012-12-26
- 厂 商: xpdf
- 漏洞来源: infamous41md infa...
漏洞简介
Xpdf是便携文档格式(PDF)文件的开放源码浏览器。
多家厂商软件版本所捆绑的xpdf中存在堆溢出漏洞。用于解码嵌入JPEG 2000图形的JPX流解析代码没有充分的验证用户输入。xpdf/JPXStream.cc的JPXStream::readCodestream函数中存在基于堆缓冲区溢出漏洞,从PDF文件的用户可控数据读取nXTiles的值,然后在gmallocn()调用中使用nXTiles和nYTiles值,提供给nXTiles和nYTiles的过大值会破坏堆内存,导致拒绝服务或执行任意代码。
漏洞公告
目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/xpd...
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/xpdf-...
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/...
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/xpdf-...
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.01pl1.patch
http://www.foolabs.com/xpdf/download.HTML
参考网址
来源: IDEFENSE
名称: 20051205 Multiple Vendor xpdf JPX Stream Reader Heap Overflow Vulnerability
链接:http://www.idefense.com/application/poi/display?id=345&type=vulnerabilities&flashstatus=true
来源: XF
名称: xpdf-jpx-stream-bo(23441)
链接:http://xforce.iss.net/xforce/xfdb/23441
来源: UBUNTU
名称: USN-227-1
链接:http://www.ubuntulinux.org/usn/usn-227-1
来源: TRUSTIX
名称: TSLSA-2005-0072
链接:http://www.trustix.org/errata/2005/0072/
来源: BID
名称: 15721
链接:http://www.securityfocus.com/bid/15721
来源: BUGTRAQ
名称: 20051207 [KDE Security Advisory] multiple buffer overflows in kpdf/koffice
链接:http://www.securityfocus.com/archive/1/archive/1/418883/100/0/threaded
来源: REDHAT
名称: RHSA-2005:878
链接:http://www.redhat.com/support/errata/RHSA-2005-878.HTML
来源: REDHAT
名称: RHSA-2005:867
链接:http://www.redhat.com/support/errata/RHSA-2005-867.HTML
来源: REDHAT
名称: RHSA-2005:840
链接:http://www.redhat.com/support/errata/RHSA-2005-840.HTML
来源: FEDORA
名称: FEDORA-2005-1142
链接:http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.HTML
来源: FEDORA
名称: FEDORA-2005-1141
链接:http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.HTML
来源: www.kde.org
链接:http://www.kde.org/info/security/advisory-20051207-2.txt
来源: www.kde.org
链接:http://www.kde.org/info/security/advisory-20051207-1.txt
来源: IDEFENSE
名称: 20051205 Multiple Vendor xpdf JPX Stream Reader Heap Overflow Vulnerability
链接:http://www.idefense.com/application/poi/display?id=345&type=vulnerabilities&flashstatus=true
来源: GENTOO
名称: GLSA-200601-02
链接:http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml
来源: GENTOO
名称: GLSA-200512-08
链接:http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml
来源: VUPEN
名称: ADV-2005-2856
链接:http://www.frsirt.com/english/advisories/2005/2856
来源: VUPEN
名称: ADV-2005-2790
链接:http://www.frsirt.com/english/advisories/2005/2790
来源: VUPEN
名称: ADV-2005-2789
链接:http://www.frsirt.com/english/advisories/2005/2789
来源: DEBIAN
名称: DSA-940
链接:http://www.debian.org/security/2005/dsa-940
来源: DEBIAN
名称: DSA-938
链接:http://www.debian.org/security/2005/dsa-938
来源: DEBIAN
名称: DSA-937
链接:http://www.debian.org/security/2005/dsa-937
来源: DEBIAN
名称: DSA-932
链接:http://www.debian.org/security/2005/dsa-932
来源: DEBIAN
名称: DSA-931
链接:http://www.debian.org/security/2005/dsa-931
来源: SECTRACK
名称: 1015324
链接:http://securitytracker.com/id?1015324
来源: SECTRACK
名称: 1015309
链接:http://securitytracker.com/id?1015309
来源: SECUNIA
名称: 18336
链接:http://secunia.com/advisories/18336
来源: SECUNIA
名称: 18313
链接:http://secunia.com/advisories/18313
来源: SECUNIA
名称: 18192
链接:http://secunia.com/advisories/18192
来源: SECUNIA
名称: 18191
链接:http://secunia.com/advisories/18191
来源: SECUNIA
名称: 18189
链接:http://secunia.com/advisories/18189
来源: SECUNIA
名称: 18061
链接:http://secunia.com/advisories/18061
来源: SECUNIA
名称: 18055
链接:http://secunia.com/advisories/18055
来源: SECUNIA
名称: 18009
链接:http://secunia.com/advisories/18009
来源: SECUNIA
名称: 17976
链接:http://secunia.com/advisories/17976
来源: SECUNIA
名称: 17940
链接:http://secunia.com/advisories/17940
来源: SECUNIA
名称: 17929
链接:http://secunia.com/advisories/17929
来源: SECUNIA
名称: 17926
链接:http://secunia.com/advisories/17926
来源: SECUNIA
名称: 17920
链接:http://secunia.com/advisories/17920
来源: SECUNIA
名称: 17916
链接:http://secunia.com/advisories/17916
来源: SECUNIA
名称: 17912
链接:http://secunia.com/advisories/17912
来源: SECUNIA
名称: 17897
链接:http://secunia.com/advisories/17897
来源: REDHAT
名称: RHSA-2005:868
链接:http://rhn.redhat.com/errata/RHSA-2005-868.HTML
来源: MANDRIVA
名称: MDKSA-2006:012
链接:http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:012
来源: MANDRAKE
名称: MDKSA-2006:010
链接:http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:010
来源: MANDRIVA
名称: MDKSA-2006:008
链接:http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:008
来源: MANDRIVA
名称: MDKSA-
受影响实体
- Xpdf Xpdf:0.90
- Xpdf Xpdf:0.91
- Xpdf Xpdf:0.92
- Xpdf Xpdf:0.93
- Xpdf Xpdf:1.0
补丁
暂无
评论