CVE-2005-3193

N/A Unknown

Published: December 07, 2005 Modified: April 16, 2026

Description

Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and (5) libextractor allows user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with large size values that cause insufficient memory to be allocated.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt

Source: cve@mitre.org

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.20/SCOSA-2006.20.txt

Source: cve@mitre.org

ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.21/SCOSA-2006.21.txt

Source: cve@mitre.org

ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U

Source: cve@mitre.org

ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U

Source: cve@mitre.org

ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U

Source: cve@mitre.org

http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html

Source: cve@mitre.org

http://rhn.redhat.com/errata/RHSA-2005-868.html

Source: cve@mitre.org

http://secunia.com/advisories/17897

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/17912

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/17916

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/17920

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/17926

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/17929

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/17940

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/17955

Source: cve@mitre.org

http://secunia.com/advisories/17956

Source: cve@mitre.org

http://secunia.com/advisories/17959

Source: cve@mitre.org

http://secunia.com/advisories/17976

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/18009

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/18055

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/18061

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/18147

Source: cve@mitre.org

http://secunia.com/advisories/18189

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/18191

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/18192

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/18303

Source: cve@mitre.org

http://secunia.com/advisories/18313

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/18336

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/18349

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/18380

Source: cve@mitre.org

http://secunia.com/advisories/18385

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/18387

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/18389

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/18398

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/18407

Source: cve@mitre.org

http://secunia.com/advisories/18416

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/18448

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/18517

Source: cve@mitre.org

http://secunia.com/advisories/18520

Source: cve@mitre.org

http://secunia.com/advisories/18534

Source: cve@mitre.org

http://secunia.com/advisories/18554

Source: cve@mitre.org

http://secunia.com/advisories/18582

Source: cve@mitre.org

http://secunia.com/advisories/18674

Source: cve@mitre.org

http://secunia.com/advisories/18675

Source: cve@mitre.org

http://secunia.com/advisories/18679

Source: cve@mitre.org

http://secunia.com/advisories/18908

Source: cve@mitre.org

http://secunia.com/advisories/18913

Source: cve@mitre.org

http://secunia.com/advisories/19125

Source: cve@mitre.org

http://secunia.com/advisories/19230

Source: cve@mitre.org

http://secunia.com/advisories/19377

Source: cve@mitre.org

http://secunia.com/advisories/19797

Source: cve@mitre.org

http://secunia.com/advisories/19798

Source: cve@mitre.org

http://secunia.com/advisories/25729

Source: cve@mitre.org

http://secunia.com/advisories/26413

Source: cve@mitre.org

http://securityreason.com/securityalert/236

Source: cve@mitre.org

http://securitytracker.com/id?1015309

Source: cve@mitre.org

http://securitytracker.com/id?1015324

Source: cve@mitre.org

http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683

Source: cve@mitre.org

http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747

Source: cve@mitre.org

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1

Source: cve@mitre.org

http://www.debian.org/security/2005/dsa-931

Source: cve@mitre.org

http://www.debian.org/security/2005/dsa-932

Source: cve@mitre.org

http://www.debian.org/security/2005/dsa-937

Source: cve@mitre.org

http://www.debian.org/security/2005/dsa-938

Source: cve@mitre.org

http://www.debian.org/security/2005/dsa-940

Source: cve@mitre.org

http://www.debian.org/security/2006/dsa-936

Source: cve@mitre.org

http://www.debian.org/security/2006/dsa-950

Source: cve@mitre.org

http://www.debian.org/security/2006/dsa-961

Source: cve@mitre.org

http://www.debian.org/security/2006/dsa-962

Source: cve@mitre.org

http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml

Source: cve@mitre.org

http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml

Source: cve@mitre.org

http://www.gentoo.org/security/en/glsa/glsa-200603-02.xml

Source: cve@mitre.org

http://www.idefense.com/application/poi/display?id=345&type=vulnerabilities&flashstatus=true

Source: cve@mitre.org

Patch Vendor Advisory

http://www.kde.org/info/security/advisory-20051207-1.txt

Source: cve@mitre.org

http://www.kde.org/info/security/advisory-20051207-2.txt

Source: cve@mitre.org

http://www.mandriva.com/security/advisories?name=MDKSA-2006:003

Source: cve@mitre.org

http://www.mandriva.com/security/advisories?name=MDKSA-2006:004

Source: cve@mitre.org

http://www.mandriva.com/security/advisories?name=MDKSA-2006:005

Source: cve@mitre.org

http://www.mandriva.com/security/advisories?name=MDKSA-2006:006

Source: cve@mitre.org

http://www.mandriva.com/security/advisories?name=MDKSA-2006:008

Source: cve@mitre.org

http://www.mandriva.com/security/advisories?name=MDKSA-2006:010

Source: cve@mitre.org

http://www.mandriva.com/security/advisories?name=MDKSA-2006:011

Source: cve@mitre.org

http://www.mandriva.com/security/advisories?name=MDKSA-2006:012

Source: cve@mitre.org

http://www.novell.com/linux/security/advisories/2005_29_sr.html

Source: cve@mitre.org

http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00014.html

Source: cve@mitre.org

http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00015.html

Source: cve@mitre.org

http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00016.html

Source: cve@mitre.org

http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00022.html

Source: cve@mitre.org

http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00036.html

Source: cve@mitre.org

http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00037.html

Source: cve@mitre.org

http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00073.html

Source: cve@mitre.org

http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00043.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2005-840.html

Source: cve@mitre.org

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2005-867.html

Source: cve@mitre.org

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2005-878.html

Source: cve@mitre.org

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2006-0160.html

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/archive/1/418883/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/427053/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/427990/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/15721

Source: cve@mitre.org

http://www.trustix.org/errata/2005/0072/

Source: cve@mitre.org

http://www.ubuntulinux.org/usn/usn-227-1

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2005/2787

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2005/2789

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2005/2790

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2005/2856

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/2280

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/23441

Source: cve@mitre.org

https://issues.rpath.com/browse/RPL-1609

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11440

Source: cve@mitre.org

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt