CVE-2005-3628

N/A Unknown
Published: December 31, 2005 Modified: April 16, 2026
View on NVD

Description

Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via unknown attack vectors.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
Source: secalert@redhat.com
http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html
Source: secalert@redhat.com
Patch Vendor Advisory
http://secunia.com/advisories/18147
Source: secalert@redhat.com
http://secunia.com/advisories/18380
Source: secalert@redhat.com
http://secunia.com/advisories/18385
Source: secalert@redhat.com
Patch Vendor Advisory
http://secunia.com/advisories/18387
Source: secalert@redhat.com
Patch Vendor Advisory
http://secunia.com/advisories/18389
Source: secalert@redhat.com
Patch Vendor Advisory
http://secunia.com/advisories/18398
Source: secalert@redhat.com
Patch Vendor Advisory
http://secunia.com/advisories/18407
Source: secalert@redhat.com
Patch Vendor Advisory
http://secunia.com/advisories/18416
Source: secalert@redhat.com
Patch Vendor Advisory
http://secunia.com/advisories/18428
Source: secalert@redhat.com
http://secunia.com/advisories/18436
Source: secalert@redhat.com
http://secunia.com/advisories/18534
Source: secalert@redhat.com
Patch Vendor Advisory
http://secunia.com/advisories/18582
Source: secalert@redhat.com
Patch Vendor Advisory
http://secunia.com/advisories/18674
Source: secalert@redhat.com
http://secunia.com/advisories/18675
Source: secalert@redhat.com
http://secunia.com/advisories/18679
Source: secalert@redhat.com
http://secunia.com/advisories/18908
Source: secalert@redhat.com
http://secunia.com/advisories/18913
Source: secalert@redhat.com
http://secunia.com/advisories/19230
Source: secalert@redhat.com
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
Source: secalert@redhat.com
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
Source: secalert@redhat.com
http://www.debian.org/security/2005/dsa-931
Source: secalert@redhat.com
http://www.debian.org/security/2005/dsa-932
Source: secalert@redhat.com
http://www.debian.org/security/2005/dsa-937
Source: secalert@redhat.com
http://www.debian.org/security/2005/dsa-938
Source: secalert@redhat.com
http://www.debian.org/security/2005/dsa-940
Source: secalert@redhat.com
http://www.debian.org/security/2006/dsa-936
Source: secalert@redhat.com
Patch Vendor Advisory
http://www.debian.org/security/2006/dsa-950
Source: secalert@redhat.com
Patch Vendor Advisory
http://www.debian.org/security/2006/dsa-961
Source: secalert@redhat.com
http://www.debian.org/security/2006/dsa-962
Source: secalert@redhat.com
http://www.mandriva.com/security/advisories?name=MDKSA-2006:010
Source: secalert@redhat.com
http://www.mandriva.com/security/advisories?name=MDKSA-2006:011
Source: secalert@redhat.com
http://www.mandriva.com/security/advisories?name=MDKSA-2006:012
Source: secalert@redhat.com
http://www.redhat.com/support/errata/RHSA-2006-0160.html
Source: secalert@redhat.com
Patch Vendor Advisory
http://www.securityfocus.com/archive/1/427053/100/0/threaded
Source: secalert@redhat.com
http://www.securityfocus.com/archive/1/427990/100/0/threaded
Source: secalert@redhat.com
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10287
Source: secalert@redhat.com
ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://secunia.com/advisories/18147
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/18380
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/18385
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://secunia.com/advisories/18387
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://secunia.com/advisories/18389
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://secunia.com/advisories/18398
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://secunia.com/advisories/18407
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://secunia.com/advisories/18416
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://secunia.com/advisories/18428
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/18436
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/18534
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://secunia.com/advisories/18582
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://secunia.com/advisories/18674
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/18675
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/18679
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/18908
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/18913
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/19230
Source: af854a3a-2127-422b-91ae-364da2661108
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
Source: af854a3a-2127-422b-91ae-364da2661108
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2005/dsa-931
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2005/dsa-932
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2005/dsa-937
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2005/dsa-938
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2005/dsa-940
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2006/dsa-936
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://www.debian.org/security/2006/dsa-950
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://www.debian.org/security/2006/dsa-961
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2006/dsa-962
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.mandriva.com/security/advisories?name=MDKSA-2006:010
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.mandriva.com/security/advisories?name=MDKSA-2006:011
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.mandriva.com/security/advisories?name=MDKSA-2006:012
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2006-0160.html
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://www.securityfocus.com/archive/1/427053/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/archive/1/427990/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10287
Source: af854a3a-2127-422b-91ae-364da2661108

76 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
2.7%
86th percentile
Exploitation Status
Not in CISA KEV

Affected Vendors

xpdf