Description
Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/11501
Vendor Advisory vendor-advisory
x_refsource_mandrake
http://www.mandriva.com/security/advisories?name=MDKSA-2004:113
Patch, Vendor Advisory vendor-advisory
x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/17819
Mailing List vendor-advisory
x_refsource_suse
http://marc.info/?l=bugtraq&m=109880927526773&w=2
Scores
EPSS
0.0339
EPSS Percentile
87.6%
Details
Status
published
Products (39)
debian/debian_linux
3.0 (12 CPE variants)
easy_software_products/cups
1.0.4
easy_software_products/cups
1.0.4_8
easy_software_products/cups
1.1.1
easy_software_products/cups
1.1.4
easy_software_products/cups
1.1.4_2
easy_software_products/cups
1.1.4_3
easy_software_products/cups
1.1.4_5
easy_software_products/cups
1.1.6
easy_software_products/cups
1.1.7
... and 29 more
Published
Jan 27, 2005
Tracked Since
Feb 18, 2026