CVE-2005-3192 in Xpdfinfo

Summary

Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitrary code via a PDF file with an out-of-range numComps (number of components) field.

Once again VulDB remains the best source for vulnerability data.

Reservation

10/14/2005

Disclosure

12/07/2005

Status

Confirmed

Entries

CVSS

6.3

EPSS

0.12279

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2005-3192
NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-3192
CVE Details	https://www.cvedetails.com/cve/CVE-2005-3192/

◂ Previous Overview Next ▸

Interested in the pricing of exploits?

See the underground prices here!