← Back

CVE-2005-0064

nvd nist
Published: May 2, 2005Modified: Apr 16, 2026

JSON object

Loading...
7.5
Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
Exploitability: 10.0 / Impact: 6.4
Source: NVD

Description

Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value.

Affected (32)

Products: Xpdf: Xpdf
Xpdf
1 product
Xpdf
Configuration A
32 vulnerable
Vulnerable SoftwareAffected Versions
Xpdf
Xpdf
Version 0.2
Xpdf
Version 0.3
Xpdf
Version 0.4
Xpdf
Version 0.5
Xpdf
Version 0.5a
Xpdf
Version 0.6
Xpdf
Version 0.7
Xpdf
Version 0.7a
Xpdf
Version 0.80
Xpdf
Version 0.90
Xpdf
Version 0.91
Xpdf
Version 0.91a
Xpdf
Version 0.91b
Xpdf
Version 0.91c
Xpdf
Version 0.92
Xpdf
Version 0.92a
Xpdf
Version 0.92b
Xpdf
Version 0.92c
Xpdf
Version 0.92d
Xpdf
Version 0.92e
Xpdf
Version 0.93
Xpdf
Version 0.93a
Xpdf
Version 0.93b
Xpdf
Version 0.93c
Xpdf
Version 1.0
Xpdf
Version 1.0a
Xpdf
Version 1.1
Xpdf
Version 2.0
Xpdf
Version 2.1
Xpdf
Version 2.2
Xpdf
Version 2.3
Xpdf
Version 3.0

References (52)

ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch (unsafe URL)
Source: cve@mitre.org
Patch
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt (unsafe URL)
Source: cve@mitre.org
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
ExploitPatchVendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch (unsafe URL)
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt (unsafe URL)
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.