CVE-2005-3626: Medium severity Easy Software Products Cups vulnerability
Published Dec 31, 2005
·Updated
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
Affected Software
127 affected components
Easy Software Products Cups=1.1.22
Easy Software Products Cups=1.1.22_rc1
Easy Software Products Cups=1.1.23
Easy Software Products Cups=1.1.23_rc1
KDE kdegraphics=3.2
KDE kdegraphics=3.4.3
KDE Koffice=1.4
KDE Koffice=1.4.1
KDE Koffice=1.4.2
KDE kpdf=3.2
KDE kpdf=3.4.3
KDE Kword=1.4.2
Libextractor Libextractor
Poppler Poppler=0.4.2
SGI ProPack=3.0-sp6
teTeX teTeX=1.0.7
teTeX teTeX=2.0
teTeX teTeX=2.0.1
teTeX teTeX=2.0.2
teTeX teTeX=3.0
xpdf Xpdf=3.0
Conectiva Linux=10.0
Debian Debian Linux=3.0
Debian Debian Linux=3.0
Debian Debian Linux=3.0
Debian Debian Linux=3.0
Debian Debian Linux=3.0
Debian Debian Linux=3.0
Debian Debian Linux=3.0
Debian Debian Linux=3.0
Debian Debian Linux=3.0
Debian Debian Linux=3.0
Debian Debian Linux=3.0
Debian Debian Linux=3.0
Debian Debian Linux=3.1
Debian Debian Linux=3.1
Debian Debian Linux=3.1
Debian Debian Linux=3.1
Debian Debian Linux=3.1
Debian Debian Linux=3.1
Debian Debian Linux=3.1
Debian Debian Linux=3.1
Debian Debian Linux=3.1
Debian Debian Linux=3.1
Debian Debian Linux=3.1
Debian Debian Linux=3.1
Debian Debian Linux=3.1
Gentoo Linux
Mandrakesoft Mandrake Linux=10.1
Mandrakesoft Mandrake Linux=10.1
Mandrakesoft Mandrake Linux=10.2
Mandrakesoft Mandrake Linux=10.2
Mandrakesoft Mandrake Linux=2006
Mandrakesoft Mandrake Linux=2006
Mandrakesoft Mandrake Linux Corporate Server=2.1
Mandrakesoft Mandrake Linux Corporate Server=2.1
Mandrakesoft Mandrake Linux Corporate Server=3.0
Mandrakesoft Mandrake Linux Corporate Server=3.0
redhat Enterprise Linux=2.1
redhat Enterprise Linux=2.1
redhat Enterprise Linux=2.1
redhat Enterprise Linux=2.1
redhat Enterprise Linux=2.1
redhat Enterprise Linux=2.1
redhat Enterprise Linux=3.0
redhat Enterprise Linux=3.0
redhat Enterprise Linux=3.0
redhat Enterprise Linux=4.0
redhat Enterprise Linux=4.0
redhat Enterprise Linux=4.0
redhat Enterprise Linux Desktop=3.0
redhat Enterprise Linux Desktop=4.0
redhat Fedora Core=core_1.0
redhat Fedora Core=core_2.0
redhat Fedora Core=core_3.0
redhat Fedora Core=core_4.0
redhat Linux=7.3
redhat Linux=9.0
redhat Linux Advanced Workstation=2.1
redhat Linux Advanced Workstation=2.1
SCO OpenServer=5.0.7
SCO OpenServer=6.0
Slackware Slackware Linux=9.0
Slackware Slackware Linux=9.1
Slackware Slackware Linux=10.0
Slackware Slackware Linux=10.1
Slackware Slackware Linux=10.2
SUSE SuSE Linux=1.0
SUSE SuSE Linux=9.0
SUSE SuSE Linux=9.0
SUSE SuSE Linux=9.0
SUSE SuSE Linux=9.0
SUSE SuSE Linux=9.0
SUSE SuSE Linux=9.1
SUSE SuSE Linux=9.1
SUSE SuSE Linux=9.1
SUSE SuSE Linux=9.2
SUSE SuSE Linux=9.2
SUSE SuSE Linux=9.2
SUSE SuSE Linux=9.3
SUSE SuSE Linux=9.3
SUSE SuSE Linux=9.3
SUSE SuSE Linux=10.0
SUSE SuSE Linux=10.0
Trustix Secure Linux=2.0
Trustix Secure Linux=2.2
Trustix Secure Linux=3.0
Turbolinux Turbolinux=10
Turbolinux Turbolinux=fuji
Turbolinux Turbolinux Appliance Server=1.0_hosting_edition
Turbolinux Turbolinux Appliance Server=1.0_workgroup_edition
Turbolinux Turbolinux Desktop=10.0
Turbolinux Turbolinux Home
Turbolinux Turbolinux Multimedia
Turbolinux Turbolinux Personal
Turbolinux Turbolinux Server=8.0
Turbolinux Turbolinux Server=10.0
Turbolinux Turbolinux Server=10.0_x86
Turbolinux Turbolinux Workstation=8.0
Ubuntu Ubuntu Linux=4.1
Ubuntu Ubuntu Linux=4.1
Ubuntu Ubuntu Linux=5.04
Ubuntu Ubuntu Linux=5.04
Ubuntu Ubuntu Linux=5.04
Ubuntu Ubuntu Linux=5.10
Ubuntu Ubuntu Linux=5.10
Ubuntu Ubuntu Linux=5.10
Remediation
Patch Available
Patch Available
Patch Available
Patch Available
Patch Available
Patch Available
Patch Available
Patch Available
Patch Available
Patch Available
Patch Available
Patch Available
Patch Available
Patch Available
Patch Available
Patch Available
Patch Available
Patch Available
Patch Available
Patch Available
Patch Available
Patch Available
Patch Available
Patch Available
Patch Available
Patch Available
Event History
Dec 31, 2005
CVE Published
05:00 AM
Jan 7, 2006
CVE Published
via MITRE·03:00 AM
Data Sourced
via MITRE·03:00 AM
Description
Frequently Asked Questions
1
What is the severity of CVE-2005-3626?
CVE-2005-3626 has a severity rating that indicates it can cause a denial of service due to a null dereference.
2
How do I fix CVE-2005-3626?
To fix CVE-2005-3626, users should update their affected software to the latest versions that include patches for this vulnerability.
3
Which software is affected by CVE-2005-3626?
Affected software includes Xpdf, KDE KPDF, teTeX, CUPS, and Poppler among others.
4
What type of vulnerability is CVE-2005-3626?
CVE-2005-3626 is classified as a denial of service vulnerability.
5
When was CVE-2005-3626 reported?
CVE-2005-3626 was reported in December 2005.