2005-12-31 06:00:00 2018-10-19 17:37:25

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE
Ubuntu Ubuntu linux 5.04 Amd64 (not an official CPE) Ubuntu Ubuntu linux 4.1 Ia64 (not an official CPE) Ubuntu Ubuntu linux 4.1 Ppc (not an official CPE) Turbolinux Turbolinux server 10.0 x86 (not an official CPE) Turbolinux Turbolinux workstation 8.0 (not an official CPE) Turbolinux Turbolinux server 10.0 (not an official CPE) Turbolinux Turbolinux server 8.0 (not an official CPE) Turbolinux Turbolinux personal (not an official CPE) Turbolinux Turbolinux desktop 10.0 (not an official CPE) Turbolinux Turbolinux home (not an official CPE) Turbolinux Turbolinux multimedia (not an official CPE) Turbolinux Turbolinux appliance server 1.0 workgroup edition (not an official CPE) Turbolinux Turbolinux appliance server 1.0 hosting edition (not an official CPE) Trustix Secure Linux 3.0 Turbolinux Turbolinux 10 (not an official CPE) Turbolinux Turbolinux Fuji (not an official CPE) Trustix Secure Linux 2.0 Trustix Secure Linux 2.2 Suse Suse linux 10.0 Professional (not an official CPE) Suse Suse linux 10.0 Oss (not an official CPE) Suse Suse linux 9.3 Personal (not an official CPE) Suse Suse linux 9.3 Professional (not an official CPE) Suse Suse linux 9.3 X86 64 (not an official CPE) Suse Suse linux 9.2 X86 64 (not an official CPE) Suse Suse linux 9.2 Professional (not an official CPE) Suse Suse linux 9.2 Personal (not an official CPE) Suse Suse linux 9.1 X86 64 (not an official CPE) Suse Suse linux 9.1 Professional (not an official CPE) Suse Suse linux 9.0 X86 64 (not an official CPE) Suse Suse linux 9.1 Personal (not an official CPE) Suse Suse linux 9.0 S 390 (not an official CPE) Suse Suse linux 9.0 Professional (not an official CPE) Suse Suse linux 9.0 Personal (not an official CPE) SuSE SuSE Linux 1.0 Suse Suse linux 9.0 Enterprise server (not an official CPE) Slackware Linux 10.2 Slackware Linux 10.1 Slackware Linux 10.0 Sco Openserver 6.0 (not an official CPE) Slackware Linux 9.0 Slackware Linux 9.1 Sco Openserver 5.0.7 (not an official CPE) Redhat Linux advanced workstation 2.1 Itanium (not an official CPE) Redhat Linux 7.3 I386 (not an official CPE) Redhat Linux 9.0 I386 (not an official CPE) Redhat Linux advanced workstation 2.1 Ia64 (not an official CPE) Redhat Fedora core Core 4.0 (not an official CPE) Redhat Fedora core Core 3.0 (not an official CPE) Redhat Fedora core Core 2.0 (not an official CPE) Redhat Fedora core Core 1.0 (not an official CPE) Red Hat Desktop 4.0 Red Hat Desktop 3.0 Redhat Enterprise linux 4.0 Workstation (not an official CPE) Redhat Enterprise linux 4.0 Enterprise server (not an official CPE) Redhat Enterprise linux 4.0 Advanced server (not an official CPE) Redhat Enterprise linux 3.0 Workstation server (not an official CPE) Redhat Enterprise linux 3.0 Enterprise server (not an official CPE) Redhat Enterprise linux 2.1 Workstation ia64 (not an official CPE) Redhat Enterprise linux 3.0 Advanced server (not an official CPE) Redhat Enterprise linux 2.1 Workstation (not an official CPE) Redhat Enterprise linux 2.1 Enterprise server ia64 (not an official CPE) Redhat Enterprise linux 2.1 Enterprise server (not an official CPE) Redhat Enterprise linux 2.1 Advanced server ia64 (not an official CPE) Redhat Enterprise linux 2.1 Advanced server (not an official CPE) Mandrakesoft Mandrake linux corporate server 3.0 X86 64 (not an official CPE) MandrakeSoft Mandrake Corporate Server 3.0 MandrakeSoft Mandrake Linux Corporate Server 2.1 Mandrakesoft Mandrake linux corporate server 2.1 X86 64 (not an official CPE) MandrakeSoft Mandrake Linux 2006.0 Mandrakesoft Mandrake linux 2006 X86-64 (not an official CPE) MandrakeSoft Mandrake Linux 10.2 Mandrakesoft Mandrake linux 10.2 X86-64 (not an official CPE) Mandrakesoft Mandrake linux 10.1 X86-64 (not an official CPE) MandrakeSoft Mandrake Linux 10.1 Gentoo Linux Debian Debian linux 3.1 Sparc (not an official CPE) Debian Debian linux 3.1 S-390 (not an official CPE) Debian Debian linux 3.1 Ppc (not an official CPE) Debian Debian linux 3.1 Mipsel (not an official CPE) Debian Debian linux 3.1 M68k (not an official CPE) Debian Debian linux 3.1 Mips (not an official CPE) Debian Debian linux 3.1 Ia-64 (not an official CPE) Debian Debian linux 3.1 Ia-32 (not an official CPE) Debian Debian linux 3.1 Hppa (not an official CPE) Debian Debian linux 3.1 Arm (not an official CPE) Debian Debian linux 3.1 Amd64 (not an official CPE) Debian Debian linux 3.1 Alpha (not an official CPE) Debian Debian Linux 3.1 Debian Debian linux 3.0 Sparc (not an official CPE) Debian Debian linux 3.0 S-390 (not an official CPE) Debian Debian linux 3.0 Ppc (not an official CPE) Debian Debian linux 3.0 Mipsel (not an official CPE) Debian Debian linux 3.0 Mips (not an official CPE) Debian Debian linux 3.0 M68k (not an official CPE) Debian Debian linux 3.0 Ia-64 (not an official CPE) Debian Debian linux 3.0 Ia-32 (not an official CPE) Debian Debian linux 3.0 Hppa (not an official CPE) Debian Debian linux 3.0 Arm (not an official CPE) Debian Debian linux 3.0 Alpha (not an official CPE) Debian Debian Linux 3.0 Conectiva Linux 10.0 Ubuntu Ubuntu linux 5.04 I386 (not an official CPE) Ubuntu Ubuntu linux 5.04 Powerpc (not an official CPE) Ubuntu Ubuntu linux 5.10 Amd64 (not an official CPE) Ubuntu Ubuntu linux 5.10 I386 (not an official CPE) Ubuntu Ubuntu linux 5.10 Powerpc (not an official CPE)