OpenBSD VuXML: Documenting security issues in the OpenBSD Ports & Packages Collection

xpdf -- integer overflow vulnerabilities

Affected packages
xpdf < 3.00p1

Details

VuXML ID d79a032a-2763-11d9-a0f4-00065bd5b0b6
Discovery 2004-10-21
Entry 2004-10-23

Chris Evans discovered several integer arithmetic overflows in the xpdf 2 and xpdf 3 code bases. The flaws have impacts ranging from denial-of-service to arbitrary code execution.

References

CVE Name CAN-2004-0888
CVE Name CAN-2004-0889
URL http://scary.beasts.org/security/CESA-2004-002.txt
URL http://scary.beasts.org/security/CESA-2004-007.txt

Copyright © 2003-2005 Jacques Vidrine, Robert Nagy, and contributors.
Please see the source of this document for full copyright information.