The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Cups | Easy_software_products | 1.1.22 (including) | 1.1.22 (including) |
Cups | Easy_software_products | 1.1.22_rc1 (including) | 1.1.22_rc1 (including) |
Cups | Easy_software_products | 1.1.23 (including) | 1.1.23 (including) |
Cups | Easy_software_products | 1.1.23_rc1 (including) | 1.1.23_rc1 (including) |
Kdegraphics | Kde | 3.2 (including) | 3.2 (including) |
Kdegraphics | Kde | 3.4.3 (including) | 3.4.3 (including) |
Koffice | Kde | 1.4 (including) | 1.4 (including) |
Koffice | Kde | 1.4.1 (including) | 1.4.1 (including) |
Koffice | Kde | 1.4.2 (including) | 1.4.2 (including) |
Kpdf | Kde | 3.2 (including) | 3.2 (including) |
Kpdf | Kde | 3.4.3 (including) | 3.4.3 (including) |
Kword | Kde | 1.4.2 (including) | 1.4.2 (including) |
Libextractor | Libextractor | * | * |
Poppler | Poppler | 0.4.2 (including) | 0.4.2 (including) |
Propack | Sgi | 3.0-sp6 (including) | 3.0-sp6 (including) |
Tetex | Tetex | 1.0.7 (including) | 1.0.7 (including) |
Tetex | Tetex | 2.0 (including) | 2.0 (including) |
Tetex | Tetex | 2.0.1 (including) | 2.0.1 (including) |
Tetex | Tetex | 2.0.2 (including) | 2.0.2 (including) |
Tetex | Tetex | 3.0 (including) | 3.0 (including) |
Xpdf | Xpdf | 3.0 (including) | 3.0 (including) |
Linux | Conectiva | 10.0 (including) | 10.0 (including) |