CVE-2006-1244

NameCVE-2006-1244
DescriptionUnspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed. Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature.
SourceCVE (at NVD; oss-sec, fulldisc, OSVDB, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, more)
ReferencesDSA-1019-1, DSA-982-1
NVD severityhigh (attack range: remote, user-initiated)
Debian/oldstablenot vulnerable.
Debian/stablenot vulnerable.
Debian/testingnot vulnerable.
Debian/unstablenot vulnerable.

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
koffice (PTS)squeeze1:2.2.1-4fixed
xpdf (PTS)squeeze3.02-12+squeeze1fixed
wheezy3.03-10fixed
jessie, sid3.03-17fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
gpdfsource(unstable)2.10.0-3high
gpdfsourcesarge2.8.2-1.2sarge4highDSA-982-1
kofficesource(unstable)2.3.3-1high
kofficesourcesarge1.3.5-4.sarge.3highDSA-1019-1
xpdfsource(unstable)(not affected)

Notes

- xpdf <not-affected> (All issues previously fixed)
Discussion has shown that the revamp patch doesn't fix new vulnerabilities
xpdf (and therewith the questionable code) is not part of koffice for some time now

Search for package or bug name: Reporting problems