Red Hat Customer Portal

Skip to main content

CVE-2005-3626

Impact:
Important
Public Date:
2006-01-03

The MITRE CVE dictionary describes this issue as:

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.

Find out more about CVE-2005-3626 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 2.1 (tetex) RHSA-2006:0160 2006-01-19
Red Hat Enterprise Linux 2.1 (xpdf) RHSA-2005:840 2005-12-06
Red Hat Enterprise Linux 3 (cups) RHSA-2006:0163 2006-01-11
Red Hat Enterprise Linux 3 (tetex) RHSA-2006:0160 2006-01-19
Red Hat Enterprise Linux 4 (kdegraphics) RHSA-2005:868 2005-12-20
Red Hat Enterprise Linux 4 (xpdf) RHSA-2005:840 2005-12-06
Red Hat Enterprise Linux 3 (xpdf) RHSA-2005:840 2005-12-06
Red Hat Enterprise Linux 4 (gpdf) RHSA-2006:0177 2006-01-11
Red Hat Enterprise Linux 4 (cups) RHSA-2006:0163 2006-01-11
Red Hat Enterprise Linux 4 (tetex) RHSA-2006:0160 2006-01-19

Acknowledgements

Red Hat would like to thank Chris Evans for reporting this issue.

Last Modified