CyberSec.Space Logo
CVEブラウザに戻る

CVE-2004-0888

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1700%
EPSS Percentile14.71th
Published2005年1月27日
Last Modified2026年4月16日

Vulnerability Description

Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889.

Affected Platforms (CPE)

📦
Easy Software Products

Cups

= 1.0.4
📦
Easy Software Products

Cups

= 1.0.4_8
📦
Easy Software Products

Cups

= 1.1.1
📦
Easy Software Products

Cups

= 1.1.4
📦
Easy Software Products

Cups

= 1.1.4_2
📦
Easy Software Products

Cups

= 1.1.4_3
📦
Easy Software Products

Cups

= 1.1.4_5
📦
Easy Software Products

Cups

= 1.1.6
📦
Easy Software Products

Cups

= 1.1.7
📦
Easy Software Products

Cups

= 1.1.10
📦
Easy Software Products

Cups

= 1.1.12
📦
Easy Software Products

Cups

= 1.1.13
📦
Easy Software Products

Cups

= 1.1.14
📦
Easy Software Products

Cups

= 1.1.15
📦
Easy Software Products

Cups

= 1.1.16
📦
Easy Software Products

Cups

= 1.1.17
📦
Easy Software Products

Cups

= 1.1.18
📦
Easy Software Products

Cups

= 1.1.19
📦
Easy Software Products

Cups

= 1.1.19_rc5
📦
Easy Software Products

Cups

= 1.1.20
📦
Gnome

Gpdf

= 0.112
📦
Gnome

Gpdf

= 0.131
📦
Kde

Koffice

= 1.3
📦
Kde

Koffice

= 1.3.1
📦
Kde

Koffice

= 1.3.2
📦
Kde

Koffice

= 1.3.3
📦
Kde

Koffice

= 1.3_beta1
📦
Kde

Koffice

= 1.3_beta2
📦
Kde

Koffice

= 1.3_beta3
📦
Kde

Kpdf

= 3.2
📦
Pdftohtml

Pdftohtml

= 0.32a
📦
Pdftohtml

Pdftohtml

= 0.32b
📦
Pdftohtml

Pdftohtml

= 0.33
📦
Pdftohtml

Pdftohtml

= 0.33a
📦
Pdftohtml

Pdftohtml

= 0.34
📦
Pdftohtml

Pdftohtml

= 0.35
📦
Pdftohtml

Pdftohtml

= 0.36
📦
Tetex

Tetex

= 1.0.7
📦
Tetex

Tetex

= 2.0
📦
Tetex

Tetex

= 2.0.1
📦
Tetex

Tetex

= 2.0.2
📦
Xpdf

Xpdf

= 0.90
📦
Xpdf

Xpdf

= 0.91
📦
Xpdf

Xpdf

= 0.92
📦
Xpdf

Xpdf

= 0.93
📦
Xpdf

Xpdf

= 1.0
📦
Xpdf

Xpdf

= 1.0a
📦
Xpdf

Xpdf

= 1.1
📦
Xpdf

Xpdf

= 2.0
📦
Xpdf

Xpdf

= 2.1
📦
Xpdf

Xpdf

= 2.3
📦
Xpdf

Xpdf

= 3.0
💻
Debian

Debian Linux

= 3.0
💻
Debian

Debian Linux

= 3.0
💻
Debian

Debian Linux

= 3.0
💻
Debian

Debian Linux

= 3.0
💻
Debian

Debian Linux

= 3.0
💻
Debian

Debian Linux

= 3.0
💻
Debian

Debian Linux

= 3.0
💻
Debian

Debian Linux

= 3.0
💻
Debian

Debian Linux

= 3.0
💻
Debian

Debian Linux

= 3.0
💻
Debian

Debian Linux

= 3.0
💻
Debian

Debian Linux

= 3.0
💻
Gentoo

Linux

All versions
💻
Kde

Kde

= 3.2
💻
Kde

Kde

= 3.2.1
💻
Kde

Kde

= 3.2.2
💻
Kde

Kde

= 3.2.3
💻
Kde

Kde

= 3.3
💻
Kde

Kde

= 3.3.1
💻
Redhat

Enterprise Linux

= 2.1
💻
Redhat

Enterprise Linux

= 2.1
💻
Redhat

Enterprise Linux

= 2.1
💻
Redhat

Enterprise Linux

= 2.1
💻
Redhat

Enterprise Linux

= 2.1
💻
Redhat

Enterprise Linux

= 2.1
💻
Redhat

Enterprise Linux

= 3.0
💻
Redhat

Enterprise Linux

= 3.0
💻
Redhat

Enterprise Linux

= 3.0
💻
Redhat

Enterprise Linux Desktop

= 3.0
💻
Redhat

Fedora Core

= core_2.0
💻
Redhat

Linux Advanced Workstation

= 2.1
💻
Redhat

Linux Advanced Workstation

= 2.1
💻
Suse

Suse Linux

= 8.0
💻
Suse

Suse Linux

= 8.1
💻
Suse

Suse Linux

= 8.2
💻
Suse

Suse Linux

= 9.0
💻
Suse

Suse Linux

= 9.0
💻
Suse

Suse Linux

= 9.1
💻
Suse

Suse Linux

= 9.2
💻
Ubuntu

Ubuntu Linux

= 4.1
💻
Ubuntu

Ubuntu Linux

= 4.1

References & Advisories

🔗 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000886
🔗 http://marc.info/?l=bugtraq&m=109880927526773&w=2
🔗 http://marc.info/?l=bugtraq&m=110815379627883&w=2
🔗 http://www.debian.org/security/2004/dsa-573
🔗 http://www.debian.org/security/2004/dsa-581
🔗 http://www.debian.org/security/2004/dsa-599
🔗 http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml
🔗 http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml

関連する脆弱性情報

CVE-2002-136710.0

Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to add printers without authentication via a cert...

CVE-2002-136910.0

jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly use the strncat function call when processing...

CVE-2001-019410.0

Buffer overflow in httpGets function in CUPS 1.1.5 allows remote attackers to execute arbitrary commands via a long input line.

CVE-2002-138310.0

Multiple integer overflows in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allow remote attackers to execute arbitrary...