CVE-2006-1244
CVSS7.6
发布时间 :2006-03-15 14:06:00
修订时间 :2008-09-05 17:01:24
NMCO    

[原文]Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed. Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature.


[CNNVD]XPDF多个未明漏洞(CNNVD-200603-272)

        在xpdf 3.00后的某个版本中存在不明漏洞,当使用在包括(a) pdfkit.framework,(b) gpdf,(c) pdftohtml,和(d) libextractor的不同产品中时,会产生不明影响和用户协助式攻击向量,可能在(1) gmem.c,(2) SplashXPathScanner.cc,(3) JBIG2Stream.cc,(4) JPXStream.cc,和/或(5) Stream.cc中会出现相关错误。

- CVSS (基础分值)

CVSS分值: 7.6 [严重(HIGH)]
机密性影响: COMPLETE [完全的信息泄露导致所有系统文件暴露]
完整性影响: COMPLETE [系统完整性可被完全破坏]
可用性影响: COMPLETE [可能导致系统完全宕机]
攻击复杂度: HIGH [漏洞利用存在特定的访问条件]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/o:debian:debian_linux:3.1::sparc
cpe:/a:libextractor:libextractor:0.3.11
cpe:/a:xpdf:xpdf:0.93
cpe:/o:debian:debian_linux:3.1::ia-64
cpe:/a:xpdf:xpdf:1.1
cpe:/o:debian:debian_linux:3.1::s-390
cpe:/a:xpdf:xpdf:3.0.1_pl1
cpe:/o:debian:debian_linux:3.1::mipsel
cpe:/o:debian:debian_linux:3.1::ppc
cpe:/o:debian:debian_linux:3.1::mips
cpe:/a:libextractor:libextractor:0.4
cpe:/a:xpdf:xpdf:1.0
cpe:/a:xpdf:xpdf:0.90
cpe:/a:xpdf:xpdf:3.0.1
cpe:/o:debian:debian_linux:3.1::m68k
cpe:/o:debian:debian_linux:3.1::hppa
cpe:/a:xpdf:xpdf:3.0
cpe:/a:xpdf:xpdf:3.0_pl2
cpe:/a:xpdf:xpdf:3.0_pl3
cpe:/a:xpdf:xpdf:2.2
cpe:/a:libextractor:libextractor:0.4.2
cpe:/a:gnome:gpdf:2.8.2
cpe:/a:libextractor:libextractor:0.3.6
cpe:/a:xpdf:xpdf:2.0
cpe:/o:debian:debian_linux:3.1::alpha
cpe:/a:xpdf:xpdf:2.1
cpe:/a:xpdf:xpdf:1.0a
cpe:/a:libextractor:libextractor:0.3.9
cpe:/o:debian:debian_linux:3.1Debian Debian Linux 3.1
cpe:/a:libextractor:libextractor:0.4.1
cpe:/o:debian:debian_linux:3.1::arm
cpe:/a:libextractor:libextractor:0.3.8
cpe:/o:debian:debian_linux:3.1::amd64
cpe:/a:xpdf:xpdf:2.3
cpe:/o:debian:debian_linux:3.1::ia-32
cpe:/a:libextractor:libextractor:0.3.7
cpe:/a:xpdf:xpdf:0.92
cpe:/a:libextractor:libextractor:0.5
cpe:/a:xpdf:xpdf:0.91

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1244
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-1244
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200603-272
(官方数据源) CNNVD

- 其它链接及资源

http://www.debian.org/security/2006/dsa-998
(VENDOR_ADVISORY)  DEBIAN  DSA-998
http://www.debian.org/security/2006/dsa-984
(VENDOR_ADVISORY)  DEBIAN  DSA-984
http://www.debian.org/security/2006/dsa-983
(VENDOR_ADVISORY)  DEBIAN  DSA-983
http://www.debian.org/security/2006/dsa-982
(VENDOR_ADVISORY)  DEBIAN  DSA-982
http://www.debian.org/security/2006/dsa-979
(VENDOR_ADVISORY)  DEBIAN  DSA-979
http://www.debian.org/security/2006/dsa-1019
(VENDOR_ADVISORY)  DEBIAN  DSA-1019
http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3.diff.gz
(PATCH)  MISC  http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3.diff.gz
http://secunia.com/advisories/19644
(VENDOR_ADVISORY)  SECUNIA  19644
http://secunia.com/advisories/19364
(VENDOR_ADVISORY)  SECUNIA  19364
http://secunia.com/advisories/19164
(VENDOR_ADVISORY)  SECUNIA  19164
http://secunia.com/advisories/19091
(VENDOR_ADVISORY)  SECUNIA  19091
http://secunia.com/advisories/19065
(VENDOR_ADVISORY)  SECUNIA  19065
http://secunia.com/advisories/19021
(VENDOR_ADVISORY)  SECUNIA  19021
http://secunia.com/advisories/18948
(VENDOR_ADVISORY)  SECUNIA  18948
http://www.ubuntulinux.org/support/documentation/usn/usn-270-1
(UNKNOWN)  UBUNTU  USN-270-1
http://www.securityfocus.com/bid/16748
(UNKNOWN)  BID  16748
http://www.osvdb.org/23834
(UNKNOWN)  OSVDB  23834

- 漏洞信息

XPDF多个未明漏洞
高危 资料不足
2006-03-15 00:00:00 2006-08-28 00:00:00
远程  
        在xpdf 3.00后的某个版本中存在不明漏洞,当使用在包括(a) pdfkit.framework,(b) gpdf,(c) pdftohtml,和(d) libextractor的不同产品中时,会产生不明影响和用户协助式攻击向量,可能在(1) gmem.c,(2) SplashXPathScanner.cc,(3) JBIG2Stream.cc,(4) JPXStream.cc,和/或(5) Stream.cc中会出现相关错误。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
        libextractor libextractor 0.4.2
        Debian extract_0.4.2-2sarge3_alpha.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/libe/libextractor/extract
        _0.4.2-2sarge3_alpha.deb
        Debian extract_0.4.2-2sarge3_amd64.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/libe/libextractor/extract
        _0.4.2-2sarge3_amd64.deb
        Debian extract_0.4.2-2sarge3_arm.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/libe/libextractor/extract
        _0.4.2-2sarge3_arm.deb
        Debian extract_0.4.2-2sarge3_hppa.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/libe/libextractor/extract
        _0.4.2-2sarge3_hppa.deb
        Debian extract_0.4.2-2sarge3_i386.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/libe/libextractor/extract
        _0.4.2-2sarge3_i386.deb
        Debian extract_0.4.2-2sarge3_ia64.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/libe/libextractor/extract
        _0.4.2-2sarge3_ia64.deb
        Debian extract_0.4.2-2sarge3_m68k.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/libe/libextractor/extract
        _0.4.2-2sarge3_m68k.deb
        Debian extract_0.4.2-2sarge3_mips.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/libe/libextractor/extract
        _0.4.2-2sarge3_mips.deb
        Debian extract_0.4.2-2sarge3_mipsel.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/libe/libextractor/extract
        _0.4.2-2sarge3_mipsel.deb
        Debian extract_0.4.2-2sarge3_powerpc.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/libe/libextractor/extract
        _0.4.2-2sarge3_powerpc.deb
        Debian extract_0.4.2-2sarge3_s390.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/libe/libextractor/extract
        _0.4.2-2sarge3_s390.deb
        Debian extract_0.4.2-2sarge3_sparc.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/libe/libextractor/extract
        _0.4.2-2sarge3_sparc.deb
        Debian libextractor1-dev_0.4.2-2sarge3_alpha.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/libe/libextractor/libextr
        actor1-dev_0.4.2-2sarge3_alpha.deb
        Debian libextractor1-dev_0.4.2-2sarge3_amd64.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/libe/libextractor/libextr
        actor1-dev_0.4.2-2sarge3_amd64.deb
        Debian libextractor1-dev_0.4.2-2sarge3_arm.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/libe/libextractor/libextr
        actor1-dev_0.4.2-2sarge3_arm.deb
        Debian libextractor1-dev_0.4.2-2sarge3_hppa.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/libe/libextractor/libextr
        actor1-dev_0.4.2-2sarge3_hppa.deb
        Debian libextractor1-dev_0.4.2-2sarge3_i386.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/libe/libextractor/libextr
        actor1-dev_0.4.2-2sarge3_i386.deb
        Debian libextractor1-dev_0.4.2-2sarge3_ia64.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/libe/libextractor/libextr
        actor1-dev_0.4.2-2sarge3_ia64.deb
        Debian libextractor1-dev_0.4.2-2sarge3_m68k.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/libe/libextractor/libextr
        actor1-dev_0.4.2-2sarge3_m68k.deb
        Debian libextractor1-dev_0.4.2-2sarge3_mips.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/libe/libextractor/libextr
        actor1-dev_0.4.2-2sarge3_mips.deb
        Debian libextractor1-dev_0.4.2-2sarge3_mipsel.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/libe/libextractor/libextr
        actor1-dev_0.4.2-2sarge3_mipsel.deb
        Debian libextractor1-dev_0.4.2-2sarge3_powerpc.deb
        Debian GNU/L

- 漏洞信息

23834
Multiple Products Xpdf/kpdf Multiple Unspecified Issues
Location Unknown Attack Type Unknown
Exploit Unknown

- 漏洞描述

- 时间线

2006-03-01 Unknow
Unknow Unknow

- 解决方案

Products

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete
 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站