CVE-2005-3624
EPSS 7.2%Published: 12/31/2005Modified: 4/28/2026
Description
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
Affected packages (4)
- Debian/cupsfrom 0, < 1.1.22-7
- Debian/libextractorfrom 0, < 0.5.9-1
- Debian/popplerfrom 0, < 0.4.4-1
- Debian/xpdffrom 0, < 3.01-4