Home > Vulnerability Database > CVE-2006-1244

Mend.io Vulnerability Database

CVE-2006-1244

Date: March 15, 2006

Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed. Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature.

Severity Score

8.1

Related Resources (20)

Url: http://www.debian.org/security/2006/dsa-998

Url: http://www.debian.org/security/2006/dsa-982

Url: http://secunia.com/advisories/18948

Url: http://www.debian.org/security/2006/dsa-984

Url: http://www.debian.org/security/2006/dsa-983

Url: https://nvd.nist.gov/vuln/detail/CVE-2006-1244

Url: http://secunia.com/advisories/19644

Url: http://www.debian.org/security/2006/dsa-979

Url: http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3.diff.gz

Url: http://www.debian.org/security/2006/dsa-1019

Url: http://www.osvdb.org/23834

Url: http://secunia.com/advisories/19364

Url: http://secunia.com/advisories/19164

Url: http://secunia.com/advisories/19065

Url: http://secunia.com/advisories/19021

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2006-1244

Url: http://secunia.com/advisories/19091

Url: https://usn.ubuntu.com/270-1/

Url: http://www.securityfocus.com/bid/16748

Url: https://www.mend.io/vulnerability-database/CVE-2006-1244

Severity Score

8.1

CVSS v3.1

Base Score:	8.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	7.6
Access Vector (AV):	NETWORK
Access Complexity (AC):	HIGH
Authentication (AU):	NONE
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	COMPLETE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2006-1244

Date: March 15, 2006

Severity Score

Related Resources (20)

Severity Score

CVSS v3.1

CVSS v2

Do you need more information?