CVE-2005-3624

Name of the Vulnerable Software and Affected Versions kdegraphics versions prior to 3.4.3-r3 pdftohtml (affected versions not specified)

Description The issue involves multiple vulnerabilities in certain packages, including kdegraphics and pdftohtml, which can lead to breaches of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. Specifically, the CCITTFaxStream::CCITTFaxStream function in Stream.cc for various packages, including xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, leading to integer overflows and underflows.

Recommendations For kdegraphics versions prior to 3.4.3-r3, update to version 3.4.3-r3 or later. For pdftohtml, at the moment, there is no information about a newer version that contains a fix for this vulnerability.