CVE-2005-0064

EPSS 8.4%

cupsys - buffer overflow

Published: 5/2/2005Modified: 3/9/2026

Also known as:DSA-645-1DEBIAN-CVE-2005-0064

Description

Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value.

Affected packages (4)

Debian/cupsfrom 0, < 1.1.22-6
Debian/cupsysfrom 0, < 1.1.14-5woody12
Debian/xpdffrom 0, < 3.00-13
Debian/xpdffrom 0, < 1.00-3.4

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2005-0064