suse · CVE-2006-0301

Quick triage

Priority: high Published: 2021-05-30 12:34:48 UTC Updated: 2026-04-18 20:41:30 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2006-0301 severity important: SUSE including 18 source package names (libpoppler-cpp0-21.08.0-1.3, libpoppler-cpp0-32bit-21.08.0-1.3, …), 18 product×package rows across 2 product lines (SUSE Linux Enterprise Server 16.0, openSUSE Tumbleweed): Fixed 18.

Description:

Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap.

cvelogic Threat Intelligence