CVE-2005-3624 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2005-3624 Interim 1 19 2025-11-05T06:29:21Z current 2021-05-30T12:34:06Z 2025-11-05T06:29:21Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2005-3624 The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BRY6RHDPEAHDBBB73AHO74DPVUFBVTJP/#BRY6RHDPEAHDBBB73AHO74DPVUFBVTJP E-Mail link for SUSE-SA:2006:001 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Enterprise Server 16.0 SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Micro 6.0 SUSE Linux Micro 6.1 openSUSE Tumbleweed cups-2.3.3op2-4.2 cups-2.4.11-160000.2.2 cups-client-2.3.3op2-4.2 cups-client-2.4.11-160000.2.2 cups-config-2.3.3op2-4.2 cups-config-2.4.10-slfo.1.1_1.4 cups-config-2.4.11-160000.2.2 cups-config-2.4.2-5.6 cups-ddk-2.3.3op2-4.2 cups-ddk-2.4.11-160000.2.2 cups-devel-2.3.3op2-4.2 cups-devel-2.4.11-160000.2.2 cups-devel-32bit-2.3.3op2-4.2 cups154 cups154-client cups154-filters cups154-libs libcups2-2.3.3op2-4.2 libcups2-2.4.10-slfo.1.1_1.4 libcups2-2.4.11-160000.2.2 libcups2-2.4.2-5.6 libcups2-32bit-2.3.3op2-4.2 libcupsimage2-2.3.3op2-4.2 libcupsimage2-2.4.11-160000.2.2 libcupsimage2-32bit-2.3.3op2-4.2 cups-2.4.11-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 cups-client-2.4.11-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 cups-config-2.4.11-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 cups-ddk-2.4.11-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 cups-devel-2.4.11-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 libcups2-2.4.11-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 libcupsimage2-2.4.11-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 cups-config-2.4.2-5.6 as a component of SUSE Linux Micro 6.0 libcups2-2.4.2-5.6 as a component of SUSE Linux Micro 6.0 cups-config-2.4.10-slfo.1.1_1.4 as a component of SUSE Linux Micro 6.1 libcups2-2.4.10-slfo.1.1_1.4 as a component of SUSE Linux Micro 6.1 cups-2.3.3op2-4.2 as a component of openSUSE Tumbleweed cups-client-2.3.3op2-4.2 as a component of openSUSE Tumbleweed cups-config-2.3.3op2-4.2 as a component of openSUSE Tumbleweed cups-ddk-2.3.3op2-4.2 as a component of openSUSE Tumbleweed cups-devel-2.3.3op2-4.2 as a component of openSUSE Tumbleweed cups-devel-32bit-2.3.3op2-4.2 as a component of openSUSE Tumbleweed libcups2-2.3.3op2-4.2 as a component of openSUSE Tumbleweed libcups2-32bit-2.3.3op2-4.2 as a component of openSUSE Tumbleweed libcupsimage2-2.3.3op2-4.2 as a component of openSUSE Tumbleweed libcupsimage2-32bit-2.3.3op2-4.2 as a component of openSUSE Tumbleweed cups154 as a component of SUSE Linux Enterprise Module for Legacy 12 cups154-client as a component of SUSE Linux Enterprise Module for Legacy 12 cups154-filters as a component of SUSE Linux Enterprise Module for Legacy 12 cups154-libs as a component of SUSE Linux Enterprise Module for Legacy 12 The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. CVE-2005-3624 SUSE Linux Enterprise Server 16.0:cups-2.4.11-160000.2.2 SUSE Linux Enterprise Server 16.0:cups-client-2.4.11-160000.2.2 SUSE Linux Enterprise Server 16.0:cups-config-2.4.11-160000.2.2 SUSE Linux Enterprise Server 16.0:cups-ddk-2.4.11-160000.2.2 SUSE Linux Enterprise Server 16.0:cups-devel-2.4.11-160000.2.2 SUSE Linux Enterprise Server 16.0:libcups2-2.4.11-160000.2.2 SUSE Linux Enterprise Server 16.0:libcupsimage2-2.4.11-160000.2.2 SUSE Linux Micro 6.0:cups-config-2.4.2-5.6 SUSE Linux Micro 6.0:libcups2-2.4.2-5.6 SUSE Linux Micro 6.1:cups-config-2.4.10-slfo.1.1_1.4 SUSE Linux Micro 6.1:libcups2-2.4.10-slfo.1.1_1.4 openSUSE Tumbleweed:cups-2.3.3op2-4.2 openSUSE Tumbleweed:cups-client-2.3.3op2-4.2 openSUSE Tumbleweed:cups-config-2.3.3op2-4.2 openSUSE Tumbleweed:cups-ddk-2.3.3op2-4.2 openSUSE Tumbleweed:cups-devel-2.3.3op2-4.2 openSUSE Tumbleweed:cups-devel-32bit-2.3.3op2-4.2 openSUSE Tumbleweed:libcups2-2.3.3op2-4.2 openSUSE Tumbleweed:libcups2-32bit-2.3.3op2-4.2 openSUSE Tumbleweed:libcupsimage2-2.3.3op2-4.2 openSUSE Tumbleweed:libcupsimage2-32bit-2.3.3op2-4.2 SUSE Linux Enterprise Module for Legacy 12:cups154 SUSE Linux Enterprise Module for Legacy 12:cups154-client SUSE Linux Enterprise Module for Legacy 12:cups154-filters SUSE Linux Enterprise Module for Legacy 12:cups154-libs moderate 5 AV:N/AC:L/Au:N/C:N/I:P/A:N