CVE-2006-1244

N/A Unknown
Published: March 15, 2006 Modified: April 16, 2026
View on NVD

Description

Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed. Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://secunia.com/advisories/18948
Source: cve@mitre.org
Patch Vendor Advisory
http://secunia.com/advisories/19021
Source: cve@mitre.org
Patch Vendor Advisory
http://secunia.com/advisories/19065
Source: cve@mitre.org
Patch Vendor Advisory
http://secunia.com/advisories/19091
Source: cve@mitre.org
Patch Vendor Advisory
http://secunia.com/advisories/19164
Source: cve@mitre.org
Patch Vendor Advisory
http://secunia.com/advisories/19364
Source: cve@mitre.org
Patch Vendor Advisory
http://secunia.com/advisories/19644
Source: cve@mitre.org
Patch Vendor Advisory
http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3.diff.gz
Source: cve@mitre.org
Patch
http://www.debian.org/security/2006/dsa-1019
Source: cve@mitre.org
Patch Vendor Advisory
http://www.debian.org/security/2006/dsa-979
Source: cve@mitre.org
Patch Vendor Advisory
http://www.debian.org/security/2006/dsa-982
Source: cve@mitre.org
Patch Vendor Advisory
http://www.debian.org/security/2006/dsa-983
Source: cve@mitre.org
Patch Vendor Advisory
http://www.debian.org/security/2006/dsa-984
Source: cve@mitre.org
Patch Vendor Advisory
http://www.debian.org/security/2006/dsa-998
Source: cve@mitre.org
Patch Vendor Advisory
http://www.osvdb.org/23834
Source: cve@mitre.org
http://www.securityfocus.com/bid/16748
Source: cve@mitre.org
https://usn.ubuntu.com/270-1/
Source: cve@mitre.org
http://secunia.com/advisories/18948
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://secunia.com/advisories/19021
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://secunia.com/advisories/19065
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://secunia.com/advisories/19091
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://secunia.com/advisories/19164
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://secunia.com/advisories/19364
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://secunia.com/advisories/19644
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3.diff.gz
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
http://www.debian.org/security/2006/dsa-1019
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://www.debian.org/security/2006/dsa-979
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://www.debian.org/security/2006/dsa-982
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://www.debian.org/security/2006/dsa-983
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://www.debian.org/security/2006/dsa-984
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://www.debian.org/security/2006/dsa-998
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://www.osvdb.org/23834
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/16748
Source: af854a3a-2127-422b-91ae-364da2661108
https://usn.ubuntu.com/270-1/
Source: af854a3a-2127-422b-91ae-364da2661108

34 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
3.5%
88th percentile
Exploitation Status
Not in CISA KEV

Affected Vendors

libextractor xpdf gnome debian