Filtered by vendor Xpdfreader
Subscribe
Search
Total
54 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-25725 | 2 Fedoraproject, Xpdfreader | 2 Fedora, Xpdf | 2023-12-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| In Xpdf 4.02, SplashOutputDev::endType3Char(GfxState *state) SplashOutputDev.cc:3079 is trying to use the freed `t3GlyphStack->cache`, which causes an `heap-use-after-free` problem. The codes of a previous fix for nested Type 3 characters wasn't correctly handling the case where a Type 3 char referred to another char in the same Type 3 font. | |||||
| CVE-2022-48545 | 1 Xpdfreader | 1 Xpdf | 2023-08-28 | N/A | 5.5 MEDIUM |
| An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02. | |||||
| CVE-2022-41844 | 1 Xpdfreader | 1 Xpdf | 2023-08-08 | N/A | 5.5 MEDIUM |
| An issue was discovered in Xpdf 4.04. There is a crash in XRef::fetch(int, int, Object*, int) in xpdf/XRef.cc, a different vulnerability than CVE-2018-16369 and CVE-2019-16088. | |||||
| CVE-2022-41842 | 1 Xpdfreader | 1 Xpdf | 2023-08-08 | N/A | 5.5 MEDIUM |
| An issue was discovered in Xpdf 4.04. There is a crash in gfseek(_IO_FILE*, long, int) in goo/gfile.cc. | |||||
| CVE-2022-33108 | 1 Xpdfreader | 1 Xpdf | 2022-07-08 | 6.8 MEDIUM | 7.8 HIGH |
| XPDF v4.04 was discovered to contain a stack overflow vulnerability via the Object::Copy class of object.cc files. | |||||
| CVE-2021-27548 | 1 Xpdfreader | 1 Xpdf | 2022-05-26 | 4.3 MEDIUM | 5.5 MEDIUM |
| There is a Null Pointer Dereference vulnerability in the XFAScanner::scanNode() function in XFAScanner.cc in xpdf 4.03. | |||||
| CVE-2022-30775 | 1 Xpdfreader | 1 Xpdf | 2022-05-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| xpdf 4.04 allocates excessive memory when presented with crafted input. This can be triggered by (for example) sending a crafted PDF document to the pdftoppm binary. It is most easily reproduced with the DCMAKE_CXX_COMPILER=afl-clang-fast++ option. | |||||
| CVE-2022-30524 | 1 Xpdfreader | 1 Xpdf | 2022-05-18 | 6.8 MEDIUM | 7.8 HIGH |
| There is an invalid memory access in the TextLine class in TextOutputDev.cc in Xpdf 4.0.4 because the text extractor mishandles characters at large y coordinates. It can be triggered by (for example) sending a crafted pdf file to the pdftotext binary, which allows a remote attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. | |||||
| CVE-2022-27135 | 1 Xpdfreader | 1 Xpdf | 2022-05-05 | 4.3 MEDIUM | 5.5 MEDIUM |
| xpdf 4.03 has heap buffer overflow in the function readXRefTable located in XRef.cc. An attacker can exploit this bug to cause a Denial of Service (Segmentation fault) or other unspecified effects by sending a crafted PDF file to the pdftoppm binary. | |||||
| CVE-2019-9878 | 2 Pdfalto Project, Xpdfreader | 2 Pdfalto, Xpdf | 2021-07-21 | 6.8 MEDIUM | 7.8 HIGH |
| There is an invalid memory access in the function GfxIndexedColorSpace::mapColorToBase() located in GfxState.cc in Xpdf 4.0.0, as used in pdfalto 0.2. It can be triggered by (for example) sending a crafted pdf file to the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. | |||||
| CVE-2019-9877 | 1 Xpdfreader | 1 Xpdf | 2021-07-21 | 6.8 MEDIUM | 7.8 HIGH |
| There is an invalid memory access vulnerability in the function TextPage::findGaps() located at TextOutputDev.c in Xpdf 4.01, which can (for example) be triggered by sending a crafted pdf file to the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. | |||||
| CVE-2020-35376 | 2 Fedoraproject, Xpdfreader | 2 Fedora, Xpdf | 2021-02-23 | 5.0 MEDIUM | 7.5 HIGH |
| Xpdf 4.02 allows stack consumption because of an incorrect subroutine reference in a Type 1C font charstring, related to the FoFiType1C::getOp() function. | |||||
| CVE-2007-3387 | 6 Apple, Canonical, Debian and 3 more | 6 Cups, Ubuntu Linux, Debian Linux and 3 more | 2020-12-23 | 6.8 MEDIUM | N/A |
| Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function. | |||||
| CVE-2010-3702 | 9 Apple, Canonical, Debian and 6 more | 11 Cups, Ubuntu Linux, Debian Linux and 8 more | 2020-12-23 | 7.5 HIGH | N/A |
| The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference. | |||||
| CVE-2019-10018 | 1 Xpdfreader | 1 Xpdf | 2020-11-09 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpIdiv case. | |||||
| CVE-2020-24999 | 1 Xpdfreader | 1 Xpdf | 2020-09-11 | 6.8 MEDIUM | 7.8 HIGH |
| There is an invalid memory access in the function fprintf located in Error.cc in Xpdf 4.0.2. It can be triggered by sending a crafted PDF file to the pdftohtml binary, which allows a remote attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. | |||||
| CVE-2020-24996 | 1 Xpdfreader | 1 Xpdf | 2020-09-11 | 6.8 MEDIUM | 7.8 HIGH |
| There is an invalid memory access in the function TextString::~TextString() located in Catalog.cc in Xpdf 4.0.2. It can be triggered by (for example) sending a crafted pdf file to the pdftohtml binary, which allows a remote attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. | |||||
| CVE-2018-8100 | 1 Xpdfreader | 1 Xpdf | 2020-08-24 | 6.8 MEDIUM | 7.8 HIGH |
| The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a specific pdf file, as demonstrated by pdftohtml. | |||||
| CVE-2012-2142 | 4 Freedesktop, Opensuse, Redhat and 1 more | 4 Poppler, Opensuse, Enterprise Linux and 1 more | 2020-01-15 | 6.8 MEDIUM | 7.8 HIGH |
| The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator. | |||||
| CVE-2010-0207 | 2 Debian, Xpdfreader | 2 Debian Linux, Xpdf | 2019-11-01 | 4.3 MEDIUM | 5.5 MEDIUM |
| In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial of service (application crash) in xpdf-based PDF viewers. | |||||
| CVE-2010-0206 | 2 Debian, Xpdfreader | 2 Debian Linux, Xpdf | 2019-11-01 | 4.3 MEDIUM | 5.5 MEDIUM |
| xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream objects. | |||||
| CVE-2018-7453 | 1 Xpdfreader | 1 Xpdf | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| Infinite recursion in AcroForm::scanField in AcroForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file due to lack of loop checking, as demonstrated by pdftohtml. | |||||
| CVE-2018-16368 | 1 Xpdfreader | 1 Xpdf | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm. | |||||
| CVE-2018-16369 | 1 Xpdfreader | 1 Xpdf | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (stack consumption) via a crafted pdf file, related to AcroForm::scanField, as demonstrated by pdftohtml. NOTE: this might overlap CVE-2018-7453. | |||||
| CVE-2018-18454 | 1 Xpdfreader | 1 Xpdf | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| CCITTFaxStream::readRow() in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm. | |||||
| CVE-2018-18651 | 1 Xpdfreader | 1 Xpdf | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Xpdf 4.00. catalog->getNumPages() in AcroForm.cc allows attackers to launch a denial of service (hang caused by large loop) via a specific pdf file, as demonstrated by pdftohtml. This is mainly caused by a large number after the /Count field in the file. | |||||
| CVE-2018-7174 | 1 Xpdfreader | 1 Xpdf | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in xpdf 4.00. An infinite loop in XRef::Xref allows an attacker to cause denial of service because loop detection exists only for tables, not streams. | |||||
| CVE-2018-8101 | 1 Xpdfreader | 1 Xpdf | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| The JPXStream::inverseTransformLevel function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml. | |||||
| CVE-2018-8102 | 1 Xpdfreader | 1 Xpdf | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| The JBIG2MMRDecoder::getBlackCode function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launch denial of service (buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml. | |||||
| CVE-2018-8103 | 1 Xpdfreader | 1 Xpdf | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| The JBIG2Stream::readGenericBitmap function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml. | |||||
| CVE-2018-8104 | 1 Xpdfreader | 1 Xpdf | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| The BufStream::lookChar function in Stream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml. | |||||
| CVE-2018-8105 | 1 Xpdfreader | 1 Xpdf | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| The JPXStream::fillReadBuf function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml. | |||||
| CVE-2018-8106 | 1 Xpdfreader | 1 Xpdf | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| The JPXStream::readTilePartData function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml. | |||||
| CVE-2018-8107 | 1 Xpdfreader | 1 Xpdf | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| The JPXStream::close function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml. | |||||
| CVE-2019-10021 | 1 Xpdfreader | 1 Xpdf | 2019-06-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nComps. | |||||
| CVE-2019-10023 | 1 Xpdfreader | 1 Xpdf | 2019-06-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpMod case. | |||||
| CVE-2019-10019 | 1 Xpdfreader | 1 Xpdf | 2019-06-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PSOutputDev::checkPageSlice at PSOutputDev.cc for nStripes. | |||||
| CVE-2019-10020 | 1 Xpdfreader | 1 Xpdf | 2019-03-25 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for x Bresenham parameters. | |||||
| CVE-2019-10022 | 1 Xpdfreader | 1 Xpdf | 2019-03-25 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Xpdf 4.01.01. There is a NULL pointer dereference in the function Gfx::opSetExtGState in Gfx.cc. | |||||
| CVE-2019-10024 | 1 Xpdfreader | 1 Xpdf | 2019-03-25 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for y Bresenham parameters. | |||||
| CVE-2019-10025 | 1 Xpdfreader | 1 Xpdf | 2019-03-25 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nBits. | |||||
| CVE-2019-10026 | 1 Xpdfreader | 1 Xpdf | 2019-03-25 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec in Function.cc for the psOpRoll case. | |||||
| CVE-2018-18650 | 1 Xpdfreader | 1 Xpdf | 2018-12-06 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows attackers to launch a denial of service (Integer Overflow) via a crafted /Size value in a pdf file, as demonstrated by pdftohtml. This is mainly caused by the program attempting a malloc operation for a large amount of memory. | |||||
| CVE-2018-18455 | 1 Xpdfreader | 1 Xpdf | 2018-11-30 | 4.3 MEDIUM | 5.5 MEDIUM |
| The GfxImageColorMap class in GfxState.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm. | |||||
| CVE-2018-18456 | 1 Xpdfreader | 1 Xpdf | 2018-11-30 | 4.3 MEDIUM | 5.5 MEDIUM |
| The function Object::isName() in Object.h (called from Gfx::opSetFillColorN) in Xpdf 4.00 allows remote attackers to cause a denial of service (stack-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm. | |||||
| CVE-2018-18457 | 1 Xpdfreader | 1 Xpdf | 2018-11-30 | 4.3 MEDIUM | 5.5 MEDIUM |
| The function DCTStream::readScan in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm. | |||||
| CVE-2018-18458 | 1 Xpdfreader | 1 Xpdf | 2018-11-30 | 4.3 MEDIUM | 5.5 MEDIUM |
| The function DCTStream::decodeImage in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm. | |||||
| CVE-2018-18459 | 1 Xpdfreader | 1 Xpdf | 2018-11-30 | 4.3 MEDIUM | 5.5 MEDIUM |
| The function DCTStream::getBlock in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm. | |||||
| CVE-2018-11033 | 1 Xpdfreader | 1 Xpdf | 2018-06-19 | 6.8 MEDIUM | 7.8 HIGH |
| The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in xpdf before 4.00 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JPEG data. | |||||
| CVE-2018-7452 | 1 Xpdfreader | 1 Xpdf | 2018-03-17 | 4.3 MEDIUM | 5.5 MEDIUM |
| A NULL pointer dereference in JPXStream::fillReadBuf in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml. | |||||