RSS   Vulnerabilities for 'XPDF'   RSS

2022-05-18
 
CVE-2021-27548

CWE-476
 

 
There is a Null Pointer Dereference vulnerability in the XFAScanner::scanNode() function in XFAScanner.cc in xpdf 4.03.

 
2020-12-26
 
CVE-2020-35376

CWE-787
 

 
Xpdf 4.02 allows stack consumption because of an incorrect subroutine reference in a Type 1C font charstring, related to the FoFiType1C::getOp() function.

 
2020-09-03
 
CVE-2020-24999

CWE-787
 

 
There is an invalid memory access in the function fprintf located in Error.cc in Xpdf 4.0.2. It can be triggered by sending a crafted PDF file to the pdftohtml binary, which allows a remote attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact.

 
 
CVE-2020-24996

CWE-665
 

 
There is an invalid memory access in the function TextString::~TextString() located in Catalog.cc in Xpdf 4.0.2. It can be triggered by (for example) sending a crafted pdf file to the pdftohtml binary, which allows a remote attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact.

 
2020-01-09
 
CVE-2012-2142

NVD-CWE-Other
 

 
The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator.

 
2019-03-24
 
CVE-2019-10026

CWE-369
 

 
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec in Function.cc for the psOpRoll case.

 
 
CVE-2019-10025

CWE-369
 

 
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nBits.

 
 
CVE-2019-10024

CWE-369
 

 
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for y Bresenham parameters.

 
 
CVE-2019-10023

CWE-369
 

 
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpMod case.

 
 
CVE-2019-10022

CWE-476
 

 
An issue was discovered in Xpdf 4.01.01. There is a NULL pointer dereference in the function Gfx::opSetExtGState in Gfx.cc.

 


Copyright 2024, cxsecurity.com

 

Back to Top