CVSS: 7.8EPSS: 3%CPEs: 3EXPL: 0CVE-2011-0433 – t1lib: Heap-based buffer overflow DVI file AFM font parser
https://notcve.org/view.php?id=CVE-2011-0433
19 Nov 2012 — Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, a different vulnerability than CVE-2010-2642. Un desbordamiento de búfer basado en memoria dinámica ('heap') en la función linetoken en afmparse.c en t1lib, tal y como se utiliza en teTeX v3.0.x, GNOME Ev... • http://rhn.redhat.com/errata/RHSA-2012-1201.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 8.8EPSS: 3%CPEs: 3EXPL: 0CVE-2011-5244 – Gentoo Linux Security Advisory 201701-57
https://notcve.org/view.php?id=CVE-2011-5244
19 Nov 2012 — Multiple off-by-one errors in the (1) token and (2) linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, different vulnerabilities than CVE-2010-2642 and CVE-2011-0433. Multiples errores off-by-one en las funciones (1) token y (2) linetoken en backend/dvi/MDVI-lib/afmpa... • http://git.gnome.org/browse/evince/commit/?id=439c5070022e • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 7%CPEs: 62EXPL: 1CVE-2009-3608 – xpdf/poppler: integer overflow in ObjectStream::ObjectStream (oCERT-2009-016)
https://notcve.org/view.php?id=CVE-2009-3608
21 Oct 2009 — Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. Desbordamiento de entero en la función ObjectStream::ObjectStream en XRef.cc en Xpdf y Poppler, usado en GPdf, kdegraphics KPDF, y CUPS pdftopf y teTeX, podría permitir a atacantes remotos ejecutar cód... • ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 0CVE-2007-5937
https://notcve.org/view.php?id=CVE-2007-5937
13 Nov 2007 — Multiple buffer overflows in dvi2xx.c in dviljk in teTeX and TeXlive 2007 and earlier might allow user-assisted attackers to execute arbitrary code via a crafted DVI input file. Múltiples desbordamientos de búfer en el archivo dvi2xx.c en dviljk en teTeX y TeXlive 2007 y anteriores, podrían permitir a atacantes asistidos por el usuario ejecutar código arbitrario por medio de un archivo de entrada DVI diseñado. • http://bugs.gentoo.org/attachment.cgi?id=135423 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 2%CPEs: 2EXPL: 1CVE-2007-5935 – dvips -z buffer overflow with long href
https://notcve.org/view.php?id=CVE-2007-5935
13 Nov 2007 — Stack-based buffer overflow in hpc.c in dvips in teTeX and TeXlive 2007 and earlier allows user-assisted attackers to execute arbitrary code via a DVI file with a long href tag. Desbodarmiento de búfer basado en pila en hpc.c en dvips en teTeX y TeXlive 2007 y anteriores permite a atacantes con la intervención del usuario ejecutar código de su elección a través de un archivo DVI conm una etiqueta href larga. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=447081 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2007-5936
https://notcve.org/view.php?id=CVE-2007-5936
13 Nov 2007 — dvips in teTeX and TeXlive 2007 and earlier allows local users to obtain sensitive information and modify certain data by creating certain temporary files before they are processed by dviljk, which can then be read or modified in place. dvips en teTex y TeXlive 2007 y anteriores permite a usuarios locales obtener información sensible y modificar ciertos datos a través de la creación de ciertos archivos temporales antes de que sean procesados por dviljk, lo cual permite que puedan ser leidos o modificados en... • http://bugs.gentoo.org/attachment.cgi?id=135423 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 1%CPEs: 127EXPL: 1CVE-2005-3626
https://notcve.org/view.php?id=CVE-2005-3626
31 Dec 2005 — Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 1%CPEs: 127EXPL: 1CVE-2005-3625
https://notcve.org/view.php?id=CVE-2005-3625
31 Dec 2005 — Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins." • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt • CWE-399: Resource Management Errors •
CVSS: 9.1EPSS: 2%CPEs: 127EXPL: 1CVE-2005-3624
https://notcve.org/view.php?id=CVE-2005-3624
31 Dec 2005 — The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt • CWE-189: Numeric Errors •
CVSS: 9.1EPSS: 0%CPEs: 146EXPL: 0CVE-2005-0206
https://notcve.org/view.php?id=CVE-2005-0206
15 Feb 2005 — The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities. El parche para corregir las vulnerabilidades de desbordamiento de entero en Xpdf 2.0 y 3.0 (CAN-2004-0888) es incompleto para arquitecturas de 64 bits en ciertas distribuciones de Linux como Red Hat, lo que podría dejar a los usuarios de Xpdf expuestos a las vulnerabilida... • http://www.mandriva.com/security/advisories?name=MDKSA-2005:041 •