CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7175
https://notcve.org/view.php?id=CVE-2018-7175
15 Feb 2018 — An issue was discovered in xpdf 4.00. A NULL pointer dereference in readCodestream allows an attacker to cause denial of service via a JPX image with zero components. Se ha descubierto un problema en xpdf 4.00. Una desreferencia de puntero NULL en readCodestream permite que un atacante provoque una denegación de servicio (DoS) mediante una imagen JPX con cero componentes. • https://forum.xpdfreader.com/viewtopic.php?f=3&t=613 • CWE-476: NULL Pointer Dereference •
CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 0CVE-2011-2902
https://notcve.org/view.php?id=CVE-2011-2902
30 Jan 2018 — zxpdf in xpdf before 3.02-19 as packaged in Debian unstable and 3.02-12+squeeze1 as packaged in Debian squeeze deletes temporary files insecurely, which allows remote attackers to delete arbitrary files via a crafted .pdf.gz file name. zxpdf en xpdf, en versiones anteriores a la 3.02-19, tal y como se distribuye en Debian unstable y 3.02-12+squeeze1 tal y como se distribuye en Debian squeeze, elimina archivos temporales de forma no segura. Esto permite que los atacantes remotos eliminen archivos arbitrarios... • http://www.openwall.com/lists/oss-security/2014/02/08/5 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 2CVE-2012-2142 – Slackware Security Advisory - xpdf Updates
https://notcve.org/view.php?id=CVE-2012-2142
23 Aug 2013 — The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator. La función error en el archivo Error.cc en poppler versiones anteriores a 0.21.4, permite a atacantes remotos ejecutar comandos arbitrarios por medio de un PDF que contiene una secuencia de escape para un emulador terminal. New xpdf packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security... • http://cgit.freedesktop.org/poppler/poppler/commit/?id=71bad47ed6a36d825b0d08992c8db56845c71e40 •
CVSS: 6.8EPSS: 2%CPEs: 64EXPL: 0CVE-2011-1554 – t1lib: Off-by-one via crafted Type 1 font
https://notcve.org/view.php?id=CVE-2011-1554
31 Mar 2011 — Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid pointer dereference, a different vulnerability than CVE-2011-0764. Error Off-by-one en t1lib v5.1.2 y anteriores, como se usaba en Xpdf anterior a v3.02pl6 y otros productos, permite a atacantes remotos provocar una... • http://rhn.redhat.com/errata/RHSA-2012-1201.html • CWE-189: Numeric Errors CWE-193: Off-by-one Error •
CVSS: 5.5EPSS: 2%CPEs: 64EXPL: 0CVE-2011-1552 – t1lib: invalid read crash via crafted Type 1 font
https://notcve.org/view.php?id=CVE-2011-1552
31 Mar 2011 — t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, reads from invalid memory locations, which allows remote attackers to cause a denial of service (application crash) via a crafted Type 1 font in a PDF document, a different vulnerability than CVE-2011-0764. t1lib v5.1.2 y versiones anteriores, utilizando en Xpdf anterior a v3.02pl6 y otros productos, realiza lecturas desde posiciones de memoria inválidas, permitiendo a atacantes remotos provocar una denegación de servicio (c... • http://rhn.redhat.com/errata/RHSA-2012-1201.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 2%CPEs: 64EXPL: 0CVE-2011-1553 – t1lib: Use-after-free via crafted Type 1 font
https://notcve.org/view.php?id=CVE-2011-1553
31 Mar 2011 — Use-after-free vulnerability in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory write, a different vulnerability than CVE-2011-0764. Vulnerabilidad liberar después de usar (use-after-free) en t1lib v5.1.2 y anteriores, utilizado en Xpdf anterior a v3.02pl6 y otros productos, permite a atacantes remotos provocar una de... • http://rhn.redhat.com/errata/RHSA-2012-1201.html • CWE-399: Resource Management Errors CWE-416: Use After Free •
CVSS: 7.8EPSS: 49%CPEs: 64EXPL: 0CVE-2011-0764 – t1lib: Invalid pointer dereference via crafted Type 1 font
https://notcve.org/view.php?id=CVE-2011-0764
31 Mar 2011 — t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbitrary code via a crafted Type 1 font in a PDF document, as demonstrated by testz.2184122398.pdf. t1lib v5.1.2 y versiones anteriores, utilizado en Xpdf anterior a v3.02pl6 y otros productos, utiliza un puntero no válido en una operación de eliminación de referencias, permitiendo a atacantes remotos ejecutar códig... • http://rhn.redhat.com/errata/RHSA-2012-1201.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 1%CPEs: 29EXPL: 0CVE-2010-3702 – xpdf: uninitialized Gfx::parser pointer dereference
https://notcve.org/view.php?id=CVE-2010-3702
05 Nov 2010 — The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference. La función Gfx::getPos en el analizador PDF en Xpdf versión anterior a 3.02 PL5, Poppler versión 0.8.7 y posiblemente otras versiones hasta la 0.15.1, CUPS, kdegraphics, y posiblemente otros producto... • ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 75EXPL: 0CVE-2010-3704 – xpdf: array indexing error in FoFiType1::parse()
https://notcve.org/view.php?id=CVE-2010-3704
05 Nov 2010 — The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption. La función FoFiType1::parse en fofi/FoFiType1.cc del parsead... • ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2009-4035 – xpdf: buffer overflow in FoFiType1::parse
https://notcve.org/view.php?id=CVE-2009-4035
21 Dec 2009 — The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers to execute arbitrary code via a PDF file with a crafted Type 1 font that can produce a negative value, leading to a signed-to-unsigned integer conversion error and a buffer overflow. La función FoFiType1::parse en fofi/FoFiType1.cc en Xpdf v3.0.0, en gpdf v2.8.2... • http://cgit.freedesktop.org/poppler/poppler/diff/fofi/FoFiType1.cc?id=4b4fc5c0 • CWE-94: Improper Control of Generation of Code ('Code Injection') •