Page 17 of 135 results (0.003 seconds)

CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0

Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document. Un desbordamiento de enteros que conduce a un desbordamiento de búfer basado en memoria dinámica (heap) en JBIG2Stream.cc en pdftocairo en Poppler en versiones anteriores a la 0.56 permite que atacantes remotos provoquen una denegación de servicio (cierre inesperado de la aplicación) o, posiblemente, cualquier otro tipo de problema mediante un documento PDF modificado. An integer overflow leading to heap-based buffer overflow was found in the poppler library. An attacker could create a malicious PDF file that would cause applications that use poppler (such as Evince) to crash, or potentially execute arbitrary code when opened. • http://www.securityfocus.com/bid/99240 https://access.redhat.com/errata/RHSA-2017:2550 https://access.redhat.com/errata/RHSA-2017:2551 https://bugs.freedesktop.org/show_bug.cgi?id=101541 https://www.debian.org/security/2018/dsa-4079 https://access.redhat.com/security/cve/CVE-2017-9776 https://bugzilla.redhat.com/show_bug.cgi?id=1466443 • CWE-190: Integer Overflow or Wraparound •

CVSS: 6.5EPSS: 0%CPEs: 13EXPL: 0

Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document. Un desbordamiento de búfer basado en pila en JBIG2Stream.cc en pdftocairo en Poppler en versiones anteriores a la 0.56 permite que atacantes remotos provoquen una denegación de servicio (cierre inesperado de la aplicación) mediante un documento PDF modificado. A stack-based buffer overflow was found in the poppler library. An attacker could create a malicious PDF file that would cause applications that use poppler (such as Evince) to crash, or potentially execute arbitrary code when opened. • http://www.securityfocus.com/bid/99241 https://access.redhat.com/errata/RHSA-2017:2551 https://bugs.freedesktop.org/show_bug.cgi?id=101540 https://www.debian.org/security/2018/dsa-4079 https://access.redhat.com/security/cve/CVE-2017-9775 https://bugzilla.redhat.com/show_bug.cgi?id=1466442 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1

poppler through version 0.55.0 is vulnerable to an uncontrolled recursion in pdfunite resulting into potential denial-of-service. poppler hasta versión 0.55.0, es vulnerable a una recursión no controlada en pdfunite resultando en una potencial denegación de servicio. • https://bugs.freedesktop.org/show_bug.cgi?id=101208 • CWE-674: Uncontrolled Recursion •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

In Poppler 0.54.0, a memory leak vulnerability was found in the function Object::initArray in Object.cc, which allows attackers to cause a denial of service via a crafted file. En Poppler 0.54.0 se ha encontrado una vulnerabilidad de filtrado de memoria en la función Object::initArray en Object.cc que permite a los atacantes provocar una denegación de servicio (DoS) mediante un archivo manipulado. • https://bugs.freedesktop.org/show_bug.cgi?id=100776 https://security.gentoo.org/glsa/201801-17 https://www.debian.org/security/2018/dsa-4079 • CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

In Poppler 0.54.0, a memory leak vulnerability was found in the function gmalloc in gmem.cc, which allows attackers to cause a denial of service via a crafted file. En Poppler 0.54.0 se ha encontrado una vulnerabilidad de filtrado de memoria en la función gmalloc en gmem.cc que permite a los atacantes provocar una denegación de servicio (DoS) mediante un archivo manipulado. • https://bugs.freedesktop.org/show_bug.cgi?id=100775 https://security.gentoo.org/glsa/201801-17 https://www.debian.org/security/2018/dsa-4079 • CWE-772: Missing Release of Resource after Effective Lifetime •