CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-19149 – poppler: NULL pointer dereference in _poppler_attachment_new
https://notcve.org/view.php?id=CVE-2018-19149
10 Nov 2018 — Poppler before 0.70.0 has a NULL pointer dereference in _poppler_attachment_new when called from poppler_annot_file_attachment_get_attachment. Poppler en versiones anteriores a 0.70.0 tiene una desreferencia de puntero NULL en _poppler_attachment_new cuando se llama desde poppler_annot_fichero_attachment_attachment_get_attachment. It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service. It was discovered that poppler incorr... • http://www.securityfocus.com/bid/106031 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 1CVE-2018-13988 – poppler: out of bounds read in pdfunite
https://notcve.org/view.php?id=CVE-2018-13988
22 Jul 2018 — Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. This can result in memory corruption and denial of service. This may be exploitable when a victim opens a specially crafted PDF file. Poppler hasta la versión 0.62 contiene una vulnerabilidad de lectura fuera de límites debido a un acceso incorrecto a la memoria que no se mapea en su espacio de memoria, tal y como queda demostrado con pdfuni... • https://packetstorm.news/files/id/148661 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 1CVE-2017-18267 – poppler: Infinite recursion in fofi/FoFiType1C.cc:FoFiType1C::cvtGlyph() function allows denial of service
https://notcve.org/view.php?id=CVE-2017-18267
10 May 2018 — The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service (infinite recursion) via a crafted PDF file, as demonstrated by pdftops. La función FoFiType1C::cvtGlyph en fofi/FoFiType1C.cc en Poppler 0.64.0 permite que atacantes remotos provoquen una denegación de servicio (recursión infinita) mediante un archivo PDF manipulado, tal y como demuestra pdftops. It was discovered that poppler incorrectly handled certain PDF files. An attac... • https://access.redhat.com/errata/RHBA-2019:0327 • CWE-674: Uncontrolled Recursion CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 1CVE-2017-15565 – Debian Security Advisory 4079-1
https://notcve.org/view.php?id=CVE-2017-15565
17 Oct 2017 — In Poppler 0.59.0, a NULL Pointer Dereference exists in the GfxImageColorMap::getGrayLine() function in GfxState.cc via a crafted PDF document. En Poppler 0.59.0, existe una desreferencia de puntero NULL en la función GfxImageColorMap::getGrayLine() en GfxState.cc mediante un documento PDF manipulado. Multiple vulnerabilities were discovered in the poppler PDF rendering library, which could result in denial of service or the execution of arbitrary code if a malformed PDF file is processed. • https://bugs.freedesktop.org/show_bug.cgi?id=103016 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2017-14975 – Debian Security Advisory 4079-1
https://notcve.org/view.php?id=CVE-2017-14975
01 Oct 2017 — The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability because a data structure is not initialized, which allows an attacker to launch a denial of service attack. La función FoFiType1C::convertToType0 en FoFiType1C.cc en Poppler 0.59.0 tiene una vulnerabilidad de desreferencia de puntero NULL porque una estructura de datos no se inicializa, lo que permite a un atacante provocar un ataque de denegación de servicio (DoS). It was discovered that ... • https://bugzilla.freedesktop.org/show_bug.cgi?id=102653 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2017-14977 – Debian Security Advisory 4079-1
https://notcve.org/view.php?id=CVE-2017-14977
01 Oct 2017 — The FoFiTrueType::getCFFBlock function in FoFiTrueType.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability due to lack of validation of a table pointer, which allows an attacker to launch a denial of service attack. La función FoFiTrueType::getCFFBlock en FoFiTrueType.cc en Poppler 0.59.0 tiene una vulnerabilidad de desreferencia de puntero NULL debida a la ausencia de validación de un puntero de tabla, lo que permite a un atacante provocar un ataque de denegación de servicio (DoS). It was dis... • https://bugs.freedesktop.org/show_bug.cgi?id=103045 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2017-14976 – Debian Security Advisory 4079-1
https://notcve.org/view.php?id=CVE-2017-14976
01 Oct 2017 — The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a heap-based buffer over-read vulnerability if an out-of-bounds font dictionary index is encountered, which allows an attacker to launch a denial of service attack. La función FoFiType1C::convertToType0 en FoFiType1C.cc en Poppler 0.59.0 puede sufrir una vulnerabilidad de sobrelectura de búfer basada en memoria dinámica (heap) si se utiliza una fuente que provoca una indexación fuera de la memoria, lo que permite a un atacante pr... • https://bugzilla.freedesktop.org/show_bug.cgi?id=102724 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-14928
https://notcve.org/view.php?id=CVE-2017-14928
29 Sep 2017 — In Poppler 0.59.0, a NULL Pointer Dereference exists in AnnotRichMedia::Configuration::Configuration in Annot.cc via a crafted PDF document. En Poppler 0.59.0, existe una desreferencia de puntero NULL en AnnotRichMedia::Configuration::Configuration en Annot.cc mediante un documento PDF manipulado. • https://bugs.freedesktop.org/show_bug.cgi?id=102607 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-14926
https://notcve.org/view.php?id=CVE-2017-14926
29 Sep 2017 — In Poppler 0.59.0, a NULL Pointer Dereference exists in AnnotRichMedia::Content::Content in Annot.cc via a crafted PDF document. En Poppler 0.59.0, existe una desreferencia de puntero NULL en AnnotRichMedia::Content::Content en Annot.cc mediante un documento PDF manipulado. • https://bugs.freedesktop.org/show_bug.cgi?id=102601 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14927
https://notcve.org/view.php?id=CVE-2017-14927
29 Sep 2017 — In Poppler 0.59.0, a NULL Pointer Dereference exists in the SplashOutputDev::type3D0() function in SplashOutputDev.cc via a crafted PDF document. En Poppler 0.59.0, existe una desreferencia de puntero NULL en la función SplashOutputDev::type3D0() en SplashOutputDev.cc mediante un documento PDF manipulado. • https://bugs.freedesktop.org/show_bug.cgi?id=102604 • CWE-476: NULL Pointer Dereference •