Page 28 of 140 results (0.010 seconds)

CVSS: 10.0EPSS: 5%CPEs: 93EXPL: 0

Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888. • http://marc.info/?l=bugtraq&m=109880927526773&w=2 http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml http://www.mandriva.com/security/advisories?name=MDKSA-2004:113 http://www.securityfocus.com/bid/11501 https://exchange.xforce.ibmcloud.com/vulnerabilities/17819 •

CVSS: 7.5EPSS: 5%CPEs: 14EXPL: 1

Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink. Varios visores de PDF, incluidos Adobe Acrobat 5.06 y Xpdf 1.01 permiten a atacantes remotos la ejecución arbitraria de comandos mediante metacaracteres de shell en un hipervínculo embebido. • https://www.exploit-db.com/exploits/22771 http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html http://marc.info/?l=bugtraq&m=105777963019186&w=2 http://secunia.com/advisories/9037 http://secunia.com/advisories/9038 http://www.kb.cert.org/vuls/id/200132 http://www.mandriva.com/security/advisories?name=MDKSA-2003:071 http://www.redhat.com/support/errata/RHSA-2003-196.html http://www.redhat.com/support/errata/RHSA-2003-197.html https://oval. •

CVSS: 7.2EPSS: 0%CPEs: 20EXPL: 1

Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf. Desbordamiento de enteros en pdftops, usado en Xpdf 2.01 y anteriores, y CUPS antes de 1.1.18, permite a usuarios locales ejecutar código arbitrario mediante una entrada ColorSpace con un número de elementos largo, como ha sido demostrado por cups-pdf. • http://marc.info/?l=bugtraq&m=104152282309980&w=2 http://www.debian.org/security/2003/dsa-222 http://www.debian.org/security/2003/dsa-226 http://www.debian.org/security/2003/dsa-232 http://www.idefense.com/advisory/12.23.02.txt http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001 http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:002 http://www.novell.com/linux/security/advisories/2003_002_cups.html http://www.redhat.com/support/errata/ •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

xpdf PDF viewer client earlier than 0.91 allows local users to overwrite arbitrary files via a symlink attack. • http://marc.info/?l=bugtraq&m=96766355023239&w=2 http://marc.info/?l=bugtraq&m=96886599829687&w=2 http://www.calderasystems.com/support/security/advisories/CSSA-2000-031.0.txt http://www.redhat.com/support/errata/RHSA-2000-060.html http://www.securityfocus.com/bid/1624 •

CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0

xpdf PDF viewer client earlier than 0.91 does not properly launch a web browser for embedded URL's, which allows an attacker to execute arbitrary commands via a URL that contains shell metacharacters. • http://marc.info/?l=bugtraq&m=96766355023239&w=2 http://marc.info/?l=bugtraq&m=96886599829687&w=2 http://www.calderasystems.com/support/security/advisories/CSSA-2000-031.0.txt http://www.debian.org/security/2000/20000910a http://www.redhat.com/support/errata/RHSA-2000-060.html http://www.securityfocus.com/bid/1624 •