CVSS: 7.8EPSS: 49%CPEs: 64EXPL: 0CVE-2011-0764 – t1lib: Invalid pointer dereference via crafted Type 1 font
https://notcve.org/view.php?id=CVE-2011-0764
31 Mar 2011 — t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbitrary code via a crafted Type 1 font in a PDF document, as demonstrated by testz.2184122398.pdf. t1lib v5.1.2 y versiones anteriores, utilizado en Xpdf anterior a v3.02pl6 y otros productos, utiliza un puntero no válido en una operación de eliminación de referencias, permitiendo a atacantes remotos ejecutar códig... • http://rhn.redhat.com/errata/RHSA-2012-1201.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 1%CPEs: 29EXPL: 0CVE-2010-3702 – xpdf: uninitialized Gfx::parser pointer dereference
https://notcve.org/view.php?id=CVE-2010-3702
05 Nov 2010 — The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference. La función Gfx::getPos en el analizador PDF en Xpdf versión anterior a 3.02 PL5, Poppler versión 0.8.7 y posiblemente otras versiones hasta la 0.15.1, CUPS, kdegraphics, y posiblemente otros producto... • ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 75EXPL: 0CVE-2010-3704 – xpdf: array indexing error in FoFiType1::parse()
https://notcve.org/view.php?id=CVE-2010-3704
05 Nov 2010 — The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption. La función FoFiType1::parse en fofi/FoFiType1.cc del parsead... • ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 36EXPL: 0CVE-2009-0165 – Gentoo Linux Security Advisory 201310-03
https://notcve.org/view.php?id=CVE-2009-0165
23 Apr 2009 — Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X, has unspecified impact, related to "g*allocn." Desbordamiento de entero en el decodificador JBIG2 en Xpdf v3.02p12 y anteriores, como se utiliza en Poppler y otros productos, cuando corre en Mac OS X, tiene un impacto desconocido, relacionado con "g*allocn." Multiple vulnerabilities have been found in Poppler, some of which may allow execution of arbitrary code. Versions less t... • http://bugs.gentoo.org/show_bug.cgi?id=263028 • CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 38%CPEs: 35EXPL: 0CVE-2009-0195 – xpdf: Multiple buffer overflows in JBIG2 decoder (setBitmap, readSymbolDictSeg) (CVE-2009-0195)
https://notcve.org/view.php?id=CVE-2009-0195
23 Apr 2009 — Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execute arbitrary code via a PDF file with crafted JBIG2 symbol dictionary segments. Desbordamiento de búfer basado en montículo en Xpdf v3.02p12 y anteriores, CUPS v1.3.9 y probablemente otros productos, permite a atacantes remotos ejecutar código de forma arbitraria a través de un fichero PDF con segmentos JBIG2 de diccionario simbólico manipulados. Multiple vulnerabilities have been... • http://rhn.redhat.com/errata/RHSA-2009-0458.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 19%CPEs: 17EXPL: 1CVE-2007-0104
https://notcve.org/view.php?id=CVE-2007-0104
09 Jan 2007 — The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node. La especificación de Adobe PDF versión 1.3, implementada por (a) xpdf versión 3... • http://docs.info.apple.com/article.html?artnum=305214 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 39EXPL: 0CVE-2006-1244
https://notcve.org/view.php?id=CVE-2006-1244
15 Mar 2006 — Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE... • http://secunia.com/advisories/18948 •
CVSS: 7.8EPSS: 27%CPEs: 1EXPL: 0CVE-2005-3192
https://notcve.org/view.php?id=CVE-2005-3192
08 Dec 2005 — Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitrary code via a PDF file with an out-of-range numComps (number of components) field. • ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.01pl1.patch • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.1EPSS: 0%CPEs: 15EXPL: 0CVE-2005-3191
https://notcve.org/view.php?id=CVE-2005-3191
07 Dec 2005 — Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KDE kpdf, (d) pdftohtml, (e) KOffice KWord, (f) CUPS, and (g) libextractor allow user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with an out-of-range number of components (numComps),... • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.1EPSS: 0%CPEs: 15EXPL: 0CVE-2005-3193
https://notcve.org/view.php?id=CVE-2005-3193
07 Dec 2005 — Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and (5) libextractor allows user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with large size values that cause insufficient memory to be allocated. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •