CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 1CVE-2013-1790 – Gentoo Linux Security Advisory 201310-03
https://notcve.org/view.php?id=CVE-2013-1790
09 Apr 2013 — poppler/Stream.cc in poppler before 0.22.1 allows context-dependent attackers to have an unspecified impact via vectors that trigger a read of uninitialized memory by the CCITTFaxStream::lookChar function. poppler/Stream.cc en poppler anterior a 0.22.1 permite a atacantes dependientes de contexto tener un impacto no especificado a través de vectores que provocan una lectura de memoria no inicializada por la función CCITTFaxStream::lookChar Multiple vulnerabilities have been found in Poppler, some of which m... • http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=b1026b5978c385328f2a15a2185c599a563edf91 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 6%CPEs: 29EXPL: 0CVE-2010-3702 – xpdf: uninitialized Gfx::parser pointer dereference
https://notcve.org/view.php?id=CVE-2010-3702
05 Nov 2010 — The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference. La función Gfx::getPos en el analizador PDF en Xpdf versión anterior a 3.02 PL5, Poppler versión 0.8.7 y posiblemente otras versiones hasta la 0.15.1, CUPS, kdegraphics, y posiblemente otros producto... • ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch • CWE-476: NULL Pointer Dereference •
CVSS: 6.8EPSS: 1%CPEs: 35EXPL: 0CVE-2010-3703 – poppler: use of initialized pointer in PostScriptFunction
https://notcve.org/view.php?id=CVE-2010-3703
05 Nov 2010 — The PostScriptFunction::PostScriptFunction function in poppler/Function.cc in the PDF parser in poppler 0.8.7 and possibly other versions up to 0.15.1, and possibly other products, allows context-dependent attackers to cause a denial of service (crash) via a PDF file that triggers an uninitialized pointer dereference. La función PostScriptFunction::PostScriptFunction en poppler/Function.cc en el analizador de PDF de poppler v0.8.7 y posiblemente otras versiones hasta v0.15.1, y posiblemente otros, permite p... • http://cgit.freedesktop.org/poppler/poppler/commit/?id=bf2055088a3a2d3bb3d3c37d464954ec1a25771f • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 3%CPEs: 75EXPL: 0CVE-2010-3704 – xpdf: array indexing error in FoFiType1::parse()
https://notcve.org/view.php?id=CVE-2010-3704
05 Nov 2010 — The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption. La función FoFiType1::parse en fofi/FoFiType1.cc del parsead... • ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch • CWE-20: Improper Input Validation •