CVE-2018-20797
https://notcve.org/view.php?id=CVE-2018-20797
An issue was discovered in PoDoFo 0.9.6. There is an attempted excessive memory allocation in PoDoFo::podofo_calloc in base/PdfMemoryManagement.cpp when called from PoDoFo::PdfPredictorDecoder::PdfPredictorDecoder in base/PdfFiltersPrivate.cpp. Se ha descubierto un problema en PoDoFo 0.9.6. Hay un intento de asignación de memoria excesiva en PoDoFo::podofo_calloc en base/PdfMemoryManagement.cpp cuando es llamado desde PoDoFo::PdfPredictorDecoder::PdfPredictorDecoder en base/PdfFiltersPrivate.cpp. • https://sourceforge.net/p/podofo/tickets/34 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2019-9199
https://notcve.org/view.php?id=CVE-2019-9199
PoDoFo::Impose::PdfTranslator::setSource() in pdftranslator.cpp in PoDoFo 0.9.6 has a NULL pointer dereference that can (for example) be triggered by sending a crafted PDF file to the podofoimpose binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. PoDoFo::Impose::PdfTranslator::setSource() en pdftranslator.cpp en la versión 0.9.6 de PoDoFo tiene una vulnerabilidad de desreferencia de puntero NULL que puede desencadenarse, por ejemplo, mediante el envío de un archivo PDF manipulado al binario podofoimpose. Permite a un atacante provocar una denegación de servicio (fallo de segmentación) o tener otro impacto no especificado. • https://github.com/jjanku/podofo/commit/ada821df68fb0bf673840ed525daf4ec709dbfd9 https://github.com/mksdev/podofo/commit/1400a9aaf611299b9a56aa2abeb158918b9743c8 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CIC2EXSSMBT3MY2HY42IIY4BUQS2SVYB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NTJ5AAM6Y4NMSELEH7N5ZG4DNO56BCYF https://research.loginsoft.com/bugs/null-pointer-dereference-vulnerability-in-setsource-podofo-0-9-6-trunk-r1967 https://sourceforge.net/p/podofo/t • CWE-476: NULL Pointer Dereference •
CVE-2018-20751
https://notcve.org/view.php?id=CVE-2018-20751
An issue was discovered in crop_page in PoDoFo 0.9.6. For a crafted PDF document, pPage->GetObject()->GetDictionary().AddKey(PdfName("MediaBox"),var) can be problematic due to the function GetObject() being called for the pPage NULL pointer object. The value of pPage at this point is 0x0, which causes a NULL pointer dereference. Se ha descubierto un problema en crop_page en PoDoFo 0.9.6. Para un documento PDF manipulado, pPage->GetObject()->GetDictionary().AddKey(PdfName("MediaBox"),var) puede dar problemas debido a que se llama a la función GetObject() para el objeto de puntero NULL de pPage. • https://research.loginsoft.com/bugs/null-pointer-dereference-vulnerability-in-crop_page-podofo-0-9-6 https://sourceforge.net/p/podofo/tickets/33 • CWE-476: NULL Pointer Dereference •
CVE-2018-19532
https://notcve.org/view.php?id=CVE-2018-19532
A NULL pointer dereference vulnerability exists in the function PdfTranslator::setTarget() in pdftranslator.cpp of PoDoFo 0.9.6, while creating the PdfXObject, as demonstrated by podofoimpose. It allows an attacker to cause Denial of Service. Una vulnerabilidad de desreferencia de puntero NULL existe en la función PdfTranslator::setTarget() en pdftranslator.cpp de PoDoFo 0.9.6, durante la creación de PdfXObject como se demuestra en podofoimpose. Permite a los atacantes remotos provocar un ataque de denegación de servicio (DoS). • https://research.loginsoft.com/bugs/null-pointer-dereference-vulnerability-in-pdftranslatorsettarget-podofo-0-9-6 https://sourceforge.net/p/podofo/tickets/32 • CWE-476: NULL Pointer Dereference •
CVE-2018-14320 – PoDoFo Library ParseToUnicode Memory Corruption Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2018-14320
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of PoDoFo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within PdfEncoding::ParseToUnicode. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. • https://zerodayinitiative.com/advisories/ZDI-18-1046 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •