CVSS: 6.8EPSS: 1%CPEs: 35EXPL: 0CVE-2010-3703 – poppler: use of initialized pointer in PostScriptFunction
https://notcve.org/view.php?id=CVE-2010-3703
05 Nov 2010 — The PostScriptFunction::PostScriptFunction function in poppler/Function.cc in the PDF parser in poppler 0.8.7 and possibly other versions up to 0.15.1, and possibly other products, allows context-dependent attackers to cause a denial of service (crash) via a PDF file that triggers an uninitialized pointer dereference. La función PostScriptFunction::PostScriptFunction en poppler/Function.cc en el analizador de PDF de poppler v0.8.7 y posiblemente otras versiones hasta v0.15.1, y posiblemente otros, permite p... • http://cgit.freedesktop.org/poppler/poppler/commit/?id=bf2055088a3a2d3bb3d3c37d464954ec1a25771f • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 5%CPEs: 48EXPL: 0CVE-2009-3605 – Gentoo Linux Security Advisory 201310-03
https://notcve.org/view.php?id=CVE-2009-3605
02 Nov 2009 — Multiple integer overflows in Poppler 0.10.5 and earlier allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, related to (1) glib/poppler-page.cc; (2) ArthurOutputDev.cc, (3) CairoOutputDev.cc, (4) GfxState.cc, (5) JBIG2Stream.cc, (6) PSOutputDev.cc, and (7) SplashOutputDev.cc in poppler/; and (8) SplashBitmap.cc, (9) Splash.cc, and (10) SplashFTFont.cc in splash/. NOTE: this may overlap CVE-2009-0791. Múltiples desbordamientos de... • http://cgit.freedesktop.org/poppler/poppler/commit/?id=284a92899602daa4a7f429e61849e794569310b5 • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 7%CPEs: 62EXPL: 1CVE-2009-3608 – xpdf/poppler: integer overflow in ObjectStream::ObjectStream (oCERT-2009-016)
https://notcve.org/view.php?id=CVE-2009-3608
21 Oct 2009 — Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. Desbordamiento de entero en la función ObjectStream::ObjectStream en XRef.cc en Xpdf y Poppler, usado en GPdf, kdegraphics KPDF, y CUPS pdftopf y teTeX, podría permitir a atacantes remotos ejecutar cód... • ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 9.3EPSS: 4%CPEs: 55EXPL: 0CVE-2009-3607 – Gentoo Linux Security Advisory 201310-03
https://notcve.org/view.php?id=CVE-2009-3607
21 Oct 2009 — Integer overflow in the create_surface_from_thumbnail_data function in glib/poppler-page.cc in Poppler 0.x allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. la función create_surface_from_thumbnail_data en glib/poppler-page.cc en Poppler v0.x, permite a atacantes remotos provocar una denegación de servicio (cor... • http://cgit.freedesktop.org/poppler/poppler/commit/?id=c839b706 • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 7%CPEs: 58EXPL: 1CVE-2009-3603 – xpdf/poppler: SplashBitmap:: SplashBitmap integer overflow
https://notcve.org/view.php?id=CVE-2009-3603
21 Oct 2009 — Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1188. Desbordamiento de entero en la función SplashBitmap::SplashBitmap en Xpdf v3.x anterior a v3.02pl4 y Poppler anteior a ... • ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 9.3EPSS: 27%CPEs: 67EXPL: 2CVE-2009-3604 – xpdf/poppler: Splash:: drawImage integer overflow and missing allocation return value check
https://notcve.org/view.php?id=CVE-2009-3604
21 Oct 2009 — The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document that triggers a NULL pointer dereference or a heap-based buffer overflow. Desbordamiento de entero en la función Splash.cc en Xpdf v3.02pl4 y Poppler v0.x, usado en n kdegraphics KPDF y GPdf, no asigna... • ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch • CWE-190: Integer Overflow or Wraparound CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 1%CPEs: 61EXPL: 3CVE-2009-3609 – xpdf/poppler: ImageStream:: ImageStream integer overflow
https://notcve.org/view.php?id=CVE-2009-3609
21 Oct 2009 — Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that triggers a NULL pointer dereference or buffer over-read. Desbordamiento de entero en la función ImageStream::ImageStream en Stream.cc en Xpdf v3.02pl4 y Poppler v0.12.1, usado en GPdf, kdegraphics KPDF, y CUPS pdftops, permite a atac... • ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 9.3EPSS: 7%CPEs: 59EXPL: 1CVE-2009-3606 – xpdf/poppler: PSOutputDev:: doImageL1Sep integer overflow
https://notcve.org/view.php?id=CVE-2009-3606
21 Oct 2009 — Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. Desbordamiento de entero en la función PSOutputDev::doImageL1Sep en Xpdf v3.02pl4 y Poppler v0.x, usado en n kdegraphics KPDF, podría permitir a atacantes remotos la ejecución de código de su elección a través de un documento PDF manipulado que provoca un d... • ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 17%CPEs: 48EXPL: 0CVE-2009-1187 – poppler CairoOutputDev integer overflow
https://notcve.org/view.php?id=CVE-2009-1187
23 Apr 2009 — Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc). Desbordamiento de entero en la característica JBIG2 decoding en Poppler anteriores a v0.10.6 permite a atacantes remotos producir una denegación de servicio (caida) y posiblemente ejecutar código a través de vectores relacionados con CairoOutputDev (CairoOutputDev.cc). Multiple vulne... • http://bugs.gentoo.org/show_bug.cgi?id=263028#c16 • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 7.1EPSS: 21%CPEs: 48EXPL: 0CVE-2009-1188 – xpdf/poppler: SplashBitmap integer overflow
https://notcve.org/view.php?id=CVE-2009-1188
23 Apr 2009 — Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document. Desbordamiento de entero en la característica JBIG2 decoding en Poppler anteriores a v0.10.6 permite a atacantes remotos producir una denegación de servicio (caida) y posiblemente ejec... • http://bugs.gentoo.org/show_bug.cgi?id=263028#c16 • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •