CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 2CVE-2021-30860 – Apple Multiple Products Integer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2021-30860
An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. Se ha solucionado un desbordamiento de enteros con una validación de entrada mejorada. • https://github.com/jeffssh/CVE-2021-30860 https://github.com/Levilutz/CVE-2021-30860 http://seclists.org/fulldisclosure/2021/Sep/25 http://seclists.org/fulldisclosure/2021/Sep/26 http://seclists.org/fulldisclosure/2021/Sep/27 http://seclists.org/fulldisclosure/2021/Sep/28 http://seclists.org/fulldisclosure/2021/Sep/38 http://seclists.org/fulldisclosure/2021/Sep/39 http://seclists.org/fulldisclosure/2021/Sep/40 http://seclists.org/fulldisclosure/2021/Sep/50 http://ww • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 0CVE-2011-2902
https://notcve.org/view.php?id=CVE-2011-2902
zxpdf in xpdf before 3.02-19 as packaged in Debian unstable and 3.02-12+squeeze1 as packaged in Debian squeeze deletes temporary files insecurely, which allows remote attackers to delete arbitrary files via a crafted .pdf.gz file name. zxpdf en xpdf, en versiones anteriores a la 3.02-19, tal y como se distribuye en Debian unstable y 3.02-12+squeeze1 tal y como se distribuye en Debian squeeze, elimina archivos temporales de forma no segura. Esto permite que los atacantes remotos eliminen archivos arbitrarios mediante un nombre de archivo .pdf.gz manipulado. • http://www.openwall.com/lists/oss-security/2014/02/08/5 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=635849 https://security-tracker.debian.org/tracker/CVE-2011-2902 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 29EXPL: 0CVE-2010-3702 – xpdf: uninitialized Gfx::parser pointer dereference
https://notcve.org/view.php?id=CVE-2010-3702
The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference. La función Gfx::getPos en el analizador PDF en Xpdf versión anterior a 3.02 PL5, Poppler versión 0.8.7 y posiblemente otras versiones hasta la 0.15.1, CUPS, kdegraphics, y posiblemente otros productos permite que los atacantes dependiendo del contexto generen una denegación de servicio (bloqueo) por medio de vectores desconocidos que desencadenan una desreferencia de puntero no inicializada. • ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch http://cgit.freedesktop.org/poppler/poppler/commit/?id=e853106b58d6b4b0467dbd6436c9bb1cfbd372cf http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html http://lists.fedoraproject.org/pipermail/package • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 9%CPEs: 32EXPL: 1CVE-2005-0064
https://notcve.org/view.php?id=CVE-2005-0064
Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value. • ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000921 http://marc.info/?l=bugtraq&m=110625368019554&w=2 http://secunia.com/advisories/17277 http://www.debian.org/security/2005/dsa-645 http://www.debian.org/security/2005/dsa-648 http://www.idefense.com/application/poi/display?id=186&type=vulnerabilities http://www.mandriva.com/s •