CVE-2022-38334
https://notcve.org/view.php?id=CVE-2022-38334
XPDF v4.04 and earlier was discovered to contain a stack overflow via the function Catalog::countPageTree() at Catalog.cc. Se ha descubierto que XPDF v4.04 y anteriores contienen un desbordamiento de pila a través de la función Catalog::countPageTree() en Catalog.cc • https://forum.xpdfreader.com/viewtopic.php?f=3&t=42122 https://forum.xpdfreader.com/viewtopic.php?f=3&t=42314&p=43872 • CWE-674: Uncontrolled Recursion •
CVE-2021-27548
https://notcve.org/view.php?id=CVE-2021-27548
There is a Null Pointer Dereference vulnerability in the XFAScanner::scanNode() function in XFAScanner.cc in xpdf 4.03. Se presenta una vulnerabilidad de desreferencia de puntero Null en la función XFAScanner::scanNode() en el archivo XFAScanner.cc en xpdf versión 4.03 • https://forum.xpdfreader.com/viewtopic.php?f=3&t=42115 • CWE-476: NULL Pointer Dereference •
CVE-2022-27135
https://notcve.org/view.php?id=CVE-2022-27135
xpdf 4.03 has heap buffer overflow in the function readXRefTable located in XRef.cc. An attacker can exploit this bug to cause a Denial of Service (Segmentation fault) or other unspecified effects by sending a crafted PDF file to the pdftoppm binary. xpdf versión 4.03, presenta un desbordamiento del búfer de la pila en la función readXRefTable ubicada en el archivo XRef.cc. Un atacante puede explotar este bug para causar una denegación de servicio (fallo de segmentación) u otros efectos no especificados mediante el envío de un archivo PDF diseñado al binario pdftoppm • https://forum.xpdfreader.com/viewtopic.php?f=3&t=42232 https://github.com/verf1sh/Poc/blob/master/pic_ppm.png https://github.com/verf1sh/Poc/blob/master/poc_ppm • CWE-787: Out-of-bounds Write •
CVE-2021-30860 – Apple Multiple Products Integer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2021-30860
An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. Se ha solucionado un desbordamiento de enteros con una validación de entrada mejorada. • https://github.com/jeffssh/CVE-2021-30860 https://github.com/Levilutz/CVE-2021-30860 http://seclists.org/fulldisclosure/2021/Sep/25 http://seclists.org/fulldisclosure/2021/Sep/26 http://seclists.org/fulldisclosure/2021/Sep/27 http://seclists.org/fulldisclosure/2021/Sep/28 http://seclists.org/fulldisclosure/2021/Sep/38 http://seclists.org/fulldisclosure/2021/Sep/39 http://seclists.org/fulldisclosure/2021/Sep/40 http://seclists.org/fulldisclosure/2021/Sep/50 http://ww • CWE-190: Integer Overflow or Wraparound •