CVE-2023-26930
https://notcve.org/view.php?id=CVE-2023-26930
Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via the PDFDoc malloc in the pdftotext.cc function. NOTE: Vendor states “it's an expected abort on out-of-memory error.” • https://gist.github.com/huanglei3/10e2a9bd07a109995b20ade306612a34 https://github.com/huanglei3/xpdf_aborted • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2022-45587
https://notcve.org/view.php?id=CVE-2022-45587
Stack overflow vulnerability in function gmalloc in goo/gmem.cc in xpdf 4.04, allows local attackers to cause a denial of service. • https://forum.xpdfreader.com/viewtopic.php?t=42361 • CWE-787: Out-of-bounds Write •
CVE-2022-45586
https://notcve.org/view.php?id=CVE-2022-45586
Stack overflow vulnerability in function Dict::find in xpdf/Dict.cc in xpdf 4.04, allows local attackers to cause a denial of service. • https://forum.xpdfreader.com/viewtopic.php?t=42361 • CWE-787: Out-of-bounds Write •
CVE-2022-43071
https://notcve.org/view.php?id=CVE-2022-43071
A stack overflow in the Catalog::readPageLabelTree2(Object*) function of XPDF v4.04 allows attackers to cause a Denial of Service (DoS) via a crafted PDF file. Un desbordamiento de la pila en la función Catalog::readPageLabelTree2(Object*) de XPDF v4.04 permite a los atacantes provocar una Denegación de Servicio (DoS) a través de un archivo PDF manipulado. • https://forum.xpdfreader.com/viewtopic.php?f=3&t=42349&p=43959#p43959 • CWE-787: Out-of-bounds Write •
CVE-2022-43295
https://notcve.org/view.php?id=CVE-2022-43295
XPDF v4.04 was discovered to contain a stack overflow via the function FileStream::copy() at xpdf/Stream.cc:795. Se descubrió que XPDF v4.04 contenía un desbordamiento de memoria mediante la función FileStream::copy() en xpdf/Stream.cc:795. • https://forum.xpdfreader.com/viewtopic.php?t=42360 • CWE-787: Out-of-bounds Write •