CVSS: 6.8EPSS: 23%CPEs: 48EXPL: 0CVE-2009-1188 – xpdf/poppler: SplashBitmap integer overflow
https://notcve.org/view.php?id=CVE-2009-1188
Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document. Desbordamiento de entero en la característica JBIG2 decoding en Poppler anteriores a v0.10.6 permite a atacantes remotos producir una denegación de servicio (caida) y posiblemente ejecutar código a través de vectores relacionados con SplashBitmap (splash/SplashBitmap.cc). • http://bugs.gentoo.org/show_bug.cgi?id=263028#c16 http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html http://poppler.freedesktop.org/releases.html http://secunia.com/advisories/34746 http://secunia.com/advisories/35064 http://secunia.com/advisories/35618 http://secunia.com/advisories/37028 http:// • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 5.0EPSS: 11%CPEs: 34EXPL: 2CVE-2009-0755 – Poppler 0.10.3 - Denial of Service
https://notcve.org/view.php?id=CVE-2009-0755
The FormWidgetChoice::loadDefaults function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file with an invalid Form Opt entry. La funcion FormWidgetChoice::loadDefaults en Poppler anteriores v0.10.4 permite a atacantes remotos producir una denegacion de servicio (caida) a traves de un fichero PDF con una entrada "Form Opt" incorrecta. • https://www.exploit-db.com/exploits/32800 http://bugs.freedesktop.org/show_bug.cgi?id=19790 http://lists.freedesktop.org/archives/poppler/2009-January/004406.html http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://secunia.com/advisories/33853 http://secunia.com/advisories/35685 http://secunia.com/advisories/37114 http://wiki.rpath.com/Advisories:rPSA-2009-0059 http://www.debian.org/security/2009/dsa-1941 http://www.openwall.com/lists/oss-security& •
CVSS: 5.0EPSS: 5%CPEs: 34EXPL: 3CVE-2009-0756 – Poppler 0.10.3 - Denial of Service
https://notcve.org/view.php?id=CVE-2009-0756
The JBIG2Stream::readSymbolDictSeg function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file that triggers a parsing error, which is not properly handled by JBIG2SymbolDict::~JBIG2SymbolDict and triggers an invalid memory dereference. La función JBIG2Stream::readSymbolDictSeg en Poppler anteriores a v0.10.4 permite a atacantes remotos producir una denegación de servicio (caída) a través de un fichero PDF que dispara un error de parseo, lo cual no adecuadamente manejado por JBIG2SymbolDict::~JBIG2SymbolDict y produce una desreferencia de memoria incorrecta. • https://www.exploit-db.com/exploits/32800 http://bugs.freedesktop.org/show_bug.cgi?id=19702 http://lists.freedesktop.org/archives/poppler/2009-January/004403.html http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://secunia.com/advisories/33853 http://secunia.com/advisories/35685 http://wiki.rpath.com/Advisories:rPSA-2009-0059 http://www.openwall.com/lists/oss-security/2009/02/13/1 http://www.openwall.com/lists/oss-security/2009/02/19/2 http& •
CVSS: 7.5EPSS: 32%CPEs: 1EXPL: 1CVE-2008-2950 – Poppler 0.8.4 - libpoppler Uninitialized pointer Code Execution
https://notcve.org/view.php?id=CVE-2008-2950
The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and earlier deletes a pageWidgets object even if it is not initialized by a Page constructor, which allows remote attackers to execute arbitrary code via a crafted PDF document. El destructor Page de Page.cc en libpoppler de Poppler 0.8.4 y anteriores, elimina el objeto pageWidgets incluso si éste no ha sido iniciado por un constructor Page, esto permite a atacantes remotos ejecutar código de su elección mediante un documento PDF manipulado. • https://www.exploit-db.com/exploits/6032 http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00006.html http://secunia.com/advisories/30963 http://secunia.com/advisories/31002 http://secunia.com/advisories/31167 http://secunia.com/advisories/31267 http://secunia.com/advisories/31405 http://security.gentoo.org/glsa/glsa-200807-04.xml http://securityreason.com/securityalert/3977 http://wiki.rpath.com/Advisories:rPSA-2008-0223 http://www.mandriva.com/security/advisories? • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.8EPSS: 13%CPEs: 29EXPL: 0CVE-2008-1693 – xpdf: embedded font vulnerability
https://notcve.org/view.php?id=CVE-2008-1693
The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, related to dereferencing a function pointer associated with the type of this font object. La función CairoFont::create en CairoFontEngine.cc de Poppler, posiblemente anterior a 0.8.0, como se usa en Xpdf, Evince, ePDFview, KWord y otras aplicaciones, no maneja correctamente fuentes embebidas en archivos PDF, lo que permite a atacantes remotos ejecutar código de su elección a través de un objeto fuente manipulado, relacionado con referenciar un puntero de una función asociado con el tipo de este objeto fuente. • http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html http://secunia.com/advisories/29816 http://secunia.com/advisories/29834 http://secunia.com/advisories/29836 http://secunia.com/advisories/29851 http://secunia.com/advisories/29853 http://secunia.com/advisories/29868 http://secunia.com/advisories/29869 http://secunia.com/advisories/29884 http://secunia.com/advisories/29885 http://secunia.com/advisories/30019 http://secunia.com/advisories/30033 http:// • CWE-20: Improper Input Validation •