CVSS: 9.1EPSS: 6%CPEs: 146EXPL: 0CVE-2005-0206
https://notcve.org/view.php?id=CVE-2005-0206
15 Feb 2005 — The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities. El parche para corregir las vulnerabilidades de desbordamiento de entero en Xpdf 2.0 y 3.0 (CAN-2004-0888) es incompleto para arquitecturas de 64 bits en ciertas distribuciones de Linux como Red Hat, lo que podría dejar a los usuarios de Xpdf expuestos a las vulnerabilida... • http://www.mandriva.com/security/advisories?name=MDKSA-2005:041 •
CVSS: 7.8EPSS: 10%CPEs: 32EXPL: 1CVE-2005-0064
https://notcve.org/view.php?id=CVE-2005-0064
19 Jan 2005 — Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value. • ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch •
CVSS: 9.3EPSS: 7%CPEs: 4EXPL: 0CVE-2004-1125
https://notcve.org/view.php?id=CVE-2004-1125
22 Dec 2004 — Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded. • ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 4%CPEs: 93EXPL: 0CVE-2004-0888
https://notcve.org/view.php?id=CVE-2004-0888
26 Oct 2004 — Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889. • http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000886 •
CVSS: 10.0EPSS: 3%CPEs: 93EXPL: 0CVE-2004-0889
https://notcve.org/view.php?id=CVE-2004-0889
26 Oct 2004 — Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888. • http://marc.info/?l=bugtraq&m=109880927526773&w=2 •
CVSS: 9.8EPSS: 25%CPEs: 14EXPL: 1CVE-2003-0434 – Adobe Acrobat Reader (UNIX) 5.0 6 / Xpdf 0.9x Hyperlinks - Arbitrary Command Execution
https://notcve.org/view.php?id=CVE-2003-0434
18 Jun 2003 — Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink. Varios visores de PDF, incluidos Adobe Acrobat 5.06 y Xpdf 1.01 permiten a atacantes remotos la ejecución arbitraria de comandos mediante metacaracteres de shell en un hipervínculo embebido. • https://www.exploit-db.com/exploits/22771 •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 1CVE-2002-1384
https://notcve.org/view.php?id=CVE-2002-1384
02 Jan 2003 — Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf. Desbordamiento de enteros en pdftops, usado en Xpdf 2.01 y anteriores, y CUPS antes de 1.1.18, permite a usuarios locales ejecutar código arbitrario mediante una entrada ColorSpace con un número de elementos largo, como ha sido demostrado por cups-pdf. • http://marc.info/?l=bugtraq&m=104152282309980&w=2 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2000-0727
https://notcve.org/view.php?id=CVE-2000-0727
13 Oct 2000 — xpdf PDF viewer client earlier than 0.91 does not properly launch a web browser for embedded URL's, which allows an attacker to execute arbitrary commands via a URL that contains shell metacharacters. • http://marc.info/?l=bugtraq&m=96766355023239&w=2 •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2000-0728
https://notcve.org/view.php?id=CVE-2000-0728
13 Oct 2000 — xpdf PDF viewer client earlier than 0.91 allows local users to overwrite arbitrary files via a symlink attack. • http://marc.info/?l=bugtraq&m=96766355023239&w=2 •