CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2019-9587
https://notcve.org/view.php?id=CVE-2019-9587
There is a stack consumption issue in md5Round1() located in Decrypt.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdfimages binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. This is related to Catalog::countPageTree. En la versión 4.01 de Xpdf, hay un fallo del consumo de pila en md5Round1() en Decrypt.cc. • https://forum.xpdfreader.com/viewtopic.php?f=3&t=41263 https://research.loginsoft.com/bugs/stack-based-buffer-overflow-vulnerability-in-function-md5round1-xpdf-4-01 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 0CVE-2011-2902
https://notcve.org/view.php?id=CVE-2011-2902
zxpdf in xpdf before 3.02-19 as packaged in Debian unstable and 3.02-12+squeeze1 as packaged in Debian squeeze deletes temporary files insecurely, which allows remote attackers to delete arbitrary files via a crafted .pdf.gz file name. zxpdf en xpdf, en versiones anteriores a la 3.02-19, tal y como se distribuye en Debian unstable y 3.02-12+squeeze1 tal y como se distribuye en Debian squeeze, elimina archivos temporales de forma no segura. Esto permite que los atacantes remotos eliminen archivos arbitrarios mediante un nombre de archivo .pdf.gz manipulado. • http://www.openwall.com/lists/oss-security/2014/02/08/5 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=635849 https://security-tracker.debian.org/tracker/CVE-2011-2902 • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 2%CPEs: 64EXPL: 0CVE-2011-1552 – t1lib: invalid read crash via crafted Type 1 font
https://notcve.org/view.php?id=CVE-2011-1552
t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, reads from invalid memory locations, which allows remote attackers to cause a denial of service (application crash) via a crafted Type 1 font in a PDF document, a different vulnerability than CVE-2011-0764. t1lib v5.1.2 y versiones anteriores, utilizando en Xpdf anterior a v3.02pl6 y otros productos, realiza lecturas desde posiciones de memoria inválidas, permitiendo a atacantes remotos provocar una denegación de servicio (caída de la aplicación) a través de una fuente Tipo 1 en un documento PDF, un vulnerabilidad diferente a CVE-2011-0764. • http://rhn.redhat.com/errata/RHSA-2012-1201.html http://secunia.com/advisories/43823 http://secunia.com/advisories/48985 http://securityreason.com/securityalert/8171 http://securitytracker.com/id?1025266 http://www.foolabs.com/xpdf/download.html http://www.kb.cert.org/vuls/id/376500 http://www.kb.cert.org/vuls/id/MAPG-8ECL8X http://www.mandriva.com/security/advisories?name=MDVSA-2012:144 http://www.securityfocus.com/archive/1/517205/100/0/threaded http://www.to • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 2%CPEs: 64EXPL: 0CVE-2011-1554 – t1lib: Off-by-one via crafted Type 1 font
https://notcve.org/view.php?id=CVE-2011-1554
Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid pointer dereference, a different vulnerability than CVE-2011-0764. Error Off-by-one en t1lib v5.1.2 y anteriores, como se usaba en Xpdf anterior a v3.02pl6 y otros productos, permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) a través de un documento PDF que contiene una fuente manipulada Tipo 1 y que provoca una lectura incorrecta de memoria, un desbordamiento de entero, y una desreferencia inválida a puntero, una vulnerabilidad diferente de CVE-2011-0764. • http://rhn.redhat.com/errata/RHSA-2012-1201.html http://secunia.com/advisories/43823 http://secunia.com/advisories/48985 http://securityreason.com/securityalert/8171 http://securitytracker.com/id?1025266 http://www.foolabs.com/xpdf/download.html http://www.kb.cert.org/vuls/id/376500 http://www.kb.cert.org/vuls/id/MAPG-8ECL8X http://www.mandriva.com/security/advisories?name=MDVSA-2012:144 http://www.securityfocus.com/archive/1/517205/100/0/threaded http://www.to • CWE-189: Numeric Errors CWE-193: Off-by-one Error •
CVSS: 6.8EPSS: 2%CPEs: 64EXPL: 0CVE-2011-1553 – t1lib: Use-after-free via crafted Type 1 font
https://notcve.org/view.php?id=CVE-2011-1553
Use-after-free vulnerability in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory write, a different vulnerability than CVE-2011-0764. Vulnerabilidad liberar después de usar (use-after-free) en t1lib v5.1.2 y anteriores, utilizado en Xpdf anterior a v3.02pl6 y otros productos, permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) mediante un documento PDF con una fuente Typo 1, generando una escritura inválida en memoria, una vulnerabilidad diferente a CVE-2011-0764. • http://rhn.redhat.com/errata/RHSA-2012-1201.html http://secunia.com/advisories/43823 http://secunia.com/advisories/48985 http://securityreason.com/securityalert/8171 http://securitytracker.com/id?1025266 http://www.foolabs.com/xpdf/download.html http://www.kb.cert.org/vuls/id/376500 http://www.kb.cert.org/vuls/id/MAPG-8ECL8X http://www.mandriva.com/security/advisories?name=MDVSA-2012:144 http://www.securityfocus.com/archive/1/517205/100/0/threaded http://www.to • CWE-399: Resource Management Errors CWE-416: Use After Free •