CVSS: 6.8EPSS: 1%CPEs: 35EXPL: 0CVE-2010-3703 – poppler: use of initialized pointer in PostScriptFunction
https://notcve.org/view.php?id=CVE-2010-3703
The PostScriptFunction::PostScriptFunction function in poppler/Function.cc in the PDF parser in poppler 0.8.7 and possibly other versions up to 0.15.1, and possibly other products, allows context-dependent attackers to cause a denial of service (crash) via a PDF file that triggers an uninitialized pointer dereference. La función PostScriptFunction::PostScriptFunction en poppler/Function.cc en el analizador de PDF de poppler v0.8.7 y posiblemente otras versiones hasta v0.15.1, y posiblemente otros, permite provocar una denegación de servicio (por caída de la aplicación) a atacantes dependientes de contexto a través de un archivo PDF que desencadena una desreferencia a un puntero no inicializado. • http://cgit.freedesktop.org/poppler/poppler/commit/?id=bf2055088a3a2d3bb3d3c37d464954ec1a25771f http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html http://secunia.com/advisories/42357 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m& • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 75EXPL: 0CVE-2010-3704 – xpdf: array indexing error in FoFiType1::parse()
https://notcve.org/view.php?id=CVE-2010-3704
The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption. La función FoFiType1::parse en fofi/FoFiType1.cc del parseador de PDF de xpdf antes de v3.02pl5, poppler v0.8.7 y posiblemente otras versiones hasta v0.15.1, kdegraphics, y posiblemente otros productos, permite a atacantes dependientes del contexto provocar una denegación de servicio (caída de la aplicación) y posiblemente ejecutar código arbitrario mediante un archivo PDF con una fuente Type1 modificada que contiene un índice de matriz negativo, el cual se salta la validación de entrada y que provoca una corrupción de memoria. • ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html http://lists.fedoraproject.org/pipermail/package • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 2%CPEs: 2EXPL: 2CVE-2009-3938
https://notcve.org/view.php?id=CVE-2009-3938
Buffer overflow in the ABWOutputDev::endWord function in poppler/ABWOutputDev.cc in Poppler (aka libpoppler) 0.10.6, 0.12.0, and possibly other versions, as used by the Abiword pdftoabw utility, allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PDF file. Desbordamiento de búfer en la función ABWOutputDev::endWord en poppler/ABWOutputDev.cc en Poppler (alias libpoppler) 0.10.6, 0.12.0 y posiblemente otras versiones, tal como se usa en la utilidad Abiword pdftoabw, permite a atacantes remotos asistidos por el usuario provocar una denegación de servicio y posiblemente ejecutar código de su elección mediante un fichero PDF manipulado. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534680 http://bugs.freedesktop.org/attachment.cgi?id=30599&action=edit http://bugs.freedesktop.org/show_bug.cgi?id=23074 http://secunia.com/advisories/37333 http://www.debian.org/security/2009/dsa-1941 http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 http://www.securityfocus.com/bid/36976 http://www.vupen.com/english/advisories/2009/3227 https://exchange.xforce.ibmcloud.com/vulnerabilities/54215 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 5%CPEs: 59EXPL: 1CVE-2009-3606 – xpdf/poppler: PSOutputDev:: doImageL1Sep integer overflow
https://notcve.org/view.php?id=CVE-2009-3606
Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. Desbordamiento de entero en la función PSOutputDev::doImageL1Sep en Xpdf v3.02pl4 y Poppler v0.x, usado en n kdegraphics KPDF, podría permitir a atacantes remotos la ejecución de código de su elección a través de un documento PDF manipulado que provoca un desbordamiento de búfer basado en memoria dinámica (heap). • ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch http://cgit.freedesktop.org/poppler/poppler/diff/poppler/PSOutputDev.cc?id=7b2d314a61 http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html http://secunia.com/advisories/37023 http://s • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 6.8EPSS: 5%CPEs: 48EXPL: 0CVE-2009-3605
https://notcve.org/view.php?id=CVE-2009-3605
Multiple integer overflows in Poppler 0.10.5 and earlier allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, related to (1) glib/poppler-page.cc; (2) ArthurOutputDev.cc, (3) CairoOutputDev.cc, (4) GfxState.cc, (5) JBIG2Stream.cc, (6) PSOutputDev.cc, and (7) SplashOutputDev.cc in poppler/; and (8) SplashBitmap.cc, (9) Splash.cc, and (10) SplashFTFont.cc in splash/. NOTE: this may overlap CVE-2009-0791. Múltiples desbordamientos de entero en Poppler v0.10.5 y anteriores permiten a usuarios remotos provocar una denegación de servicio (caida de la aplicación) o probablemente ejecutar código de su elección a través de un fichero PDF modificado. Relacionado con (1) glib/poppler-page.cc; (2) ArthurOutputDev.cc, (3) CairoOutputDev.cc, (4) GfxState.cc, (5) JBIG2Stream.cc, (6) PSOutputDev.cc y (7) SplashOutputDev.cc en poppler/; y (8) SplashBitmap.cc, (9) Splash.cc y (10) SplashFTFont.cc en splash/. NOTA: esta vulnerabilidad se puede sobrelapar con CVE-2009-0791. • http://cgit.freedesktop.org/poppler/poppler/commit/?id=284a92899602daa4a7f429e61849e794569310b5 http://cgit.freedesktop.org/poppler/poppler/commit/?id=7b2d314a61fd0e12f47c62996cb49ec0d1ba747a http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb22f812b31858e519411f57747d39bd8 http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html http://secunia.com/advisories/37114 http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1 http://sunsolve.sun.com/search/document.do? • CWE-189: Numeric Errors •