7 matches found
SUSE SLED12 / SLES12 Security Update : podofo (SUSE-SU-2024:3541-1)
The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3541-1 advisory. - CVE-2015-8981: Fixed heap overflow in the function ReadXRefSubsection bsc1023190 - CVE-2017-6840: Fixed...
SUSE-SU-2024:2137-1 Security update for podofo
This update for podofo fixes the following issues: - CVE-2019-9199: Fixed a NULL pointer dereference in podofoimpose bsc1127855 - CVE-2018-20797: Fixed an excessive memory allocation in PoDoFo:podofocalloc bsc1127514 - CVE-2019-10723: Fixed a memory leak in PdfPagesTreeCache bsc1131544...
SUSE CVE-2019-9199
PoDoFo::Impose::PdfTranslator::setSource in pdftranslator.cpp in PoDoFo 0.9.6 has a NULL pointer dereference that can for example be triggered by sending a crafted PDF file to the podofoimpose binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly have unspecified...
Fedora Update for mingw-podofo FEDORA-2019-023ea18e20
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 30 : mingw-podofo / podofo (2019-a1dc51a9e2)
Backport security fixes: CVE-2019-9199, CVE-2019-9687. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
Fedora 29 : mingw-podofo / podofo (2019-023ea18e20)
Backport security fixes: CVE-2019-9199, CVE-2019-9687. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
CVE-2019-9199
PoDoFo 0.9.6 contains a NULL pointer dereference in PoDoFo::Impose::PdfTranslator::setSource() (pdftranslator.cpp) that can be triggered by a crafted PDF via podofoimpose, leading to Denial of Service (segmentation fault) and potential other impact. The issue has been fixed in PoDoFo 0.9.7, as no...