Lucene search
+L

285 matches found

NVD
NVD
added 2018/10/08 4:29 p.m.19 views

CVE-2018-3996

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.2.0.9297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user...

8.8CVSS8.2AI score0.03155EPSS
Exploits1References3
NVD
NVD
added 2018/10/08 4:29 p.m.24 views

CVE-2018-3940

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused. An attacker needs to trick the user to open the malicious file to trigger...

8.8CVSS7.9AI score0.02114EPSS
Exploits1References3
Talos
Talos
added 2018/10/01 12:0 a.m.498 views

Foxit PDF Reader Javascript Optional Content Group Remote Code Execution Vulnerability

Summary An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader version 9.2.0.9297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to...

8.8CVSS8.4AI score0.03155EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2018/09/20 12:0 a.m.5 views

PT-2018-16335 · Foxit · Foxit Pdf Reader

Name of the Vulnerable Software and Affected Versions: Foxit Software's PDF Reader version 9.1.0.5096 Description: A use-after-free issue in the JavaScript engine allows for arbitrary code execution when a specially crafted PDF document is opened, causing a previously freed object in memory to be...

8.8CVSS7.9AI score0.02577EPSS
Exploits0References11
CNVD
CNVD
added 2018/06/29 12:0 a.m.26 views

PoDoFo Denial of Service Vulnerability (CNVD-2018-15745)

PoDoFo is an open source , written in C++ using the PDF file format library . PoDoFo 0.9.6-rc1 version of the PdfEncrypt.cpp file in the 'PdfEncryptMD5Base::ComputeEncryptionKey' function has a buffer overflow vulnerability. A remote attacker can exploit this vulnerability with a specially crafte...

7.8CVSS7.9AI score0.00988EPSS
Exploits1References1
Prion
Prion
added 2018/05/18 7:29 p.m.17 views

Null pointer dereference

An issue was discovered in PoDoFo 0.9.5. The function PdfPage::GetPageNumber in PdfPage.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted PDF document...

4.3CVSS5.4AI score0.01114EPSS
Exploits1References1Affected Software1
UbuntuCve
UbuntuCve
added 2018/05/18 7:29 p.m.20 views

CVE-2018-11256

An issue was discovered in PoDoFo 0.9.5. The function PdfDocument::Append in PdfDocument.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted PDF document...

6.5CVSS6.8AI score0.01386EPSS
Exploits1References2
OSV
OSV
added 2018/05/18 7:29 p.m.19 views

CVE-2018-11256

An issue was discovered in PoDoFo 0.9.5. The function PdfDocument::Append in PdfDocument.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted PDF document...

6.5CVSS6.5AI score
Exploits0References1
OSV
OSV
added 2018/05/18 7:29 p.m.19 views

CVE-2018-11255

An issue was discovered in PoDoFo 0.9.5. The function PdfPage::GetPageNumber in PdfPage.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted PDF document...

5.5CVSS5.7AI score
Exploits0References1
OSV
OSV
added 2018/05/18 7:29 p.m.3 views

UBUNTU-CVE-2018-11256

An issue was discovered in PoDoFo 0.9.5. The function PdfDocument::Append in PdfDocument.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted PDF document...

6.5CVSS6.7AI score0.01386EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2018/05/18 7:0 p.m.35 views

CVE-2018-11255

An issue was discovered in PoDoFo 0.9.5. The function PdfPage::GetPageNumber in PdfPage.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted PDF document...

5.5CVSS6.5AI score0.01114EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2018/05/18 7:0 p.m.78 views

CVE-2018-11256

An issue was discovered in PoDoFo 0.9.5. The function PdfDocument::Append in PdfDocument.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted PDF document...

6.5CVSS7AI score0.01386EPSS
Exploits1
Prion
Prion
added 2018/04/18 9:29 p.m.27 views

Buffer overflow

The settextdistance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impac...

6.8CVSS7.9AI score0.01905EPSS
Exploits0References7Affected Software9
Cvelist
Cvelist
added 2018/01/31 6:0 p.m.17 views

CVE-2018-6462

Tracker PDF-XChange Viewer and Viewer AX SDK before 2.5.322.8 mishandle conversion from YCC to RGB colour spaces by calculating on the basis of 1 bpc instead of 8 bpc, which might allow remote attackers to execute arbitrary code via a crafted PDF document...

7.9AI score0.02464EPSS
Exploits0References2
Prion
Prion
added 2017/10/17 10:29 p.m.23 views

Null pointer dereference

In Poppler 0.59.0, a NULL Pointer Dereference exists in the GfxImageColorMap::getGrayLine function in GfxState.cc via a crafted PDF document...

6.8CVSS8.3AI score0.02059EPSS
Exploits1References3Affected Software2
OSV
OSV
added 2017/10/17 10:29 p.m.6 views

CVE-2017-15565

In Poppler 0.59.0, a NULL Pointer Dereference exists in the GfxImageColorMap::getGrayLine function in GfxState.cc via a crafted PDF document...

8.8CVSS8.4AI score
Exploits0References3
UbuntuCve
UbuntuCve
added 2017/10/16 1:29 a.m.21 views

CVE-2017-15369

The buildfilterchain function in pdf/pdf-stream.c in Artifex MuPDF before 2017-09-25 mishandles a certain case where a variable may reside in a register, which allows remote attackers to cause a denial of service Fitz fzdropimp use-after-free and application crash or possibly have unspecified oth...

7.8CVSS7.2AI score0.01233EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2017/10/10 12:22 p.m.26 views

CVE-2017-14928

In Poppler 0.59.0, a NULL Pointer Dereference exists in AnnotRichMedia::Configuration::Configuration in Annot.cc via a crafted PDF document...

5.5CVSS3AI score0.00674EPSS
Exploits0References1
OSV
OSV
added 2017/09/30 1:29 a.m.7 views

CVE-2017-14928

In Poppler 0.59.0, a NULL Pointer Dereference exists in AnnotRichMedia::Configuration::Configuration in Annot.cc via a crafted PDF document...

5.5CVSS7.5AI score
Exploits0References2
OSV
OSV
added 2017/09/30 1:29 a.m.11 views

CVE-2017-14926

In Poppler 0.59.0, a NULL Pointer Dereference exists in AnnotRichMedia::Content::Content in Annot.cc via a crafted PDF document...

5.5CVSS7.4AI score
Exploits0References2
Rows per page
Query Builder