132 matches found
CVE-2022-24107
Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc...
CVE-2022-24107
Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc...
UBUNTU-CVE-2022-24107
Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc...
CVE-2022-24107
Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc...
XPDF 输入验证错误漏洞
XPDF is an open source PDF reader from FOO Labs. The product supports decoding files in LZW compressed format and reading encrypted PDF files. A security vulnerability exists in XPDF versions prior to 4.04, which stems from a missing integer overflow check in JPXStream.cc...
CVE-2018-7455
An out-of-bounds read in JPXStream::readTilePart in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml...
The vulnerability of the JPXStream::init function in the Poppler PDF rendering library, related to integer overflow of the value being filled, allows a attacker to cause a service failure.
The vulnerability of the JPXStream::init function in the Poppler PDF rendering library is related to the lack of checks for negative stream lengths. Exploiting this vulnerability allows a remote attacker to cause service interruptions...
NewStart CGSL CORE 5.04 / MAIN 5.04 : poppler Multiple Vulnerabilities (NS-SA-2020-0074)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has poppler packages installed that are affected by multiple vulnerabilities: - An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc...
NewStart CGSL CORE 5.05 / MAIN 5.05 : poppler Multiple Vulnerabilities (NS-SA-2020-0110)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has poppler packages installed that are affected by multiple vulnerabilities: - An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc...
Amazon Linux 2 : poppler (ALAS-2020-1481)
The version of poppler installed on the remote host is prior to 0.26.5-42. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1481 advisory. An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function...
Amazon Linux AMI : poppler (ALAS-2020-1398)
The version of poppler installed on the remote host is prior to 0.26.5-42.20. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1398 advisory. The tiffdocumentrender and tiffdocumentgetthumbnail functions in the TIFF document backend in GNOME Evince through...
poppler: integer overflow in JPXStream::init function leading to memory consumption
The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo...
Huawei EulerOS: Security Advisory for poppler (EulerOS-SA-2019-1986)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for poppler (EulerOS-SA-2019-2015)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for poppler (EulerOS-SA-2019-1827)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated poppler packages fix security vulnerabilities
The updated packages fix security vulnerabilities: The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an...
Updated poppler packages fix security vulnerabilities
Updated poppler packages fix security vulnerabilities Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsamplerowboxfilter function. CVE-2019-9631 PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function...
Xpdf memory misreference vulnerability (CNVD-2019-26658)
Xpdf is a free PDF viewer and toolkit that includes a text extractor, image converter, HTML converter and more. A memory misreference vulnerability exists in the JPXStream::fillReadBuf function in JPXStream.cc in Xpdf 4.01.01. An attacker could exploit this vulnerability to cause a denial of...
CVE-2019-14294
An issue was discovered in Xpdf 4.01.01. There is a use-after-free in the function JPXStream::fillReadBuf at JPXStream.cc, due to an out of bounds read...
CVE-2019-14294
An issue was discovered in Xpdf 4.01.01. There is a use-after-free in the function JPXStream::fillReadBuf at JPXStream.cc, due to an out of bounds read...