FPDI: Memory Exhaustion and Endless Loop in FPDI leads to Denial of Service

Impact This is a significant Denial of Service DoS vulnerability. Any application that uses FPDI to process user-supplied PDF files is at risk. An attacker can upload a small, malicious PDF file that will cause the server-side script to crash due to memory exhaustion or a script time-out. Repeate...

Soda PDF Desktop 缓冲区错误漏洞

Soda PDF Desktop is a professional PDF processing software that integrates reading, editing, creating, converting and managing PDF documents. Soda PDF Desktop has an out-of-bounds read vulnerability that stems from a lack of validation of user-supplied data when parsing PDF files, which can be...

EUVD-2006-6129

Malware in sbrugna...

CVE-2023-39490

PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must vis...

CVE-2023-32160

PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must vis...

PT-2023-26977 · Unknown · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. It requires user interaction, such as visiting a malicious page or opening a malicious fil...

SUSE CVE-2016-5218

The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled navigation within PDFs, which allowed a remote attacker to temporarily spoof the contents of the Omnibox URL bar via a crafted HTML page containing PDF data...

PT-2022-7172 · Pdf Xchange · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. It requires user interaction, such as visiting a malicious page or...

PT-2022-26404 · Pdf Xchange · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a...

PT-2022-6615 · Pdf Xchange · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a...

PT-2022-6624 · Pdf Xchange · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a...

CVE-2016-5218

The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled navigation within PDFs, which allowed a remote attacker to temporarily spoof the contents of the Omnibox URL bar via a crafted HTML page containing PDF data...

Foxit Reader and PhantomPDF Read-Over-Boundary Vulnerability (CNVD-2016-10513)

Foxit Reader is a PDF document reader from China's Foxit Software Corporation.Foxit PhantomPDF is a commercial version. An out-of-bounds read vulnerability exists in Foxit Reader and PhantomPDF versions prior to 8.1 on Windows-based platforms. When the gflags application is enabled, a remote...

acroread: multiple code execution flaws (APSB10-02)

The U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, 8.x before 8.2 on Windows and Mac OS X, and 7.x before 7.1.4 allows remote attackers to execute arbitrary code via malformed U3D data in a PDF document, related to a CLODProgressiveMeshDeclaration "array boundary issue," a differe...

PT-2010-1309 · Adobe · Reader +1

Name of the Vulnerable Software and Affected Versions: Adobe Reader and Acrobat versions 9.x before 9.3 Adobe Reader and Acrobat versions 8.x before 8.2 Adobe Reader and Acrobat versions 7.x before 7.1.4 Description: The issue is related to a problem in the U3D implementation, allowing remote...

CVE-2006-6146

Buffer overflow in the HPDFPageCircle function in hpdfpageoperator.c in Takeshi Kanno Haru Free PDF Library libharu2, aka libharu 2.0.7 and earlier allows context-dependent attackers to cause a denial of service application crash via certain arguments that yield a large amount of PDF data, as...

CVE-2006-6146

Buffer overflow in the HPDFPageCircle function in hpdfpageoperator.c in Takeshi Kanno Haru Free PDF Library libharu2, aka libharu 2.0.7 and earlier allows context-dependent attackers to cause a denial of service application crash via certain arguments that yield a large amount of PDF data, as...