CVE-2017-15565

In Poppler 0.59.0, a NULL Pointer Dereference exists in the GfxImageColorMap::getGrayLine function in GfxState.cc via a crafted PDF document...

Design/Logic Flaw

The buildfilterchain function in pdf/pdf-stream.c in Artifex MuPDF before 2017-09-25 mishandles a certain case where a variable may reside in a register, which allows remote attackers to cause a denial of service Fitz fzdropimp use-after-free and application crash or possibly have unspecified oth...

Memory Corruption Vulnerability in Pleasant Book PDF Reader

Yue Book PDF Reader is an e-book reader developed by Shenzhen Ivy Software Technology Co. YueShu PDF Reader suffers from a memory corruption vulnerability when processing PDF files. An attacker can cause the program to crash by constructing some malformed PDF files...

DEBIAN-CVE-2017-15015

ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in PDFDelegateMessage in coders/pdf.c...

ALPINE-CVE-2017-11625

A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDF::resolveObjectsInStream function in QPDF.cc, aka an "infinite loop."...

CVE-2017-3094

Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the PDF processing engine. Successful exploitation could lead to arbitrary code execution...

CVE-2017-3094

Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the PDF processing engine. Successful exploitation could lead to arbitrary code execution...

CVE-2017-3094

Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the PDF processing engine. Successful exploitation could lead to arbitrary code execution...

DEBIAN-CVE-2017-9210

libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service infinite recursion and stack consumption via a crafted PDF document, related to unparse functions, aka qpdf-infiniteloop3...

openSUSE Security Update : clamav (openSUSE-2015-366)

The ClamAV antivirus engine was updated to version 0.98.7 to fix several security and non-security issues. The following vulnerabilities were fixed bsc929192 : - CVE-2015-2170: Fix crash in upx decoder with crafted file. Discovered and patch supplied by Sebastian Andrzej Siewior. - CVE-2015-2221:...

Unspecified Memory Corruption Arbitrary Code Execution Vulnerability in Adobe Reader/Acrobat (CNVD-2015-03136)

Adobe Reader/Acrobat are popular applications for processing PDF files. A memory corruption vulnerability exists in Adobe Reader/Acrobat's handling of particular PDF files, which allows remote attackers to exploit the vulnerability to construct malicious files and trick users into parsing them,...

Fedora 20 : clamav-0.98.7-1.fc20 (2015-7378)

ClamAV 0.98.7 ============= This release contains new scanning features and bug fixes. - Improvements to PDF processing: decryption, escape sequence handling, and file property collection. - Scanning/analysis of additional Microsoft Office 2003 XML format. - Fix infinite loop condition on crafted...

Fedora 22 : clamav-0.98.7-1.fc22 (2015-7346)

ClamAV 0.98.7 ============= This release contains new scanning features and bug fixes. - Improvements to PDF processing: decryption, escape sequence handling, and file property collection. - Scanning/analysis of additional Microsoft Office 2003 XML format. - Fix infinite loop condition on crafted...

Fedora 21 : clamav-0.98.7-1.fc21 (2015-7334)

ClamAV 0.98.7 ============= This release contains new scanning features and bug fixes. - Improvements to PDF processing: decryption, escape sequence handling, and file property collection. - Scanning/analysis of additional Microsoft Office 2003 XML format. - Fix infinite loop condition on crafted...

CVE-2014-4378

CoreGraphics in Apple iOS before 8 and Apple TV before 7 allows remote attackers to obtain sensitive information or cause a denial of service out-of-bounds read and application crash via a crafted PDF document...

Avira Antivir DoS

Endless loop on PDF processing...

Google Chrome < 21.0.1180.60 Multiple Vulnerabilities

Binary data 6528.pasl...

Scientific Linux Security Update : kdegraphics on SL5.x, SL4.x i386/x86_64

Maurycy Prodeus discovered an integer overflow flaw in the processing of PDF files. An attacker could create a malicious PDF file that would cause kpdf to crash or potentially execute arbitrary code when opened. CVE-2007-3387 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive te...

Google Chrome < 21.0.1180.60 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is earlier than 21.0.1180.60 and is, therefore, affected by the following vulnerabilities : - Re-prompts are not displayed for excessive downloads. CVE-2012-2847 - Drag and drop file access restrictions are not restrictive enough...

Google Chrome < 21.0.1180.60 Multiple Vulnerabilities

Binary data 800901.prm...