310 matches found
[SECURITY] Fedora 26 Update: poppler-0.52.0-4.fc26
poppler is a PDF rendering library...
USN-3350-1: poppler vulnerabilities
Aleksandar Nikolic discovered that poppler incorrectly handled JPEG 2000 images. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or possibly execute arbitrary code with privileges of the user invoking the program. CVE-2017-28...
Poppler PDF Image Display DCTStream::readScan() Code Execution Vulnerability
Summary An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler-0.53.0. A specifically crafted pdf can cause an image resizing after allocation has already occurred, resulting in heap corruption which can lead to code execution. An attacker controlled PDF...
Poppler PDF Image Display DCTStream::readProgressiveSOF() Code Execution Vulnerability
Summary An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler-0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to...
[SECURITY] Fedora 26 Update: poppler-0.52.0-2.fc26
poppler is a PDF rendering library...
[SECURITY] Fedora 25 Update: poppler-0.45.0-3.fc25
Poppler, a PDF rendering library, is a fork of the xpdf PDF viewer developed by Derek Noonburg of Glyph and Cog, LLC...
DEBIAN-CVE-2017-7994
The function TextExtractor::ExtractText in TextExtractor.cpp:77 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted PDF document...
CentOS 7 : poppler (CESA-2016:2580)
An update for poppler is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
poppler security update
CentOS Errata and Security Advisory CESA-2016:2580 An update for poppler is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Poppler: Multiple vulnerabilities
Background Poppler is a PDF rendering library based on the xpdf-3.0 code base. Description Multiple vulnerabilities have been discovered in Poppler. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted PDF using...
RHEL 7 : poppler (RHSA-2016:2580)
An update for poppler is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure.
The vulnerability of the CPDFDIBSource::CreateDecoder function located in core/fpdfapi/fpdfrender/fpdfrenderloadimage.cpp in the PDFium browser component of Google Chrome is related to improper handling of initialization errors. Exploiting this vulnerability can allow an attacker to trigger a...
USN-2958-1: poppler vulnerabilities
It was discovered that the poppler pdfseparate tool incorrectly handled certain filenames. A local attacker could use this issue to cause the tool to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 12.04 LTS. CVE-2013-4473,...
Debian Security Advisory DSA 3563-1 (poppler - security update)
It was discovered that a heap overflow in the Poppler PDF library may result in denial of service and potentially the execution of arbitrary code if a malformed PDF file is opened. OpenVAS Vulnerability Test $Id: deb3563.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from advisory DSA...
pdfium - opj_jp2_apply_pclr (libopenjpeg) Heap Based Out-of-Bounds Read
Exploit for multiple platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=626 The following crash was encountered in pdfium the Chrome PDF renderer during PDF fuzzing: --- cut --- ==9326==ERROR: AddressSanitizer: heap-buffer-overflow on addres...
Google Chrome 'opj_dwt_decode_1*' Denial of Service Vulnerability
Google Chrome is the United States Google Google company developed a Web browser. PDFium is one of the open source PDF rendering engine. Google Chrome 47.0.2526.73 previous versions of PDFium used in OpenJPEG's dwt.c file in the 'opjdwtdecode1' function has a security vulnerability. A remote...
Google Chrome PDFium Denial of Service Vulnerability (CNVD-2015-07966)
Google Chrome is the United States Google Google company developed a Web browser. PDFium is one of the open source PDF rendering engine. Google Chrome 47.0.2526.73 previous versions of PDFium used in the fxcodec/jbig2/JBig2SymbolDict.cpp file in the 'CJBig2SymbolDict' class there is a security...
UBUNTU-CVE-2014-7945
OpenJPEG before r2908, as used in PDFium in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service out-of-bounds read via a crafted PDF document, related to j2k.c, jp2.c, and t2.c...
Poppler <= 0.8.4 libpoppler uninitialized pointer Code Execution PoC
No description provided by source. Felipe Andres Manzano [email protected] updates in http://felipe.andres.manzano.googlepages.com/home ''' Sumary: ======= The libpoppler pdf rendering library, can free uninitialized pointers, leading to arbitrary code execution. This vulnerability result...
Poppler: Multiple vulnerabilities
Background Poppler is a cross-platform PDF rendering library originally based on Xpdf. Description Multiple vulnerabilities have been discovered in Poppler. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted PDF...