489 matches found
UBUNTU-CVE-2019-9587
There is a stack consumption issue in md5Round1 located in Decrypt.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to for example the pdfimages binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly have unspecified other impact. This is related...
PT-2019-19729 · Foxtan +1 · Xpdf +1
Name of the Vulnerable Software and Affected Versions: Xpdf version 4.01 Description: The issue is related to an invalid memory access in the gAtomicIncrement function, located in GMutex.h. This can be triggered by sending a crafted pdf file to the pdftops binary, for example. The impact of this...
UBUNTU-CVE-2019-9199
PoDoFo::Impose::PdfTranslator::setSource in pdftranslator.cpp in PoDoFo 0.9.6 has a NULL pointer dereference that can for example be triggered by sending a crafted PDF file to the podofoimpose binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly have unspecified...
UBUNTU-CVE-2019-9200
A heap-based buffer underwrite exists in ImageStream::getLine located at Stream.cc in Poppler 0.74.0 that can for example be triggered by sending a crafted PDF file to the pdfimages binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly have unspecified other impa...
[SECURITY] [DSA 4381-1] libreoffice security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4381-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 02, 2019 https://www.debian.org/security/faq -...
DEBIAN-CVE-2018-20065
Handling of URI action in PDFium in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to initiate potentially unsafe navigations without a user gesture via a crafted PDF file...
Paul Manafort Is Bad at Basic Tech, From Passwords to PDFs
The former Trump campaign chair keeps getting in trouble thanks at least in part to subpar digital security...
UBUNTU-CVE-2018-20481
XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service NULL pointer dereference via a crafted PDF document, when XRefEntry::setFlag in XRef.h is called from Parser::makeStream in Parser.cc...
Google Chrome PDFium memory misreference vulnerability (CNVD-2019-01591)
Google Chrome is the United States Google Google company developed a Web browser. PDFium is one of the open source PDF rendering engine. A memory misreference vulnerability exists in PDFium in versions prior to Google Chrome 71.0.3578.80. A remote attacker can exploit this vulnerability to cause...
Google Chrome PDFium memory misreference vulnerability (CNVD-2019-01590)
Google Chrome is the United States Google Google company developed a Web browser. PDFium is one of the open source PDF rendering engine. A memory misreference vulnerability exists in PDFium in versions prior to Google Chrome 71.0.3578.80. A remote attacker can exploit this vulnerability to cause...
Adobe Reader DC 2015 Information Disclosure Vulnerability (APSB18-40) - Windows
Adobe Reader DC 2015 is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Adobe Reader DC Information Disclosure Vulnerability (APSB18-40) - Mac OS X
Adobe Reader DC is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Adobe Acrobat 2017 Information Disclosure Vulnerability (APSB18-40) - Mac OS X
Adobe Acrobat 2017 is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Adobe Acrobat DC 2015 Information Disclosure Vulnerability (APSB18-40) - Mac OS X
Adobe Acrobat DC 2015 is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Adobe Reader DC Information Disclosure Vulnerability (APSB18-40) - Windows
Adobe Reader DC is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Adobe Reader 2017 Information Disclosure Vulnerability (APSB18-40) - Mac OS X
Adobe Reader 2017 is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
UBUNTU-CVE-2018-17469
Incorrect handling of PDF filter chains in PDFium in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file...
Google Chrome PDFium heap buffer overflow vulnerability (CNVD-2018-24369)
Google Chrome is the United States Google Google company developed a Web browser. PDFium is one of the open source PDF rendering engine. A heap buffer overflow vulnerability exists in PDFium in versions of Google Chrome prior to 70.0.3538.67. A remote attacker can exploit this vulnerability to...
Foxit Reader and Foxit PhantomPDF for Windows Memory Misreference Vulnerability (CNVD-2018-23230)
Foxit Reader for Windows is a Windows-based PDF document reader from China's Foxit Foxit Software Corporation.Foxit PhantomPDF for Windows is its commercial version. A memory misreference vulnerability exists in the parsing process of PDF documents in Foxit Reader 9.2.0.9297 and earlier versions...
Foxit PDF Reader JavaScript Engine Remote Code Execution Vulnerability (CNVD-2018-20719)
Foxit PDF Reader is China's Foxit Foxit Software Corporation of a PDF document reader. JavaScript engine is one of the JavaScript scripting engine. A remote code execution vulnerability exists in the JavaScript engine in Foxit PDF Reader. A remote attacker can exploit this vulnerability to execut...