489 matches found
DCTStream:: reset()
Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow...
openSUSE 10 Security Update : acroread (acroread-2506)
The Adobe Acrobat Reader has been updated to version 7.0.9. This update also includes following security fixes : CVE-2006-5857: A memory corruption problem was fixed in Adobe Acrobat Reader can potentially lead to code execution. CVE-2007-0044: Universal Cross Site Request Forgery CSRF problems...
xpdf integer overflow
Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in 1 poppler before 0.5.91, 2 gpdf before 2.8.2, 3 kpdf, 4 kdegraphics, 5 CUPS, 6 PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a...
CVE-2007-2349
CVE-2007-2349 describes a cross-site scripting (XSS) vulnerability in Invision Power Board (IP.Board) versions 2.1.x and 2.2.x. According to the records, remote attackers can inject arbitrary web script or HTML by uploading crafted images or PDF files. The documents do not specify the underlying ...
security flaw
Adobe Reader and Acrobat 7.0.8 and earlier allows user-assisted remote attackers to execute code via a crafted PDF file that triggers memory corruption and overwrites a subroutine pointer during rendering...
security flaw
Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code JPXStream.c for xpdf 3.01 and earlier, as used in products such as 1 Poppler, 2 teTeX, 3 KDE kpdf, 4 CUPS, and 5 libextractor allows user-assisted attackers to cause a denial of service heap...
security flaw
Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted PD...
GLSA-200410-30 : GPdf, KPDF, KOffice: Vulnerabilities in included xpdf
The remote host is affected by the vulnerability described in GLSA-200410-30 GPdf, KPDF, KOffice: Vulnerabilities in included xpdf GPdf, KPDF and KOffice all include xpdf code to handle PDF files. xpdf is vulnerable to multiple integer overflows, as described in GLSA 200410-20. Impact : An attack...
PT-2009-6643 · Debian +2 · Xpdf-Utils +15
Name of the Vulnerable Software and Affected Versions: kdegraphics-dev affected versions not specified kdegraphics-dbg affected versions not specified kdegraphics-doc-html affected versions not specified kdvi affected versions not specified kdegraphics affected versions not specified...