Lucene search
K

40 matches found

Snyk
Snyk
added 2023/05/11 11:2 a.m.3 views

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow via the component PoDoFo::PdfEncryptAESV3::PdfEncryptAESV3. Remediation Upgrade podofo to version 0.10.4 or higher. References - GitHub Commit - GitHub Issue Credit: longuu9...

8.8CVSS7.1AI score0.0074EPSS
Exploits1References2
OSV
OSV
added 2023/05/10 4:15 p.m.3 views

UBUNTU-CVE-2023-31568

Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptRC4::PdfEncryptRC4...

8.8CVSS6AI score0.00749EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/05/10 12:0 a.m.21 views

CVE-2023-31566

Podofo v0.10.0 was discovered to contain a heap-use-after-free via the component PoDoFo::PdfEncrypt::IsMetadataEncrypted...

8.9AI score0.0074EPSS
Exploits1References1
OSV
OSV
added 2021/05/26 10:15 p.m.2 views

UBUNTU-CVE-2021-30472

A flaw was found in PoDoFo 0.9.7. A stack-based buffer overflow in PdfEncryptMD5Base::ComputeOwnerKey function in PdfEncrypt.cpp is possible because of a improper check of the keyLength value...

7.8CVSS7.6AI score0.00763EPSS
Exploits1References3
ThreatPost
ThreatPost
added 2019/10/02 10:21 a.m.25 views

Hack Breaks PDF Encryption, Opens Content to Attackers

Researchers in Germany have invented a new hack that can allow someone to break the encryption of PDF files and access their content — or even forge signed PDF files under certain circumstances. A team from Ruhr University Bochum, FH Münster University of Applied Sciences and Hackmanit GmbH...

7.4AI score
Exploits0References10
exploitpack
exploitpack
added 2019/09/16 12:0 a.m.26 views

docPrint Pro 8.0 - SEH Buffer Overflow

docPrint Pro 8.0 - SEH Buffer Overflow import struct Title: docPrint Pro v8.0 'User/Master Password' Local SEH Alphanumeric Encoded Buffer Overflow Date: September 14th, 2019 Author: Connor McGarr @33y0re https://connormcgarr.github.io Vendor Homepage: http://www.verypdf.com Software Link:...

0.8AI score
Exploits0
Packet Storm
Packet Storm
added 2019/05/20 12:0 a.m.54 views

Encrypt PDF 2.3 Denial Of Service

-- coding: utf-8 -- Exploit Title: Encrypt PDF v2.3 - Denial of Service PoC Date: 19/05/2019 Author: Alejandra Sánchez Vendor Homepage: http://www.verypdf.com Software: http://www.verypdf.com/encryptpdf/encryptpdf.exe Version: 2.3 Tested on: Windows 10 Proof of Concept: 1.- Run the python script...

0.1AI score
Exploits0
OSV
OSV
added 2018/06/29 5:29 a.m.2 views

UBUNTU-CVE-2018-12983

A stack-based buffer over-read in the PdfEncryptMD5Base::ComputeEncryptionKey function in PdfEncrypt.cpp in PoDoFo 0.9.6-rc1 could be leveraged by remote attackers to cause a denial-of-service via a crafted pdf file...

7.8CVSS7.2AI score0.00988EPSS
Exploits1References4
Fedora
Fedora
added 2018/06/28 2:10 p.m.23 views

[SECURITY] Fedora 28 Update: mupdf-1.13.0-8.fc28

MuPDF is a lightweight PDF viewer and toolkit written in portable C. The renderer in MuPDF is tailored for high quality anti-aliased graphics. MuPDF renders text with metrics and spacing accurate to within fractions of a pixel for the highest fidelity in reproducing the look of a printed page on...

5.5CVSS0.6AI score0.0106EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2018/02/20 12:0 a.m.32 views

openSUSE Security Update : qpdf (openSUSE-2018-176)

This version update for qpdf to 7.1.1 fixes the following issues : - Update to version 7.1.1 - Fix one linearization bug affecting files whose first /ID component is not 16 bytes long - Update to version 7.1.0 - Allow raw encryption key to be specified in libary and command line with the...

7.8CVSS5.7AI score0.01804EPSS
Exploits4References17
securityvulns
securityvulns
added 2013/10/05 12:0 a.m.56 views

[security bulletin] HPSBPI02892 rev.1 - Certain HP FutureSmart MFP, Weak PDF Encryption, Local Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03888014 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03888014 Version: 1 HPSBPI02892 rev....

4.3CVSS0.2AI score0.02693EPSS
Exploits0
NVD
NVD
added 2013/10/04 10:44 a.m.13 views

CVE-2013-4828

HP LaserJet M4555, M525, and M725; LaserJet flow MFP M525c; LaserJet Enterprise color flow MFP M575c; Color LaserJet CM4540, M575, and M775; and ScanJet Enterprise 8500fn1 FutureSmart devices do not properly encrypt PDF documents, which allows remote attackers to obtain sensitive information via...

4.3CVSS6.2AI score0.02693EPSS
Exploits0References1
Cvelist
Cvelist
added 2013/10/04 10:0 a.m.18 views

CVE-2013-4828

HP LaserJet M4555, M525, and M725; LaserJet flow MFP M525c; LaserJet Enterprise color flow MFP M575c; Color LaserJet CM4540, M575, and M775; and ScanJet Enterprise 8500fn1 FutureSmart devices do not properly encrypt PDF documents, which allows remote attackers to obtain sensitive information via...

6.2AI score0.02693EPSS
Exploits0References1
Hewlett-Packard
Hewlett-Packard
added 2013/08/06 12:0 a.m.32 views

HPSBPI02892 rev.2 - Certain HP FutureSmart MFP, Weak PDF Encryption, Local Disclosure of Information

Potential Security Impact Weak PDF encryption and local disclosure of information VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with certain HP FutureSmart LaserJet printers. The vulnerabilities might lead to weak encryption of PDF documents or local disclosure of...

4.3CVSS6.2AI score0.02693EPSS
Exploits0
myhack58
myhack58
added 2010/06/12 12:0 a.m.15 views

How to hack pdf file password-vulnerability warning-the black bar safety net

Whenever graduation is near, graduates are busy writing papers, is closed at this time, Adobe Reader is the most busy, but sometimes come across some encrypted PDF documents, Adobe Reader also no choice。 Today, we will introduce an online gadget is used to crack encrypted PDF document password, s...

1.2AI score
Exploits0
Saint
Saint
added 2009/06/04 12:0 a.m.14 views

Find Metadata

Added: 06/04/2009 Background This tool searches the Internet for PDF and Microsoft Office files in the given domain, and extracts the metadata from those files. This metadata often contains the names or aliases of the document's authors or contributors, which can be used to guess valid e-mail...

1.7AI score
Exploits0
Saint
Saint
added 2009/06/04 12:0 a.m.13 views

Find Metadata

Added: 06/04/2009 Background This tool searches the Internet for PDF and Microsoft Office files in the given domain, and extracts the metadata from those files. This metadata often contains the names or aliases of the document's authors or contributors, which can be used to guess valid e-mail...

1.7AI score
Exploits0
NVD
NVD
added 2008/03/18 11:44 p.m.20 views

CVE-2008-0994

Preview in Apple Mac OS X 10.5.2 uses 40-bit RC4 when saving a PDF file with encryption, which makes it easier for attackers to decrypt the file via brute force methods...

2.6CVSS6AI score0.01226EPSS
Exploits1References9
Cvelist
Cvelist
added 2008/03/18 11:0 p.m.24 views

CVE-2008-0995

The Printing component in Apple Mac OS X 10.5.2 uses 40-bit RC4 when printing to an encrypted PDF file, which makes it easier for attackers to decrypt the file via brute force methods...

8.6AI score0.01699EPSS
Exploits1References9
OSV
OSV
added 2005/05/02 4:0 a.m.1 views

DEBIAN-CVE-2005-0064

Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value...

7.5CVSS8.2AI score0.07217EPSS
Exploits1References1
Rows per page
Query Builder