Lucene search
K

137 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:14 a.m.2 views

SUSE CVE-2019-9877

There is an invalid memory access vulnerability in the function TextPage::findGaps located at TextOutputDev.c in Xpdf 4.01, which can for example be triggered by sending a crafted pdf file to the pdftops binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly have...

7.8CVSS7.4AI score0.01141EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:11 a.m.2 views

SUSE CVE-2019-12360

A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by sending crafted TrueType data in a PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data into dump...

7.1CVSS7.1AI score0.0112EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:10 a.m.3 views

SUSE CVE-2019-13291

In Xpdf 4.01.01, there is a heap-based buffer over-read in the function DCTStream::readScan located at Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allow an attacker to cause Information Disclosure...

5.5CVSS7AI score0.01097EPSS
Exploits1References3
Veracode
Veracode
added 2022/12/31 12:45 a.m.65 views

Denial Of Service

poppler is vulnerable to denial of service attacks. A logical error in the Hints::Hints function in the Hints.cc file allows an attacker to trick a user into opening a crafted PDf file into the pdftops utility, which causes the program to hang for a long time, leading to a denial of service...

6.5CVSS6.1AI score0.01547EPSS
Exploits1References9Affected Software1
RedHat Linux
RedHat Linux
added 2022/11/15 1:30 p.m.8 views

poppler: A logic error in the Hints::Hints function can cause denial of service

A logic error was found in Popplers' Hints::Hints function in the Hints.cc file. This flaw allows an attacker to trick a user into opening a crafted PDf file into the pdftops utility, which causes the program to hang for a long time, leading to a denial of service...

6.5CVSS5.7AI score0.01547EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2022/11/08 10:9 a.m.14 views

poppler: A logic error in the Hints::Hints function can cause denial of service

A logic error was found in Popplers' Hints::Hints function in the Hints.cc file. This flaw allows an attacker to trick a user into opening a crafted PDf file into the pdftops utility, which causes the program to hang for a long time, leading to a denial of service...

6.5CVSS5.7AI score0.01547EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2022/05/20 11:56 p.m.28 views

CVE-2019-12957

In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToType1 in fofi/FoFiType1C.cc when the index number is larger than the charset array bounds. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It allows an attacker to use a crafted...

7.8CVSS4.5AI score0.0123EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2022/05/20 11:14 p.m.23 views

CVE-2019-9589

There is a NULL pointer dereference vulnerability in PSOutputDev::setupResources located in PSOutputDev.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to for example the pdftops binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly have...

7.8CVSS4AI score0.01198EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2021/01/05 10:32 p.m.16 views

CVE-2020-35702

A heap buffer overflow flaw was found in poppler. This flaw allows a remote attacker to provide a specially crafted PDF file that, when processed by the 'pdftops' program, leads to a crash or potential code execution. The highest threat from this vulnerability is to confidentiality and integrity ...

8.1CVSS4AI score0.00861EPSS
Exploits1References3
Mageia
Mageia
added 2020/07/10 3:40 p.m.39 views

Updated xpdf packages fix security vulnerability

A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by sending crafted TrueType data in a PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data into dump...

7.1CVSS2.6AI score0.0112EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2019/07/23 12:0 a.m.7 views

The vulnerability of the PDF document conversion tool pdftops, which operates in the PostScript format, stems from the handling of the zero pointer. This allows a malicious actor to trigger a service failure.

The vulnerability of the PDF document conversion utility in the pdftops format within the poppler-utils package relates to the handling of the null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure by entering a specially crafted sequence of data in the...

4CVSS5.5AI score
Exploits0Affected Software1
NVD
NVD
added 2019/07/04 10:15 p.m.33 views

CVE-2019-13291

In Xpdf 4.01.01, there is a heap-based buffer over-read in the function DCTStream::readScan located at Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allow an attacker to cause Information Disclosure...

5.5CVSS5.5AI score0.01097EPSS
Exploits1References1
Prion
Prion
added 2019/07/04 10:15 p.m.19 views

Heap overflow

In Xpdf 4.01.01, there is a heap-based buffer over-read in the function DCTStream::readScan located at Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allow an attacker to cause Information Disclosure...

4.3CVSS5.5AI score0.01097EPSS
Exploits1References1Affected Software1
UbuntuCve
UbuntuCve
added 2019/07/04 10:15 p.m.27 views

CVE-2019-13291

In Xpdf 4.01.01, there is a heap-based buffer over-read in the function DCTStream::readScan located at Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allow an attacker to cause Information Disclosure...

5.5CVSS6.2AI score0.01097EPSS
Exploits1References2
Prion
Prion
added 2019/06/25 12:15 a.m.27 views

Design/Logic Flaw

In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToType1 in fofi/FoFiType1C.cc when the index number is larger than the charset array bounds. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It allows an attacker to use a crafted...

6.8CVSS8AI score0.0123EPSS
Exploits1References4Affected Software2
OSV
OSV
added 2019/06/25 12:15 a.m.9 views

UBUNTU-CVE-2019-12957

In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToType1 in fofi/FoFiType1C.cc when the index number is larger than the charset array bounds. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It allows an attacker to use a crafted...

7.8CVSS7.3AI score0.0123EPSS
Exploits1References3
Cvelist
Cvelist
added 2019/06/24 11:27 p.m.22 views

CVE-2019-12957

In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToType1 in fofi/FoFiType1C.cc when the index number is larger than the charset array bounds. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It allows an attacker to use a crafted...

8AI score0.0123EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2019/06/24 11:27 p.m.27 views

CVE-2019-12957

In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToType1 in fofi/FoFiType1C.cc when the index number is larger than the charset array bounds. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It allows an attacker to use a crafted...

7.8CVSS6AI score0.0123EPSS
Exploits1
Debian CVE
Debian CVE
added 2019/05/31 1:12 a.m.26 views

CVE-2019-12493

A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSpace and GfxDeviceNColorSpace mishandle tint transform functions. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allo...

7.1CVSS7AI score0.01271EPSS
Exploits1
OSV
OSV
added 2019/05/27 11:29 p.m.2 views

DEBIAN-CVE-2019-12360

A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by sending crafted TrueType data in a PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data into dump...

7.1CVSS7.1AI score0.0112EPSS
Exploits0References1
Rows per page
Query Builder