UBUNTU-CVE-2019-9877

There is an invalid memory access vulnerability in the function TextPage::findGaps located at TextOutputDev.c in Xpdf 4.01, which can for example be triggered by sending a crafted pdf file to the pdftops binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly have...

Xpdf Invalid Memory Access Vulnerability

Xpdf is a free PDF viewer and toolkit that includes a text extractor, image converter, HTML converter and more. An invalid memory access vulnerability exists in the TextPage::findGaps function in TextOutputDev.c in Xpdf 4.01. An attacker can exploit this vulnerability by sending a specially craft...

Xpdf CVE-2019-9589 NULL Pointer Dereference

Product Details Xpdf is a free PDF viewer and toolkit, including a text extractor, image converter, HTML converter, and more. Most of the tools are available as open source. URL: Vulnerable Versions 4.01 Description There is a NULL pointer dereference vulnerability in PSOutputDev::setupResources...

CVE-2019-9589

There is a NULL pointer dereference vulnerability in PSOutputDev::setupResources located in PSOutputDev.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to for example the pdftops binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly have...

CVE-2019-9589

There is a NULL pointer dereference vulnerability in PSOutputDev::setupResources located in PSOutputDev.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to for example the pdftops binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly have...

CVE-2019-9588

There is an Invalid memory access in gAtomicIncrement located at GMutex.h in Xpdf 4.01. It can be triggered by sending a crafted pdf file to for example the pdftops binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly have unspecified other impact...

UBUNTU-CVE-2019-9588

There is an Invalid memory access in gAtomicIncrement located at GMutex.h in Xpdf 4.01. It can be triggered by sending a crafted pdf file to for example the pdftops binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly have unspecified other impact...

UBUNTU-CVE-2019-9589

There is a NULL pointer dereference vulnerability in PSOutputDev::setupResources located in PSOutputDev.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to for example the pdftops binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly have...

CVE-2019-9589

There is a NULL pointer dereference vulnerability in PSOutputDev::setupResources located in PSOutputDev.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to for example the pdftops binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly have...

CVE-2019-9588

There is an Invalid memory access in gAtomicIncrement located at GMutex.h in Xpdf 4.01. It can be triggered by sending a crafted pdf file to for example the pdftops binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly have unspecified other impact...

CVE-2019-9589

CVE-2019-9589 is a NULL pointer dereference in Xpdf 4.01, specifically PSOutputDev::setupResources() in PSOutputDev.cc. It can be triggered by processing a crafted PDF file (e.g., via the pdftops binary), potentially causing a Denial of Service (segmentation fault) and possibly other impacts. The...

PT-2019-19729 · Foxtan +1 · Xpdf +1

Name of the Vulnerable Software and Affected Versions: Xpdf version 4.01 Description: The issue is related to an invalid memory access in the gAtomicIncrement function, located in GMutex.h. This can be triggered by sending a crafted pdf file to the pdftops binary, for example. The impact of this...

Design/Logic Flaw

The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service infinite recursion via a crafted PDF file, as demonstrated by pdftops...

CVE-2017-18267

The CVE-2017-18267 entry affects Poppler (FoFiType1C::cvtGlyph in FoFiType1C.cc) and describes a vulnerability in which a crafted PDF can trigger an infinite recursion, causing a denial of service (via pdftops). The issue is in Poppler up to version 0.64.0, with exploitation demonstrated by proce...

CVE-2017-18267

The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service infinite recursion via a crafted PDF file, as demonstrated by pdftops...

Oracle Linux 5 : Important: / cups (ELSA-2008-0157)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2008-0157 advisory. 1.2.4-11.14:.4 - Prevent double-free when a browsed class has the same name as a printer or vice versa bug 433766, STR 2656. 1.2.4-11.14:.3 - pdftops: Fix inval...

Scientific Linux Security Update : cups on SL3.x, SL4.x i386/x86_64

Multiple flaws were discovered in the CUPS 'pdftops' filter. An attacker could create a malicious PDF file that, when printed, would cause 'pdftops' to crash or, potentially, execute arbitrary code as the 'lp' user. CVE-2010-3702, SL4 Only - CVE-2009-3609 After installing this update, the cupsd...

Scientific Linux Security Update : cups on SL3.x, SL4.x, SL5.x i386/x86_64

A NULL pointer dereference flaw was found in the CUPS IPP routine, used for processing incoming IPP requests for the CUPS scheduler. An attacker could use this flaw to send specially crafted IPP requests that would crash the cupsd daemon. CVE-2009-0949 A use-after-free flaw was found in the CUPS...

Scientific Linux Security Update : cups on SL5.x i386/x86_64

Two integer overflow flaws were found in the CUPS 'pdftops' filter. An attacker could create a malicious PDF file that would cause 'pdftops' to crash or, potentially, execute arbitrary code as the 'lp' user if the file was printed. CVE-2009-3608, CVE-2009-3609 After installing the update, the cup...

RedHat Update for cups RHSA-2010:0754-01

Check for the Version of cups OpenVAS Vulnerability Test RedHat Update for cups RHSA-2010:0754-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...