WebKit: Use-after-free when resuming generator(CVE-2018-4218)

In WebKit, resuming a generator is implemented in JavaScript. An internal object property, @generatorState is used to prevent recursion within generators. In GeneratorPrototype.js, the state is checked by calling: var state = this.@generatorState; and set by calling: generator.@generatorState =...

WebKit - Use-After-Free when Resuming Generator

WebKit - Use-After-Free when Resuming Generator !-- In WebKit, resuming a generator is implemented in JavaScript. An internal object property, @generatorState is used to prevent recursion within generators. In GeneratorPrototype.js, the state is checked by calling: var state = this.@generatorStat...

WebKit - Use-After-Free when Resuming Generator

!-- In WebKit, resuming a generator is implemented in JavaScript. An internal object property, @generatorState is used to prevent recursion within generators. In GeneratorPrototype.js, the state is checked by calling: var state = this.@generatorState; and set by calling: generator.@generatorState...

PoDoFo Excessive Recursion Vulnerability

PoDoFo is a library that uses the PDF file format and also includes some tools. An over-recursion vulnerability exists in the PdfPagesTree::GetPageNode function in PdfPagesTree.cpp in PoDoFo 0.9.5. A remote attacker can exploit this vulnerability to cause a denial of service via a specially craft...

CVE-2018-11254

An issue was discovered in PoDoFo 0.9.5. There is an Excessive Recursion in the PdfPagesTree::GetPageNode function of PdfPagesTree.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file, a related issue to CVE-2017-8054...

CVE-2018-11254

An issue was discovered in PoDoFo 0.9.5. There is an Excessive Recursion in the PdfPagesTree::GetPageNode function of PdfPagesTree.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file, a related issue to CVE-2017-8054...

Resource Management Errors

Overview Affected versions of this package are vulnerable to Resource Management Errors. An issue was discovered in PoDoFo 0.9.5. There is an Excessive Recursion in the PdfPagesTree::GetPageNode function of PdfPagesTree.cpp. Remote attackers could leverage this vulnerability to cause a denial of...

UBUNTU-CVE-2018-11254

An issue was discovered in PoDoFo 0.9.5. There is an Excessive Recursion in the PdfPagesTree::GetPageNode function of PdfPagesTree.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file, a related issue to CVE-2017-8054...

CVE-2018-11254

An issue was discovered in PoDoFo 0.9.5. There is an Excessive Recursion in the PdfPagesTree::GetPageNode function of PdfPagesTree.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file, a related issue to CVE-2017-8054...

Sql injection

An issue was discovered in PoDoFo 0.9.5. There is an Excessive Recursion in the PdfPagesTree::GetPageNode function of PdfPagesTree.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file, a related issue to CVE-2017-8054...

CVE-2018-11254

An issue was discovered in PoDoFo 0.9.5. There is an Excessive Recursion in the PdfPagesTree::GetPageNode function of PdfPagesTree.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file, a related issue to CVE-2017-8054...

CVE-2018-11254

An issue was discovered in PoDoFo 0.9.5. There is an Excessive Recursion in the PdfPagesTree::GetPageNode function of PdfPagesTree.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file, a related issue to CVE-2017-8054...

BIND -- multiple vulnerabilities

ISC reports: An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave zone in quick succession. A problem with the implementation of the new serve-stale feature in BIND 9.12 can lea...

CVE-2017-18267

The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service infinite recursion via a crafted PDF file, as demonstrated by pdftops...

Poppler Denial of Service Vulnerability (CNVD-2018-09469)

Poppler is a C++ class library for generating PDF, the library is inherited from Xpdf PDF reader. A security vulnerability exists in the 'FoFiType1C::cvtGlyph' function in the fofi/FoFiType1C.cc file in Poppler 0.64.0 and earlier versions. The vulnerability can be exploited by a remote attacker t...

Design/Logic Flaw

The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service infinite recursion via a crafted PDF file, as demonstrated by pdftops...

CVE-2017-18267

The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service infinite recursion via a crafted PDF file, as demonstrated by pdftops...

DEBIAN-CVE-2017-18267

The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service infinite recursion via a crafted PDF file, as demonstrated by pdftops...

CVE-2017-18267

The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service infinite recursion via a crafted PDF file, as demonstrated by pdftops...

PT-2018-3613 · Poppler +4 · Poppler +4

Name of the Vulnerable Software and Affected Versions: Poppler versions 0.64.0 and earlier Description: The issue is related to the FoFiType1C::cvtGlyph function in the Poppler library, which can cause a denial of service due to infinite recursion when processing a crafted PDF file. This can be...