poppler security update

20.11.0-6 - Check for overflow when computing number of symbols - in JBIG2 text region - Resolves: 2126361...

poppler: integer overflow in JBIG2 decoder using malformed files

An integer overflow issue was discovered in Popplers' JBIG2 decoder in the JBIG2Stream::readTextRegionSeg function in JBIGStream.cc file. This flaw allows an attacker to trick a user into opening a malformed PDF file or JBIG2 image in the application, triggering an integer overflow, which could...

poppler security and bug fix update

21.01.0-14 - Check for overflow when computing number of symbols - in JBIG2 text region - Resolves: 2126364...

SUSE CVE-2022-38171

Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIG2Stream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIGStream.cc. Exploiting this vulnerability is possible by processing a specially crafted PDF file or JBIG2 image. Remediation Upgrade poppler to...

CVE-2021-29343

Ovidentia CMS 6.x contains a SQL injection vulnerability in the "id" parameter of index.php. The "checkbox" property into "text" data can be extracted and displayed in the text region or in source code...

UBUNTU-CVE-2019-13286

In Xpdf 4.01.01, there is a heap-based buffer over-read in the function JBIG2Stream::readTextRegionSeg located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure...