PT-2024-28315

Name of the Vulnerable Software and Affected Versions Xpdf versions 4.05 and earlier Description The issue is an out-of-bounds array write triggered by a long Unicode sequence in ActualText. This can potentially lead to exploitation. Recommendations For Xpdf versions 4.05 and earlier, consider...

CVE-2024-3247

In Xpdf 4.05 and earlier, a PDF object loop in an object stream leads to infinite recursion and a stack overflow...

PT-2023-20763 · Xpdf +1 · Xpdf +1

Name of the Vulnerable Software and Affected Versions: Xpdf versions 4.04 and earlier Description: A bad color space object in the input PDF file can cause a divide-by-zero error. Recommendations: For Xpdf versions 4.04 and earlier, update to a version later than 4.04 to resolve the issue...

CVE-2022-38334

XPDF v4.04 and earlier was discovered to contain a stack overflow via the function Catalog::countPageTree at Catalog.cc...

PT-2022-4445 · Xpdf +1 · Xpdf +1

Name of the Vulnerable Software and Affected Versions: Xpdf versions prior to 4.04 Description: The issue is related to an integer overflow in the JBIG2 decoder, specifically in the readTextRegionSeg function JBIG2Stream.cc. This can be exploited by a remote attacker using a specially crafted PDF...

t1lib: Off-by-one via crafted Type 1 font

Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service application crash via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid...

PDF JBIG2 NULL dereference

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service crash via a crafted PDF file that triggers a NULL pointer dereference...

PDF JBIG2 invalid free()

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data...

DEBIAN-CVE-2009-3604

The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted P...

xpdf/poppler: ImageStream:: ImageStream integer overflow

Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service application crash via a crafted PDF document that triggers a NULL...

xpdf: Multiple buffer overflows in JBIG2 decoder (setBitmap, readSymbolDictSeg) (CVE-2009-0195)

Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service crash via a crafted PDF file, related to 1 JBIG2SymbolDict::setBitmap and 2 JBIG2Stream::readSymbolDictSeg...

DEBIAN-CVE-2009-0165

Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X, has unspecified impact, related to "gallocn."...

PDF JBIG2 integer overflow

Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file...

PDF JBIG2 MMR infinite loop DoS

The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service infinite loop and hang via a crafted PDF file...

Design/Logic Flaw

Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including a pdfkit.framework, b gpdf, c pdftohtml, and d libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in 1 gmem.c, 2 SplashXPathScanner.cc, 3 JBIG2Stream.c...