Modesty Pdf2json 代码问题漏洞

PDF2JSON is a conversion library based on XPDF 3.02 that can be used to convert PDF pages page by page to JSON and XML formats. PDF2JSON EmbedStream::getChar suffers from a security vulnerability. An attacker could exploit this vulnerability to cause a denial of service...

Updated swftools packages fix security vulnerability

A Use After Free in the pdf2swf part of swftools 0.9.2 and earlier allows remote attackers to execute arbitrary code via a malformed PDF document, due to bundled code in Gfx.cc from Xpdf 3.02 CVE-2017-7698...

Design/Logic Flaw

A Use After Free in the pdf2swf part of swftools 0.9.2 and earlier allows remote attackers to execute arbitrary code via a malformed PDF document, possibly a consequence of an error in Gfx.cc in Xpdf 3.02...

CVE-2017-7698

The CVE-2017-7698 issue affects swftools prior to or including 0.9.2, where a Use After Free in the pdf2swf component can allow code execution via a malformed PDF. The root cause is a memory-management flaw tied to bundled code from Xpdf 3.02 (Gfx.cc), enabling remote attackers to execute arbitra...

Fedora 14 : xpdf-3.02-16.fc14 (2010-16744)

apply xpdf-3.02pl5 security patch to fix CVE-2010-3702, CVS-2010-3704 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

Fedora 11 : xpdf-3.02-15.fc11 (2009-10648)

apply xpdf-3.02pl4 security patch to fix: CVE-2009-1188/CVE-2009-3603, CVE-2009-3604, CVE-2009-3606, CVE-2009-3608, CVE-2009-3609 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically...

Fedora 10 : xpdf-3.02-13.fc10 (2009-3820)

Fix several security updates in xpdf 3.02pl3 patch applied. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

[SECURITY] Fedora 8 Update: xpdf-3.02-4.fc8

Xpdf is an X Window System based viewer for Portable Document Format PDF files. Xpdf is a small and efficient program which uses standard X fonts...

Integer overflow

Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in 1 poppler before 0.5.91, 2 gpdf before 2.8.2, 3 kpdf, 4 kdegraphics, 5 CUPS, 6 PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a...

CVE-2007-3387

Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in 1 poppler before 0.5.91, 2 gpdf before 2.8.2, 3 kpdf, 4 kdegraphics, 5 CUPS, 6 PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a...

CVE-2007-3387

CVE-2007-3387 affects xpdf 3.02 and thus downstream KDE/kpdf/gpdf/pdfs handling in kdegraphics, CUPS, and related tools. The root cause is an integer/stack-based overflow in PDF parsing: StreamPredictor::getNextLine may overflow when processing a crafted PDF, potentially allowing remote code exec...