20 matches found
[SECURITY] [DSA 1537-1] New xpdf packages fix multiple vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-1537-1 [email protected] http://www.debian.org/security/ Devin Carraway April 02, 2008 http://www.debian.org/security/faq -...
Xpdf多个远程Stream.CC漏洞
Xpdf是一款处理PDF的应用程序 Xpdf存在多个缓冲区溢出问题,远程攻击者可以利用漏洞以应用程序权限执行任意指令。 1)xpdf/Stream.cc文件中的"DCTStream::readProgressiveDataUnit"方法存在数组索引错误,通过特殊构建的PDF文件可造成内存破坏。 2)xpdf/Stream.cc文件中的"DCTStream::reset"方法存在整数溢出错误,可导致基于堆的缓冲区溢出。...
CCITTFaxStream:: lookChar()
Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter...
CVE-2007-5393
Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter...
Heap overflow
Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter...
CVE-2007-5393
Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter...
CVE-2007-5393
Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter...
CCITTFaxStream:: lookChar()
Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter...
CCITTFaxStream:: lookChar()
Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter...
CCITTFaxStream:: lookChar()
Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter...
CVE-2007-5393
Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter...
Mandrake Linux Security Advisory : tetex (MDKSA-2006:011)
Multiple heap-based buffer overflows in the DCTStream::readProgressiveSOF and DCTStream::readBaselineSOF functions in the DCT stream parsing code Stream.cc in xpdf 3.01 and earlier, allow user-complicit attackers to cause a denial of service heap corruption and possibly execute arbitrary code via...
Mandrake Linux Security Advisory : kdegraphics (MDKSA-2006:012)
Multiple heap-based buffer overflows in the DCTStream::readProgressiveSOF and DCTStream::readBaselineSOF functions in the DCT stream parsing code Stream.cc in xpdf 3.01 and earlier, allow user-complicit attackers to cause a denial of service heap corruption and possibly execute arbitrary code via...
CVE-2005-3625
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service infinite loop via streams that end prematurely, as demonstrated using the 1 CCITTFaxDecode and 2 DCTDecode streams, aka "Infinite CPU spins."...
CVE-2005-3625
CVE-2005-3625 is confirmed to affect Xpdf and related tools (gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, etc.). The issue is a denial-of-service in PDF stream handling where streams that end prematurely can cause an infinite loop, demonstrated for the CCITTFaxDecode and DCTDecode s...
CVE-2005-3624
CVE-2005-3624 affects multiple PDF tools (xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, etc.). The issue is in CCITTFaxDecode handling in Stream.cc, where negative or very large integers can trigger integer overflows/underflows, leading to heap corruption. The documented impact...
CVE-2005-3625
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service infinite loop via streams that end prematurely, as demonstrated using the 1 CCITTFaxDecode and 2 DCTDecode streams, aka "Infinite CPU spins."...
DEBIAN-CVE-2005-3624
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows...
security flaw
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows...
security flaw
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service infinite loop via streams that end prematurely, as demonstrated using the 1 CCITTFaxDecode and 2 DCTDecode streams, aka "Infinite CPU spins."...