285 matches found
Information disclosure
Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 1511, and Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted PDF document, aka "Windows PDF Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3201...
CVE-2016-1686
The CPDFDIBSource::CreateDecoder function in core/fpdfapi/fpdfrender/fpdfrenderloadimage.cpp in PDFium, as used in Google Chrome before 51.0.2704.63, mishandles decoder-initialization failure, which allows remote attackers to cause a denial of service out-of-bounds read via a crafted PDF document...
CVE-2016-1686
The CPDFDIBSource::CreateDecoder function in core/fpdfapi/fpdfrender/fpdfrenderloadimage.cpp in PDFium, as used in Google Chrome before 51.0.2704.63, mishandles decoder-initialization failure, which allows remote attackers to cause a denial of service out-of-bounds read via a crafted PDF document...
CVE-2016-1685
core/fxge/ge/fxgetext.cpp in PDFium, as used in Google Chrome before 51.0.2704.63, miscalculates certain index values, which allows remote attackers to cause a denial of service out-of-bounds read via a crafted PDF document...
chromium-browser: out-of-bounds read in pdfium
core/fxge/ge/fxgetext.cpp in PDFium, as used in Google Chrome before 51.0.2704.63, miscalculates certain index values, which allows remote attackers to cause a denial of service out-of-bounds read via a crafted PDF document...
CVE-2015-8868
Heap-based buffer overflow in the ExponentialFunction::ExponentialFunction function in Poppler before 0.40.0 allows remote attackers to cause a denial of service memory corruption and crash or possibly execute arbitrary code via an invalid blend mode in the ExtGState dictionary in a crafted PDF...
Vulnerabilities of iOS and Mac OS X operating systems, allowing attackers to trigger service interruptions or execute arbitrary code
The vulnerability of the FontParser component in iOS and Mac OS X operating systems arises due to buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure memory corruption by using a specially crafted PDF document...
Remote code execution
The PDF library in Microsoft Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted PDF document, aka "Windows Remote Code Execution Vulnerability."...
CVE-2016-1626
The opjpiupdatedecodepoc function in pi.c in OpenJPEG, as used in PDFium in Google Chrome before 48.0.2564.109, miscalculates a certain layer index value, which allows remote attackers to cause a denial of service out-of-bounds read via a crafted PDF document...
Out-of-bounds
The opjpiupdatedecodepoc function in pi.c in OpenJPEG, as used in PDFium in Google Chrome before 48.0.2564.109, miscalculates a certain layer index value, which allows remote attackers to cause a denial of service out-of-bounds read via a crafted PDF document...
Microsoft Windows Buffer Overflow Vulnerability
Microsoft Windows is a series of operating systems designed for personal computer and server users from the American company Microsoft. Microsoft Windows 8.1,Windows Server 2012 Gold R2,Windows 10 There is a buffer overflow vulnerability that allows a remote attacker to execute arbitrary code by...
chromium-browser: use-after-free in PDFium
Multiple use-after-free vulnerabilities in the formfiller implementation in PDFium, as used in Google Chrome before 48.0.2564.82, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document, related to improper tracking of the destructi...
CVE-2016-1619
Multiple integer overflows in the 1 sycc422torgb and 2 sycc444torgb functions in fxcodec/codec/fxcodecjpxopj.cpp in PDFium, as used in Google Chrome before 48.0.2564.82, allow remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via a crafted...
Integer overflow
Multiple integer overflows in the 1 sycc422torgb and 2 sycc444torgb functions in fxcodec/codec/fxcodecjpxopj.cpp in PDFium, as used in Google Chrome before 48.0.2564.82, allow remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via a crafted...
Design/Logic Flaw
Multiple use-after-free vulnerabilities in the formfiller implementation in PDFium, as used in Google Chrome before 48.0.2564.82, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document, related to improper tracking of the destructi...
CVE-2016-1613
Multiple use-after-free vulnerabilities in the formfiller implementation in PDFium, as used in Google Chrome before 48.0.2564.82, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document, related to improper tracking of the destructi...
CVE-2016-1613
Removed by vendor...
CVE-2015-8868
Heap-based buffer overflow in the ExponentialFunction::ExponentialFunction function in Poppler before 0.40.0 allows remote attackers to cause a denial of service memory corruption and crash or possibly execute arbitrary code via an invalid blend mode in the ExtGState dictionary in a crafted PDF...
Foxit Reader Arbitrary Code Execution Vulnerability
Foxit Reader is prone to an arbitrary code execution vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2015-8580
Multiple use-after-free vulnerabilities in the 1 Print method and 2 App object handling in Foxit Reader before 7.2.2 and Foxit PhantomPDF before 7.2.2 allow remote attackers to execute arbitrary code via a crafted PDF document...