235 matches found
UBUNTU-CVE-2023-24808
PDFio is a C library for reading and writing PDF files. In versions prior to 1.1.0 a denial of service DOS vulnerability exists in the pdfio parser. Crafted pdf files can cause the program to run at 100% utilization and never terminate. The pdf which causes this crash found in testing is about 28...
CVE-2022-42400
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...
CVE-2022-3161
The APDFL.dll contains a memory corruption vulnerability while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process...
CVE-2022-37332
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.0.1.12430. A specially-crafted PDF document can trigger the reuse of previously freed memory via misusing media player API, which can lead to arbitrary code execution. An attacker needs to...
CVE-2022-32774
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.0.1.12430. By prematurely deleting objects associated with pages, a specially-crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution...
CVE-2022-37332
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.0.1.12430. A specially-crafted PDF document can trigger the reuse of previously freed memory via misusing media player API, which can lead to arbitrary code execution. An attacker needs to...
PT-2022-23931 · Foxit · Foxit Pdf Reader
Name of the Vulnerable Software and Affected Versions: Foxit Software's PDF Reader version 12.0.1.12430 Description: A use-after-free issue exists in the JavaScript engine, allowing arbitrary code execution through the misuse of the media player API. This can be triggered by opening a...
PT-2022-26411 · Pdf Xchange · Pdf-Xchange Editor
Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations. User interaction is required, where the target must visit a malicious page or open...
PT-2022-26402 · Pdf Xchange · Pdf-Xchange Editor
Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a...
XPDF 输入验证错误漏洞
XPDF is an open source PDF reader from FOO Labs. The product supports decoding files in LZW compressed format and reading encrypted PDF files. A security vulnerability exists in XPDF versions prior to 4.04, which stems from the JBIG2Stream::readSymbolDictSeg function in the JBIG2Stream.cc compone...
DEBIAN-CVE-2022-34503
QPDF v8.4.2 was discovered to contain a heap buffer overflow via the function QPDF::processXRefStream. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted PDF file...
PT-2022-6625 · Pdf Xchange · Pdf-Xchange Editor
Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a...
UBUNTU-CVE-2022-30524
There is an invalid memory access in the TextLine class in TextOutputDev.cc in Xpdf 4.0.4 because the text extractor mishandles characters at large y coordinates. It can be triggered by for example sending a crafted pdf file to the pdftotext binary, which allows a remote attacker to cause a Denia...
PT-2022-20158 · Xpdf +1 · Xpdf +1
Name of the Vulnerable Software and Affected Versions: Xpdf version 4.0.4 Description: The issue is caused by an invalid memory access in the TextLine class in TextOutputDev.cc. This occurs because the text extractor mishandles characters at large y coordinates. It can be triggered by sending a...
多款Adobe产品资源管理错误漏洞
Adobe Acrobat is a set of PDF file editing and conversion tools. Adobe Acrobat Reader is a PDF viewer. The software is used to print, sign and annotate PDFs. Adobe Acrobat and Adobe Acrobat Reader are vulnerable to resource management errors, which remote attackers use to trick victims into openi...
多款Adobe产品缓冲区错误漏洞
Adobe Acrobat is a set of PDF file editing and conversion tools. The software is used to print, sign and annotate PDFs.Several Adobe products are vulnerable to an out-of-bounds reading vulnerability, which stems from a boundary error when processing PDF files. A remote attacker could use the...
多款Adobe产品缓冲区错误漏洞
Adobe Acrobat is a set of PDF file editing and conversion tools. The software is used to print, sign and annotate PDFs.Several Adobe products are vulnerable to an out-of-bounds reading vulnerability, which stems from a boundary error when processing PDF files. A remote attacker could use the...
CVE-2022-24196
iText v7.1.17, up to exluding": 7.1.18 and 7.2.2 was discovered to contain an out-of-memory error via the component readStreamBytesRaw, which allows attackers to cause a Denial of Service DoS via a crafted PDF file...
Adobe Acrobat and Reader 资源管理错误漏洞
Adobe Reader also known as Acrobat Reader is a PDF file reader software developed by Adobe. Adobe Acrobat is a PDF editing software developed by Adobe. Adobe Acrobat/Reader has a resource management error vulnerability, which can be exploited by remote attackers to Creating specially crafted PDF...
CVE-2021-44001
A vulnerability has been identified in JT2Go All versions V13.2.0.5, Teamcenter Visualization All versions V13.2.0.5. The DL180pdfl.dll contains an out of bounds write past the end of an allocated structure while parsing specially crafted PDF files. This could allow an attacker to execute code in...