USN-8321-1: Papers vulnerability

It was discovered that Papers incorrectly handled PDF /GoToR actions. If a user were tricked into opening a specially crafted PDF file, an attacker could use this issue to manipulate command lines and possibly execute arbitrary code...

Linux Distros Unpatched Vulnerability : CVE-2017-2820

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF fil...

Linux Distros Unpatched Vulnerability : CVE-2017-5057

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Type confusion in PDFium in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to perform ...

CVE-2019-5041

An exploitable Stack Based Buffer Overflow vulnerability exists in the EnumMetaInfo function of Aspose Aspose.Words library, version 18.11.0.0. A specially crafted doc file can cause a stack-based buffer overflow, resulting in remote code execution. An attacker needs to provide a malformed file t...

PT-2024-38742 · Autodesk · Autodesk Revit

Name of the Vulnerable Software and Affected Versions: Autodesk Revit affected versions not specified Description: A maliciously crafted PDF file, when parsed through Autodesk Revit, may force an Out-of-Bounds Write issue. This can be leveraged by a malicious actor to cause a crash, data...

USN-7062-1 libgsf vulnerabilities

It was discovered that libgsf incorrectly handled certain Compound Document Binary files. If a user or automated system were tricked into opening a specially crafted file, a remote attacker could possibly use this issue to execute arbitrary code...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS in the Hints::Hints function, via a crafted PDF file. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users. Unlike other...

SAP 3D Visual Enterprise Viewer Input Validation Error Vulnerability (CNVD-2020-53170)

SAP 3D Visual Enterprise Viewer is a free 3D visualization viewer for Windows. An input validation error vulnerability exists in SAP 3D Visual Enterprise Viewer 9, which can be exploited by an attacker to cause an application crash via a specially crafted PDF file...

Denial of Service Vulnerability in Kingsoft PDF Reader (CNVD-2019-10301)

Kingsoft PDF Reader is a PDF reading tool. Kingsoft PDF Reader has a denial of service vulnerability that can be exploited by an attacker to cause a denial of service by constructing a specific pdf file...

Denial of Service Vulnerability in Kingsoft PDF Reader (CNVD-2019-09091)

Kingsoft PDF Reader is a PDF reading tool. Kingsoft PDF Reader has a denial-of-service vulnerability, which can be exploited by an attacker to cause a denial-of-service vulnerability by constructing a specific pdf file...

DEBIAN-CVE-2018-11254

An issue was discovered in PoDoFo 0.9.5. There is an Excessive Recursion in the PdfPagesTree::GetPageNode function of PdfPagesTree.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file, a related issue to CVE-2017-8054...

Mozilla Firefox JavaScript Injection Vulnerability

Mozilla Firefox browser Firefox is a free, open source browser for Windows, Linux and MacOSX platforms. A malicious JavaScript injection vulnerability exists in Mozilla Firefox. The vulnerability arises because the PDF viewer fails to adequately validate the PostScript calculator functionality. T...

CVE-2017-14570

STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV near NULL starting at wow64!Wow64LdrpInitialize+0x00000000000008e1."...

xpdf: Freeing of potentially uninitialized memory in JBIG2 decoder

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service crash via a crafted PDF file that triggers a free of uninitialized memory...

Design/Logic Flaw

Unspecified vulnerability in AppKit in Apple Mac OS X before 10.5 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted document file, as demonstrated by opening the document with TextEdit...

CVE-2008-1028

Unspecified vulnerability in AppKit in Apple Mac OS X before 10.5 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted document file, as demonstrated by opening the document with TextEdit...