9 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-35376
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Xpdf 4.02 allows stack consumption because of an incorrect subroutine reference in a Type 1C font charstring, related to the FoFiType1C::getOp function...
Mageia: Security Advisory (MGASA-2021-0112)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated xpdf packages fix security vulnerabilities
In Xpdf 4.02, SplashOutputDev::endType3CharGfxState state SplashOutputDev.cc:3079 is trying to use the freed t3GlyphStack-cache, which causes an heap-use-after-free problem. The codes of a previous fix for nested Type 3 characters wasn't correctly handling the case where a Type 3 char referred to...
Fedora 32 : 1:xpdf (2021-4a437fe032)
The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-4a437fe032 advisory. - In Xpdf 4.02, SplashOutputDev::endType3CharGfxState state SplashOutputDev.cc:3079 is trying to use the freed t3GlyphStack-cache, which causes an...
Fedora 33 : 1:xpdf (2021-013d9a30e0)
The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-013d9a30e0 advisory. - In Xpdf 4.02, SplashOutputDev::endType3CharGfxState state SplashOutputDev.cc:3079 is trying to use the freed t3GlyphStack-cache, which causes an...
Fedora: Security Advisory for xpdf (FEDORA-2021-4a437fe032)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2020-35376
creationtimestamp| type| source ---|---|--- 2020-12-26 07:26:37+00:00| seen| https://t.me/cibsecurity/21318...
UBUNTU-CVE-2020-35376
Xpdf 4.02 allows stack consumption because of an incorrect subroutine reference in a Type 1C font charstring, related to the FoFiType1C::getOp function...
CVE-2020-35376
CVE-2020-35376 affects Xpdf 4.02, where FoFiType1C::getOp() misreferences a subroutine in a Type 1C font string, causing stack consumption. The Gentoo GLSA (GLSA-202405-18) recommends upgrading to Xpdf 4.04 or newer to fix the vulnerability. No exploitation details are provided in the connected d...