37 matches found
CVE-2024-7868
CVE-2024-7868 affects Xpdf 4.05 and earlier, where invalid header info in a DCT (JPEG) stream can trigger an uninitialized variable in the DCT decoder, with a proof-of-concept PDF causing a segfault. Fedora/Slackware advisories indicate the issue is addressed by upgrading to Xpdf 4.06; multiple a...
CVE-2024-7868 Uninitialized variable in Xpdf 4.05 due to invalid JPEG header
In Xpdf 4.05 and earlier, invalid header info in a DCT JPEG stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address...
PT-2024-38645
Name of the Vulnerable Software and Affected Versions Xpdf versions 4.05 and earlier Description The issue arises from invalid header information in a DCT JPEG stream, leading to an uninitialized variable in the DCT decoder. This can cause a segfault when attempting to read from an invalid addres...
Xpdf 安全漏洞
Xpdf is a free PDF viewer and toolkit from Xpdf, Inc. that includes a text extractor, image converter, HTML converter, and more. A security vulnerability exists in Xpdf version 4.05 and earlier versions, which stems from invalid header information in the DCT JPEG stream that could lead to...
SUSE CVE-2018-11033
The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in xpdf before 4.00 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via crafted JPEG data...
SUSE CVE-2022-24106
In Xpdf prior to 4.04, the DCT JPEG decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc...
CVE-2022-24106
In Xpdf prior to 4.04, the DCT JPEG decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc...
Integer overflow
In Xpdf prior to 4.04, the DCT JPEG decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc...
CVE-2022-24106
In Xpdf prior to 4.04, the DCT JPEG decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc...
CVE-2022-24106
In Xpdf prior to 4.04, the DCT JPEG decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc...
CVE-2022-24106
In Xpdf, prior to version 4.04, the DCT (JPEG) decoder allowed the 'interleaved' flag to be changed after the first scan, which creates an unknown integer-related vulnerability in Stream.cc. This issue is documented as CVE-2022-24106. Public advisories (e.g., Gentoo GLSA 202405-18 and Mageia MGAS...
CVE-2022-24106
In Xpdf prior to 4.04, the DCT JPEG decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc...
CVE-2022-24106
In Xpdf prior to 4.04, the DCT JPEG decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc...
CVE-2018-11033
The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in xpdf before 4.00 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via crafted JPEG data...
Design/Logic Flaw
The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in xpdf before 4.00 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via crafted JPEG data...
CVE-2018-11033
The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in xpdf before 4.00 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via crafted JPEG data...
xpdf 'DCTStream::readHuffSym' function denial of service vulnerability
Xpdf is an open source PDF reader developed by Foo Labs , it supports decoding LZW compressed format files and read encrypted PDF files.DCT decoder is one of the DCT decoder . Xpdf 4.00 before the version of the DCT decoder in the Stream.cc file 'DCTStream::readHuffSym' function has a security...