Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIGStream.cc. Exploiting this vulnerability is possible by processing a specially crafted PDF file or JBIG2 image. Remediation Upgrade poppler to...

Freedesktop Poppler 输入验证错误漏洞

Freedesktop Poppler is a Freedesktop community C++ class library for generating PDFs, which is inherited from Xpdf PDF reader. A security vulnerability exists in Poppler version 22.08.0 and prior versions, which stems from an integer overflow in the JBIG2 decoder...

XPDF 输入验证错误漏洞

XPDF is an open source PDF reader from FOO Labs. The product supports decoding files in LZW compressed format and reading encrypted PDF files. A security vulnerability exists in XPDF versions prior to 4.04. The vulnerability stems from the DCT JPEG decoder incorrectly allowing the "interleaved"...

PT-2022-37222 · Exiv2 · Exiv2

Name of the Vulnerable Software and Affected Versions: Exiv2 affected versions not specified Description: The issue is related to a heap-buffer-overflow read error. Technical details indicate that the crash occurs in the Exiv2::QuickTimeVideo::previewTagDecoder and Exiv2::QuickTimeVideo::tagDecod...

PT-2022-4869 · Poppler +10 · Poppler +10

Name of the Vulnerable Software and Affected Versions: Poppler versions prior to and including 22.08.0 Description: The issue is related to an integer overflow in the JBIG2 decoder, specifically in the JBIG2Stream::readTextRegionSeg function. This can be triggered by processing a specially crafte...

CVE-2022-38784

Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIGStream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described...

(0Day) Tencent WeChat WXAM Decoder Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tencent WeChat. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the WXAM...

CVE-2022-38171

Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIG2Stream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by...

CVE-2022-38171

Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIG2Stream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by...

CVE-2022-38171

Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIG2Stream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by...

Integer overflow

Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIG2Stream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by...

CVE-2022-38171

Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIG2Stream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by...

CVE-2022-38171

CVE-2022-38171 describes an integer overflow in the JBIG2 decoder of Xpdf (JBIG2Stream::readTextRegionSeg in JBIG2Stream.cc) that can crash or allow arbitrary code execution when processing a crafted PDF or JBIG2 image. Publicly documented impact aligns with prior CVEs (e.g., CVE-2021-30860) and ...

XPDF 输入验证错误漏洞

XPDF is an open source PDF reader from FOO Labs. The product supports decoding files in LZW compressed format and reading encrypted PDF files. A security vulnerability exists in XPDF versions prior to 4.04, which stems from the JBIG2Stream::readSymbolDictSeg function in the JBIG2Stream.cc compone...

PT-2022-4445 · Xpdf +1 · Xpdf +1

Name of the Vulnerable Software and Affected Versions: Xpdf versions prior to 4.04 Description: The issue is related to an integer overflow in the JBIG2 decoder, specifically in the readTextRegionSeg function JBIG2Stream.cc. This can be exploited by a remote attacker using a specially crafted PDF...

UBUNTU-CVE-2022-37769

libjpeg commit 281daa9 was discovered to contain a segmentation fault via HuffmanDecoder::Get at huffmandecoder.hpp. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted file...

golang: encoding/xml: stack exhaustion in Decoder.Skip

A flaw was found in golang encoding/xml. When calling Decoder, Skip while parsing a deeply nested XML document, a panic can occur due to stack exhaustion and allows an attacker to impact system availability...

PT-2022-24059 · Libjpeg +1 · Libjpeg +1

Name of the Vulnerable Software and Affected Versions: libjpeg affected versions not specified Description: The issue allows attackers to cause a Denial of Service DoS via a crafted file, exploiting a segmentation fault in the HuffmanDecoder::Get function at huffmandecoder.hpp. Recommendations: A...

The vulnerability of the libMtkOmxAlacDec.so library, a decoder for ALAC microprogramming software for Sony Xperia phones of models 1, 5, and Pro, allows a perpetrator to…

The vulnerability of the libMtkOmxAlacDec.so decoder for ALAC microprogramming software in Sony Xperia models 1, 5, and Pro is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

PT-2022-16467 · Xpdf +2 · Xpdf +2

Name of the Vulnerable Software and Affected Versions: Xpdf versions prior to 4.04 Description: The issue is related to the DCT JPEG decoder in Xpdf, which incorrectly allows the interleaved flag to be changed after the first scan of the image. This leads to an unknown integer-related issue in...