2 matches found
Prince Code Execution Vulnerability
Prince is a use of JavaScript to convert XML/HTML files into PDF documents API. A security vulnerability exists in Prince that originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker could exploit the vulnerability by intercepting the respon...
PDF JBIG2 invalid free()
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data...