GLSA-200804-18 : Poppler: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-200804-18 Poppler: User-assisted execution of arbitrary code Kees Cook from the Ubuntu Security Team reported that the CairoFont::create function in the file CairoFontEngine.cc does not verify the type of an embedded font object...

CVE-2008-1693

The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, relate...

CVE-2008-1693

CVE-2008-1693 involves Poppler (and associated viewers such as Xpdf, Evince, gpdf, kdegraphics, xpdf) where CairoFont::create in CairoFontEngine.cc mishandles embedded PDF fonts, leading to possible remote code execution via a crafted font object. Root cause: dereferencing a function pointer tied...

CVE-2008-1693

The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, relate...

xpdf: embedded font vulnerability

The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, relate...

GLSA-200711-22 : Poppler, KDE: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-200711-22 Poppler, KDE: User-assisted execution of arbitrary code Alin Rad Pop Secunia Research discovered several vulnerabilities in the 'Stream.cc' file of Xpdf: An integer overflow in the DCTStream::reset method and a boundary...

Poppler, KDE: User-assisted execution of arbitrary code

Background Poppler is a cross-platform PDF rendering library originally based on Xpdf. KOffice is an integrated office suite for KDE. KWord is the KOffice word processor. KPDF is a KDE-based PDF viewer included in the kdegraphics package. Description Alin Rad Pop Secunia Research discovered sever...

GLSA-200709-12 : Poppler: Two buffer overflow vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200709-12 Poppler: Two buffer overflow vulnerabilities Poppler and Xpdf are vulnerable to an integer overflow in the StreamPredictor::StreamPredictor function, and a stack overflow in the StreamPredictor::getNextLine function. The...