Lucene search
+L

660 matches found

Debian CVE
Debian CVE
added 2008/04/18 3:0 p.m.26 views

CVE-2008-1693

The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, relate...

6.8CVSS7.3AI score0.04941EPSS
Exploits1
CVE
CVE
added 2008/04/18 3:0 p.m.88 views

CVE-2008-1693

CVE-2008-1693 involves Poppler (and associated viewers such as Xpdf, Evince, gpdf, kdegraphics, xpdf) where CairoFont::create in CairoFontEngine.cc mishandles embedded PDF fonts, leading to possible remote code execution via a crafted font object. Root cause: dereferencing a function pointer tied...

6.8CVSS7.3AI score0.04941EPSS
Exploits1References34Affected Software1
UbuntuCve
UbuntuCve
added 2008/04/18 12:0 a.m.23 views

CVE-2008-1693

The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, relate...

6.8CVSS6.4AI score0.04941EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2008/04/17 5:25 p.m.8 views

xpdf: embedded font vulnerability

The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, relate...

6.8CVSS6.5AI score0.04941EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2008/04/17 5:17 p.m.23 views

Important: Red Hat Security Advisory: poppler security update

Updated poppler packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Poppler is a PDF rendering library, used by applications such as Evince. Kees Cook discovered ...

6.8CVSS6.4AI score0.04941EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2008/04/17 5:5 p.m.7 views

xpdf: embedded font vulnerability

The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, relate...

6.8CVSS6.5AI score0.04941EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.25 views

Debian: Security Advisory (DSA-1243-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.1CVSS6.5AI score0.14838EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.17 views

Debian Security Advisory DSA 1243-1 (evince)

The remote host is missing an update to evince announced via advisory DSA 1243-1. Renaud Lifchitz discovered that gv, the PostScript and PDF viewer for X, performs insufficient boundary checks in the Postscript parsing code, which allows the execution of arbitrary code through a buffer overflow...

5.1CVSS0.2AI score0.14838EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2007/12/13 12:0 a.m.18 views

SuSE 10 Security Update : evince (ZYPP Patch Number 2358)

Specially crafted Postscript files could be used to execute arbitrary code by causing a buffer overflow in evince. CVE-2006-5864 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

5.1CVSS7.9AI score0.14838EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2007/11/20 12:0 a.m.31 views

GLSA-200711-22 : Poppler, KDE: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-200711-22 Poppler, KDE: User-assisted execution of arbitrary code Alin Rad Pop Secunia Research discovered several vulnerabilities in the 'Stream.cc' file of Xpdf: An integer overflow in the DCTStream::reset method and a boundary...

9.3CVSS7.4AI score0.0702EPSS
Exploits1References4
Gentoo Linux
Gentoo Linux
added 2007/11/18 12:0 a.m.42 views

Poppler, KDE: User-assisted execution of arbitrary code

Background Poppler is a cross-platform PDF rendering library originally based on Xpdf. KOffice is an integrated office suite for KDE. KWord is the KOffice word processor. KPDF is a KDE-based PDF viewer included in the kdegraphics package. Description Alin Rad Pop Secunia Research discovered sever...

9.3CVSS7.7AI score0.0702EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2007/11/10 12:0 a.m.24 views

Ubuntu 5.10 / 6.06 LTS / 6.10 : evince vulnerability (USN-390-2)

USN-390-1 fixed a vulnerability in evince. The original fix did not fully solve the problem, allowing for a denial of service in certain situations. A buffer overflow was discovered in the PostScript processor included in evince. By tricking a user into opening a specially crafted PS file, an...

5.1CVSS8.2AI score0.14838EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2007/11/10 12:0 a.m.19 views

Ubuntu 5.10 / 6.06 LTS / 6.10 : evince vulnerability (USN-390-1)

A buffer overflow was discovered in the PostScript processor included in evince. By tricking a user into opening a specially crafted PS file, an attacker could crash evince or execute arbitrary code with the user's privileges. Note that Tenable Network Security has extracted the preceding...

5.1CVSS8.2AI score0.14838EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2007/11/10 12:0 a.m.28 views

Ubuntu 6.06 LTS / 6.10 : evince-gtk vulnerability (USN-390-3)

USN-390-2 fixed vulnerabilities in evince. This update provides the corresponding update for evince-gtk. A buffer overflow was discovered in the PostScript processor included in evince. By tricking a user into opening a specially crafted PS file, an attacker could crash evince or execute arbitrar...

5.1CVSS8.2AI score0.14838EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2007/11/08 12:0 a.m.29 views

RHEL 5 : poppler (RHSA-2007:1026)

Updated poppler packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Poppler is a PDF rendering library, used by applications such as evince. Alin Rad Pop...

9.3CVSS6.6AI score0.0702EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2007/11/07 6:10 p.m.64 views

Important: Red Hat Security Advisory: poppler security update

Updated poppler packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Poppler is a PDF rendering library, used by applications such as evince. Alin Rad Pop...

9.3CVSS7AI score0.0702EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2007/10/17 12:0 a.m.25 views

openSUSE 10 Security Update : evince (evince-2362)

Specially crafted Postscript files could be used to execute arbitrary code by causing a buffer overflow in evince CVE-2006-5864. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update evince-2362. Th...

5.1CVSS7.9AI score0.14838EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2007/09/24 12:0 a.m.30 views

GLSA-200709-12 : Poppler: Two buffer overflow vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200709-12 Poppler: Two buffer overflow vulnerabilities Poppler and Xpdf are vulnerable to an integer overflow in the StreamPredictor::StreamPredictor function, and a stack overflow in the StreamPredictor::getNextLine function. The...

6.8CVSS6.5AI score0.08565EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2007/07/31 12:0 a.m.26 views

RHEL 5 : poppler (RHSA-2007:0732)

Updated poppler packages that fix a security issue in PDF handling are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Poppler is a PDF rendering library, used by applications such as evince. Maury...

6.8CVSS6AI score0.08565EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2007/04/10 12:0 a.m.22 views

GLSA-200704-06 : Evince: Stack overflow in included gv code

The remote host is affected by the vulnerability described in GLSA-200704-06 Evince: Stack overflow in included gv code Evince includes code from GNU gv that does not properly boundary check user-supplied data before copying it into process buffers. Impact : An attacker could entice a user to ope...

5.1CVSS8.1AI score0.14838EPSS
Exploits1References3
Rows per page
Query Builder