47 matches found
CVE-2022-38234
XPDF vulnerability CVE-2022-38234 stems from commit ffaf11c, where Lexer::getObj(Object*) in /xpdf/Lexer.cc can cause a segmentation fault. Affected component is the XPDF project (PDF reader), with exploitation as a local threat and high impact to availability per CVSS metrics (AV:L, AC:L, PR:N, ...
CVE-2022-38234
XPDF commit ffaf11c was discovered to contain a segmentation violation via Lexer::getObjObject at /xpdf/Lexer.cc...
XPDF 安全漏洞
XPDF is an open source PDF reader from FOO Labs. The product supports decoding files in LZW compressed format and reading encrypted PDF files. XPDF commit id ffaf11c has a security vulnerability that originates from /xpdf/Lexer.cc in Lexer::getObjObject contains a global buffer overflow...
PT-2022-24305 · Xpdf · Xpdf
Name of the Vulnerable Software and Affected Versions: XPDF version ffaf11c Description: A global-buffer overflow issue was discovered in XPDF via the Lexer::getObjObject function at /xpdf/Lexer.cc. This issue can be exploited, potentially leading to unintended consequences. Recommendations: For...
XPDF 代码问题漏洞
XPDF is an open source PDF reader from FOO Labs. The product supports decoding files in LZW compressed format and reading encrypted PDF files. XPDF has a code issue vulnerability that stems from Lexer::getObjObject in /xpdf/Lexer.cc contains a segmentation violation...
PT-2022-24303 · Xpdf · Xpdf
Name of the Vulnerable Software and Affected Versions: XPDF affected versions not specified Description: A segmentation violation was discovered in XPDF via the Lexer::getObjObject function at /xpdf/Lexer.cc. This issue was identified in XPDF commit ffaf11c. Recommendations: At the moment, there ...
The vulnerability of the Parser::getObj() function in the Poppler PDF rendering library allows a attacker to trigger a service failure.
The vulnerability of the Parser::getObj function in the Poppler PDF rendering library is related to the infinite loop that can occur during execution. Exploiting this vulnerability could allow an attacker to cause a service failure...
OSV-2020-713 Heap-buffer-overflow in XRef::getEntry
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12797 Crash type: Heap-buffer-overflow READ 4 Crash state: XRef::getEntry Parser::makeStream Parser::getObj...
CVE-2019-13288
In Xpdf 4.01.01, the Parser::getObj function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. This is similar to CVE-2018-16646...
CVE-2019-13288
In Xpdf 4.01.01, the Parser::getObj function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. This is similar to CVE-2018-16646...
Design/Logic Flaw
In Xpdf 4.01.01, the Parser::getObj function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. This is similar to CVE-2018-16646...
CVE-2019-13288
In Xpdf 4.01.01, the Parser::getObj function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. This is similar to CVE-2018-16646...
CVE-2019-13288
In Xpdf 4.01.01, the Parser::getObj function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. This is similar to CVE-2018-16646...
CVE-2019-13288
CVE-2019-13288 affects Xpdf 4.01.01: the Parser::getObj() function in Parser.cc may recurse infinitely when processing a crafted file, enabling a remote DoS. Connected Debian tracker confirms the same description. No explicit remediation or affected versions beyond the cited release are provided ...
PT-2019-13240 · Xpdf · Xpdf
Name of the Vulnerable Software and Affected Versions: Xpdf version 4.01.01 Description: The issue allows a remote attacker to cause a denial-of-service DoS attack via a crafted file, leveraging infinite recursion in the Parser::getObj function. Recommendations: For Xpdf version 4.01.01, as a...
Updated poppler packages fix security vulnerabilities
In Poppler 0.68.0, the Parser::getObj function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. CVE-2018-16646 An issue was discovered in Poppler 0.71.0. There is a reachable abort in Object.h, will lead to denial of service becau...
CVE-2018-16646
In Poppler 0.68.0, the Parser::getObj function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack...
Poppler Infinite Recursion Vulnerability
Poppler is based on xpdf-3.0 code base PDF rendering library. An infinite recursion vulnerability exists in the Parser::getObj function in Parser.cc in Poppler 0.68.0, which can be exploited by a remote attacker via a specially crafted file to cause a denial of service...
DEBIAN-CVE-2018-16646
In Poppler 0.68.0, the Parser::getObj function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack...
CVE-2018-16646
In Poppler 0.68.0, the Parser::getObj function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack...