Denial Of Service (DoS)

libpoppler.so is vulnerable to Denial Of Service DoS. The vulnerability exists in multiple functions at Gfx.cc due to a memory corruption reaching an infinite loop which allows an attacker to cause an application crash...

Stack overflow

An issue was discovered in swftools through 20200710. A stack-buffer-overflow exists in the function Gfx::opSetFillColorN located in Gfx.cc. It allows an attacker to cause code Execution...

CVE-2021-39561

An issue was discovered in swftools through 20200710. A stack-buffer-overflow exists in the function Gfx::opSetFillColorN located in Gfx.cc. It allows an attacker to cause code Execution...

CVE-2019-10022

An issue was discovered in Xpdf 4.01.01. There is a NULL pointer dereference in the function Gfx::opSetExtGState in Gfx.cc...

CVE-2019-10022

An issue was discovered in Xpdf 4.01.01. There is a NULL pointer dereference in the function Gfx::opSetExtGState in Gfx.cc...

Updated swftools packages fix security vulnerability

A Use After Free in the pdf2swf part of swftools 0.9.2 and earlier allows remote attackers to execute arbitrary code via a malformed PDF document, due to bundled code in Gfx.cc from Xpdf 3.02 CVE-2017-7698...

CVE-2017-14929

CVE-2017-14929 affects Poppler 0.59.0. The issue is memory corruption that occurs in Object::dictLookup() in Object.h after a sequence of Gfx calls (Gfx::display, Gfx::go, Gfx::execOp, Gfx::opFill, Gfx::doPatternFill, Gfx::doTilingPatternFill, Gfx::drawForm) which forms a Gfx.cc infinite loop. Th...

CVE-2017-14519

In Poppler 0.59.0, memory corruption occurs in a call to Object::streamGetChar in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opShowText, and Gfx::doShowText calls aka a Gfx.cc infinite loop...

CVE-2017-14519

CVE-2017-14519 affects Poppler 0.59.0. A memory corruption occurs in Object::streamGetChar in Object.h after a long sequence of Gfx calls (Gfx::display, Gfx::go, Gfx::execOp, Gfx::opShowText, Gfx::doShowText) that forms an infinite loop in Gfx.cc. The connected sources confirm the vulnerable path...

CVE-2017-14519

In Poppler 0.59.0, memory corruption occurs in a call to Object::streamGetChar in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opShowText, and Gfx::doShowText calls aka a Gfx.cc infinite loop...

CVE-2017-7698

A Use After Free in the pdf2swf part of swftools 0.9.2 and earlier allows remote attackers to execute arbitrary code via a malformed PDF document, possibly a consequence of an error in Gfx.cc in Xpdf 3.02...

FreeBSD Ports: xpdf

The remote host is missing an update to the system as announced in the referenced advisory. VID e3e266e9-5473-11d9-a9e7-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...