MiracleLinux 7 : poppler-0.26.5-17.el7 (AXSA:2017-2054:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2054:01 advisory. A stack-based buffer overflow was found in the poppler library. An attacker could create a malicious PDF file that would cause applications that use...

EUVD-2019-5519

Malware in sbrugna...

EUVD-2018-10607

Malware in sbrugna...

SUSE CVE-2017-9775

Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service application crash via a crafted PDF document...

CVE-2022-35098

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via GfxICCBasedColorSpace::getDefaultColorGfxColor at /xpdf/GfxState.cc...

CVE-2022-35098

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via GfxICCBasedColorSpace::getDefaultColorGfxColor at /xpdf/GfxState.cc...

CVE-2022-35098

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via GfxICCBasedColorSpace::getDefaultColorGfxColor at /xpdf/GfxState.cc...

CVE-2022-35098

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via GfxICCBasedColorSpace::getDefaultColorGfxColor at /xpdf/GfxState.cc...

Heap overflow

In Xpdf 4.02, SplashOutputDev::endType3CharGfxState state SplashOutputDev.cc:3079 is trying to use the freed t3GlyphStack-cache, which causes an heap-use-after-free problem. The codes of a previous fix for nested Type 3 characters wasn't correctly handling the case where a Type 3 char referred to...

Denial Of Service (DoS)

libpoppler.so is vulnerable to denial of service DoS. The attacker can send a malicious PDF file to trigger a null pointer dereference in the function GfxImageColorMap::getGrayLine in GfxState.cc...

CVE-2019-14291

An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 3...

CVE-2019-14291

Xpdf 4.01.01 contains an out-of-bounds read in GfxPatchMeshShading::parse (GfxState.cc, typeA==6 case 3). The issue is documented across multiple sources (NVD, CNVD, Red Hat, Ubuntu OSV, CNVD, etc.). Potential impact is a denial of service. The provided documents do not specify a vendor patch or ...

CVE-2019-14290

An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 2...

CVE-2019-9878

There is an invalid memory access in the function GfxIndexedColorSpace::mapColorToBase located in GfxState.cc in Xpdf 4.0.0, as used in pdfalto 0.2. It can be triggered by for example sending a crafted pdf file to the pdftops binary. It allows an attacker to cause Denial of Service Segmentation...

CVE-2018-18897

An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo...

CVE-2018-18897

An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo...

CVE-2018-18897

CVE-2018-18897 refers to a memory leak in Poppler 0.71.0’s GfxColorSpace::setDisplayProfile (GfxState.cc), demonstrated by pdftocairo. The issue is documented across multiple advisories in the connected documents, confirming the component (Poppler), vulnerable function, and affected version. The ...

CVE-2018-18897

An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo...

CVE-2018-18897

An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo...

CVE-2017-15565

In Poppler 0.59.0, a NULL Pointer Dereference exists in the GfxImageColorMap::getGrayLine function in GfxState.cc via a crafted PDF document...