MiracleLinux 7 : poppler-0.26.5-17.el7 (AXSA:2017-2054:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2054:01 advisory. A stack-based buffer overflow was found in the poppler library. An attacker could create a malicious PDF file that would cause applications that use...

EUVD-2019-5519

Malware in sbrugna...

EUVD-2018-10607

Malware in sbrugna...

SUSE CVE-2017-9775

Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service application crash via a crafted PDF document...

The vulnerability of the GfxState.cc component in the Poppler PDF rendering library allows a hacker to trigger a service failure.

The vulnerability of the GfxState.cc component in the Poppler PDF rendering library is related to the failure to release resources after their useful lifespan has ended. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

CVE-2022-35098

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via GfxICCBasedColorSpace::getDefaultColorGfxColor at /xpdf/GfxState.cc...

CVE-2022-35098

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via GfxICCBasedColorSpace::getDefaultColorGfxColor at /xpdf/GfxState.cc...

CVE-2022-35098

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via GfxICCBasedColorSpace::getDefaultColorGfxColor at /xpdf/GfxState.cc...

CVE-2022-35098

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via GfxICCBasedColorSpace::getDefaultColorGfxColor at /xpdf/GfxState.cc...

Heap overflow

In Xpdf 4.02, SplashOutputDev::endType3CharGfxState state SplashOutputDev.cc:3079 is trying to use the freed t3GlyphStack-cache, which causes an heap-use-after-free problem. The codes of a previous fix for nested Type 3 characters wasn't correctly handling the case where a Type 3 char referred to...

Denial Of Service (DoS)

libpoppler.so is vulnerable to denial of service DoS. The attacker can send a malicious PDF file to trigger a null pointer dereference in the function GfxImageColorMap::getGrayLine in GfxState.cc...

CVE-2019-14291

Xpdf 4.01.01 contains an out-of-bounds read in GfxPatchMeshShading::parse (GfxState.cc, typeA==6 case 3). The issue is documented across multiple sources (NVD, CNVD, Red Hat, Ubuntu OSV, CNVD, etc.). Potential impact is a denial of service. The provided documents do not specify a vendor patch or ...

CVE-2019-14291

An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 3...

CVE-2019-14290

An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 2...

CVE-2019-9878

There is an invalid memory access in the function GfxIndexedColorSpace::mapColorToBase located in GfxState.cc in Xpdf 4.0.0, as used in pdfalto 0.2. It can be triggered by for example sending a crafted pdf file to the pdftops binary. It allows an attacker to cause Denial of Service Segmentation...

CVE-2018-18897

An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo...

CVE-2018-18897

An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo...

CVE-2018-18897

CVE-2018-18897 refers to a memory leak in Poppler 0.71.0’s GfxColorSpace::setDisplayProfile (GfxState.cc), demonstrated by pdftocairo. The issue is documented across multiple advisories in the connected documents, confirming the component (Poppler), vulnerable function, and affected version. The ...

CVE-2018-18897

An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo...

CVE-2018-18897

An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo...