30 matches found
EUVD-2016-6105
Malware in sbrugna...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : poppler (SUSE-SU-2023:0677-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0677-1 advisory. - Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder...
EulerOS 2.0 SP5 : compat-poppler022 (EulerOS-SA-2023-1495)
According to the versions of the compat-poppler022 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in...
SUSE CVE-2016-5154
Multiple heap-based buffer overflows in PDFium, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted JBig2 image...
SUSE CVE-2022-38171
Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIG2Stream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by...
Updated poppler packages fix security vulnerability
Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIGStream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described...
Poppler: Arbitrary Code Execution
Background Poppler is a PDF rendering library based on the xpdf-3.0 code base. Description Multiple vulnerabilities have been discovered in Poppler. Please review the CVE identifiers referenced below for details. Impact Processing a specially crafted PDF file or JBIG2 image could lead to a crash ...
GLSA-202209-21 : Poppler: Arbitrary Code Execution
The remote host is affected by the vulnerability described in GLSA-202209-21 Poppler: Arbitrary Code Execution - An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2...
CVE-2022-38784
An integer overflow issue was discovered in Popplers' JBIG2 decoder in the JBIG2Stream::readTextRegionSeg function in JBIGStream.cc file. This flaw allows an attacker to trick a user into opening a malformed PDF file or JBIG2 image in the application, triggering an integer overflow, which could...
CVE-2022-38784
Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIGStream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described...
CVE-2022-38784
Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIGStream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described...
CVE-2022-38784
Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIGStream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described...
Integer overflow
Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIG2Stream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by...
CVE-2022-38171
Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIG2Stream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by...
ALPINE-CVE-2020-12268
jbig2imagecompose in jbig2image.c in Artifex jbig2dec before 0.18 has a heap-based buffer overflow...
Google PDFium Out-of-bounds read (CVE-2018-16076)
An out-of-bounds and vulnerability exists in Google PDFium. The vulnerability is due to an error in parsing a malformed JBIG2 image stream in a PDF document. Successful exploitation could result in sensitive data exposure and memory corruption...
Google PDFium JBIG2 image ComposeToOpt2WithRect information disclosure vulnerability
Summary An exploitable out-of-bounds read on the heap vulnerability exists in the JBIG2 parsing code of Google Chrome version 67.0.3396.99. A specially crafted PDF document can trigger an out-of-bounds read, which can possibly lead to an information leak that could be used as part of an exploit. ...
Heap overflow
ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2decodegrayscaleimage function which is used to decode halftone segments in a JBIG2 image. A document PostScript or PDF with an embedded, specially crafted, jbig2 image could trigge...
CVE-2016-9601
ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2decodegrayscaleimage function which is used to decode halftone segments in a JBIG2 image. A document PostScript or PDF with an embedded, specially crafted, jbig2 image could trigge...
CVE-2016-9601
ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2decodegrayscaleimage function which is used to decode halftone segments in a JBIG2 image. A document PostScript or PDF with an embedded, specially crafted, jbig2 image could trigge...