SUSE CVE-2018-7455

An out-of-bounds read in JPXStream::readTilePart in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml...

SUSE CVE-2018-8106

The JPXStream::readTilePartData function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service heap-based buffer over-read and application crash via a specific pdf file, as demonstrated by pdftohtml...

SUSE CVE-2019-12293

In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths...

CVE-2022-24107

Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc...

poppler: heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc

In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths...

poppler: integer overflow in JPXStream::init function leading to memory consumption

The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo...

poppler: heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc

In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths...

xpdf denial of service vulnerability (CNVD-2018-06674)

Xpdf is Foo Labs developed an open source PDF reader , it supports decoding LZW compressed format files and read encrypted PDF files . Xpdf 4.00 version of the JPXStream.cc file in the 'JPXStream::fillReadBuf' function has a security vulnerability. An attacker can exploit this vulnerability to...

xpdf denial of service vulnerability (CNVD-2018-06681)

Xpdf is an open source PDF file viewer, this software runs on X Window as well as Motif. xpdf also runs on all classes of Unix operating systems. xpdf 4.00 in the JPXStream.cc in the JPXStream::readTilePartData function has a denial of service vulnerability. An attacker can exploit this...

DEBIAN-CVE-2018-7455

An out-of-bounds read in JPXStream::readTilePart in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml...

Heap overflow

Multiple heap-based buffer overflows in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted PDF file...

CVE-2009-1861

Multiple heap-based buffer overflows in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted PDF file...

CVE-2009-1861

CVE-2009-1861 is a heap-based memory corruption vulnerability in JBIG2/JBIG2-related processing within Adobe Reader/Acrobat products. A crafted PDF with a JPX (JPEG2000) stream could trigger heap memory corruption, potentially allowing code execution or a crash. Affected products include Adobe Re...

CVE-2009-1861

Multiple heap-based buffer overflows in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted PDF file...

security flaw

Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code JPXStream.c for xpdf 3.01 and earlier, as used in products such as 1 Poppler, 2 teTeX, 3 KDE kpdf, 4 CUPS, and 5 libextractor allows user-assisted attackers to cause a denial of service heap...

CVE-2005-3193

Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code JPXStream.c for xpdf 3.01 and earlier, as used in products such as 1 Poppler, 2 teTeX, 3 KDE kpdf, 4 CUPS, and 5 libextractor allows user-assisted attackers to cause a denial of service heap...

CVE-2005-3193

The CVE-2005-3193 issue is a heap-based buffer overflow in the JPXStream::readCodestream function of the JPX stream parsing code (JPXStream.c) used by xpdf 3.01 and earlier, and by downstream components such as Poppler, teTeX, KDE kpdf, CUPS, and libextractor. The overflow can be triggered by cra...

iDefense Security Advisory 12.05.05: Multiple Vendor xpdf JPX Stream Reader Heap Overflow Vulnerability

Multiple Vendor xpdf JPX Stream Reader Heap Overflow Vulnerability iDefense Security Advisory 12.05.05 www.idefense.com/application/poi/display?id=345&type=vulnerabilities December 5, 2005 I. BACKGROUND Xpdf is an open-source viewer for Portable Document Format PDF files. II. DESCRIPTION Local...