19 matches found
Astra Linux - уязвимость в poppler
The JPXStream::init function in Poppler 0.78.0 and earlier does not check for negative values of stream length, which can lead to an Integer Overflow. This allows an attacker to allocate a large memory chunk on the heap, with the size controlled by them. This issue was demonstrated by pdftocairo...
Unity Linux 20.1070e Security Update: poppler (UTSA-2026-017720)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017720 advisory. In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths. Tenable has...
Linux Distros Unpatched Vulnerability : CVE-2019-9959
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it...
NewStart CGSL CORE 5.05 / MAIN 5.05 : poppler Multiple Vulnerabilities (NS-SA-2020-0110)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has poppler packages installed that are affected by multiple vulnerabilities: - An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc...
NewStart CGSL CORE 5.04 / MAIN 5.04 : poppler Multiple Vulnerabilities (NS-SA-2020-0074)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has poppler packages installed that are affected by multiple vulnerabilities: - An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc...
Amazon Linux AMI : poppler (ALAS-2020-1398)
The version of poppler installed on the remote host is prior to 0.26.5-42.20. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1398 advisory. The tiffdocumentrender and tiffdocumentgetthumbnail functions in the TIFF document backend in GNOME Evince through...
Huawei EulerOS: Security Advisory for poppler (EulerOS-SA-2019-2015)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated poppler packages fix security vulnerabilities
The updated packages fix security vulnerabilities: The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an...
Updated poppler packages fix security vulnerabilities
Updated poppler packages fix security vulnerabilities Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsamplerowboxfilter function. CVE-2019-9631 PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function...
CVE-2019-9959
The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo...
Poppler Integer Overflow Vulnerability
Poppler is based on xpdf-3.0 code base PDF rendering library. An integer overflow vulnerability exists in Poppler 0.78.0 and earlier versions. The vulnerability stems from the JPXStream::init function not checking for negative values of the stream length. An attacker can exploit the vulnerability...
CVE-2019-9959
The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo...
Integer overflow
The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo...
CVE-2019-9959
The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo...
The vulnerability of the JPXStream::init function in the Poppler PDF rendering library allows a attacker to execute arbitrary code or cause a service failure.
The vulnerability of the JPXStream::init function JPEG2000Stream.cc in the Poppler PDF rendering library is related to buffer overflow attacks. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure by using a specially crafted PDF document...
DEBIAN-CVE-2019-12293
In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths...
CVE-2019-12293
CVE-2019-12293 concerns Poppler up to 0.76.1, where JPXStream::init in JPEG2000Stream.cc can cause a heap-based buffer over-read when processing data with inconsistent heights or widths. This affects many distributions (as shown by multiple advisories) and can lead to crashes or unstable behavior...
UBUNTU-CVE-2019-12293
In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths...
PT-2019-2634 · Poppler +4 · Poppler +4
Name of the Vulnerable Software and Affected Versions: Poppler versions prior to 0.76.1 Description: The issue is related to a heap-based buffer over-read in the JPXStream::init function, located in JPEG2000Stream.cc, which can be triggered by data with inconsistent heights or widths. This can...