Lucene search
+L

132 matches found

osv
osv
added 2019/07/27 7:15 p.m.6 views

UBUNTU-CVE-2019-14294

An issue was discovered in Xpdf 4.01.01. There is a use-after-free in the function JPXStream::fillReadBuf at JPXStream.cc, due to an out of bounds read...

5.5CVSS6.4AI score0.00953EPSS
Exploits1References4
cvelist
cvelist
added 2019/07/27 6:40 p.m.20 views

CVE-2019-14294

An issue was discovered in Xpdf 4.01.01. There is a use-after-free in the function JPXStream::fillReadBuf at JPXStream.cc, due to an out of bounds read...

5.8AI score0.00953EPSS
Exploits1References2
cve
cve
added 2019/07/27 6:40 p.m.57 views

CVE-2019-14294

CVE-2019-14294 affects Xpdf 4.01.01. The issue is a use-after-free in JPXStream::fillReadBuf (JPXStream.cc) caused by an out-of-bounds read. Public sources describe this as a vulnerability in Xpdf with references to memory misreference and potential denial of service; there are notes about unpatc...

5.5CVSS5.7AI score0.00953EPSS
Exploits1References2Affected Software1
debiancve
debiancve
added 2019/07/27 6:40 p.m.33 views

CVE-2019-14294

An issue was discovered in Xpdf 4.01.01. There is a use-after-free in the function JPXStream::fillReadBuf at JPXStream.cc, due to an out of bounds read...

5.5CVSS2.6AI score0.00953EPSS
Exploits1
redhatcve
redhatcve
added 2019/07/23 8:22 a.m.24 views

CVE-2019-9959

The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo...

6.5CVSS3AI score0.01907EPSS
Exploits0References3
cnvd
cnvd
added 2019/07/23 12:0 a.m.38 views

Poppler Integer Overflow Vulnerability

Poppler is based on xpdf-3.0 code base PDF rendering library. An integer overflow vulnerability exists in Poppler 0.78.0 and earlier versions. The vulnerability stems from the JPXStream::init function not checking for negative values of the stream length. An attacker can exploit the vulnerability...

6.5CVSS7.1AI score0.01907EPSS
Exploits0References1
nvd
nvd
added 2019/07/22 3:15 p.m.26 views

CVE-2019-9959

The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo...

6.5CVSS6.3AI score0.01907EPSS
Exploits0References8
osv
osv
added 2019/07/22 3:15 p.m.2 views

ALPINE-CVE-2019-9959

The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo...

6.5CVSS6.8AI score0.01907EPSS
Exploits0References1
osv
osv
added 2019/07/22 3:15 p.m.2 views

DEBIAN-CVE-2019-9959

The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo...

6.5CVSS6.4AI score0.01907EPSS
Exploits0References1
osv
osv
added 2019/07/22 3:15 p.m.5 views

UBUNTU-CVE-2019-9959

The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo...

6.5CVSS6.7AI score0.01907EPSS
Exploits0References4
snyk
snyk
added 2019/07/22 3:15 p.m.2 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound. The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk o...

6.5CVSS6.9AI score0.01907EPSS
Exploits0References2
ubuntucve
ubuntucve
added 2019/07/22 3:15 p.m.33 views

CVE-2019-9959

The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo...

6.5CVSS6.8AI score0.01907EPSS
Exploits0References3
prion
prion
added 2019/07/22 3:15 p.m.28 views

Integer overflow

The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo...

4.3CVSS6.7AI score0.01907EPSS
Exploits0References8Affected Software7
cvelist
cvelist
added 2019/07/22 2:18 p.m.35 views

CVE-2019-9959

The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo...

6.6AI score0.01907EPSS
Exploits0References8
cve
cve
added 2019/07/22 2:18 p.m.237 views

CVE-2019-9959

CVE-2019-9959 affects Poppler (PDF rendering library); the root cause is an integer overflow in JPXStream::init due to not checking negative stream length, enabling allocation of a large heap memory chunk controlled by an attacker. Affected versions include Poppler 0.78.0 and earlier. Connected a...

6.5CVSS6.4AI score0.01907EPSS
Exploits0References8Affected Software1
debiancve
debiancve
added 2019/07/22 2:18 p.m.22 views

CVE-2019-9959

The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo...

6.5CVSS7.6AI score0.01907EPSS
Exploits0
alpinelinux
alpinelinux
added 2019/07/22 2:18 p.m.40 views

CVE-2019-9959

The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo...

6.5CVSS6.8AI score0.01907EPSS
Exploits0
bdu_fstec
bdu_fstec
added 2019/07/16 12:0 a.m.5 views

The vulnerability of the JPXStream::init function in the Poppler PDF rendering library allows a attacker to execute arbitrary code or cause a service failure.

The vulnerability of the JPXStream::init function JPEG2000Stream.cc in the Poppler PDF rendering library is related to buffer overflow attacks. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure by using a specially crafted PDF document...

8.8CVSS6.4AI score0.02527EPSS
Exploits1References9Affected Software4
ptsecurity
ptsecurity
added 2019/07/15 12:0 a.m.4 views

PT-2019-5843 · Poppler +5 · Poppler +5

Name of the Vulnerable Software and Affected Versions: Poppler version 0.78.0 and earlier Description: The issue is related to the JPXStream::init function, which does not check for negative values of stream length, leading to an Integer Overflow. This allows an attacker to allocate a large memor...

9.8CVSS6.5AI score0.03518EPSS
Exploits22References218
redhatcve
redhatcve
added 2019/05/24 7:49 a.m.30 views

CVE-2019-12293

In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths...

8.8CVSS1.9AI score0.02527EPSS
Exploits1References3
Rows per page
Query Builder