GNU Libextractor Heap Buffer Overflow Vulnerability (CNVD-2020-20390)

GNU Libextractor is a set of libraries from the GNU Project for extracting metadata from files. A heap buffer overflow vulnerability exists in the 'EXTRACTORdviextractmethod' function in the plugins/dviextractor.c file in GNU Libextractor 1.9 and earlier. The vulnerability stems from a networked...

DEBIAN-CVE-2019-15531

GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTORdviextractmethod in plugins/dviextractor.c...

CVE-2019-15531

GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTORdviextractmethod in plugins/dviextractor.c...

CVE-2019-15531

GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTORdviextractmethod in plugins/dviextractor.c...

CVE-2019-15531

GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTORdviextractmethod in plugins/dviextractor.c...

Heap overflow

GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTORdviextractmethod in plugins/dviextractor.c...

UBUNTU-CVE-2019-15531

GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTORdviextractmethod in plugins/dviextractor.c...

CVE-2019-15531

GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTORdviextractmethod in plugins/dviextractor.c...

CVE-2019-15531

GNU Libextractor up to version 1.9 is affected by a heap-based buffer over-read in the DVI extractor (EXTRACTOR_dvi_extract_method in plugins/dvi_extractor.c). This could enable reading beyond allocated buffers. Public advisories (Debian DLA-2851-1, Mageia MGASA-2020-0015, OpenVAS/Nessus entries,...

CVE-2019-15531

GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTORdviextractmethod in plugins/dviextractor.c...

CVE-2019-14293

An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 2...

CVE-2019-13291

In Xpdf 4.01.01, there is a heap-based buffer over-read in the function DCTStream::readScan located at Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allow an attacker to cause Information Disclosure...

The vulnerability of the processmetadata function in the GNU Libextractor library, related to reading beyond the memory boundaries, allows attackers to cause service failures or disclose protected information.

The vulnerability of the processmetadata function in the GNU Libextractor library is related to the issue of reading beyond the memory boundaries. Exploiting this vulnerability could allow a malicious actor to cause service failures or expose protected information...

The vulnerability of the processmetadata function in the GNU Libextractor library is related to the pointer manipulation during the processing of OLE files. This allows an attacker to trigger a service failure or disclose protected information using a specially created OLE file.

The vulnerability of the processmetadata function in the GNU Libextractor library is related to the assignment of a null pointer during the processing of OLE files. Exploiting this vulnerability could allow an attacker to cause service failures or reveal memory contents using a specially crafted...

CVE-2019-10026

An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec in Function.cc for the psOpRoll case...

CVE-2019-9877

There is an invalid memory access vulnerability in the function TextPage::findGaps located at TextOutputDev.c in Xpdf 4.01, which can for example be triggered by sending a crafted pdf file to the pdftops binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly have...

CVE-2019-9588

There is an Invalid memory access in gAtomicIncrement located at GMutex.h in Xpdf 4.01. It can be triggered by sending a crafted pdf file to for example the pdftops binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly have unspecified other impact...

GNU Libextractor ZIP File Comment Out-of-Bounds Read (CVE-2018-16430)

An out-of-bounds read vulnerability exists in Libextractor. The vulnerability is due to improper handling of long File Comment fields within ZIP files. Successful exploitation of this vulnerability could lead to denial-of-service conditions or disclosure of sensitive information...

MGASA-2019-0013 Updated libextractor packages fix security vulnerabilities

Several vulnerabilities were discovered in libextractor which may lead to denial of service or memory disclosure if a malformed OLE file is processed CVE-2018-20430, CVE-2018-20431...

Updated libextractor packages fix security vulnerabilities

Several vulnerabilities were discovered in libextractor which may lead to denial of service or memory disclosure if a malformed OLE file is processed CVE-2018-20430, CVE-2018-20431...