18 matches found
OSV-2020-713 Heap-buffer-overflow in XRef::getEntry
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12797 Crash type: Heap-buffer-overflow READ 4 Crash state: XRef::getEntry Parser::makeStream Parser::getObj...
CVE-2019-13288
In Xpdf 4.01.01, the Parser::getObj function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. This is similar to CVE-2018-16646...
CVE-2019-13288
In Xpdf 4.01.01, the Parser::getObj function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. This is similar to CVE-2018-16646...
Design/Logic Flaw
In Xpdf 4.01.01, the Parser::getObj function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. This is similar to CVE-2018-16646...
CVE-2019-13288
In Xpdf 4.01.01, the Parser::getObj function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. This is similar to CVE-2018-16646...
CVE-2019-13288
In Xpdf 4.01.01, the Parser::getObj function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. This is similar to CVE-2018-16646...
CVE-2019-13288
CVE-2019-13288 affects Xpdf 4.01.01: the Parser::getObj() function in Parser.cc may recurse infinitely when processing a crafted file, enabling a remote DoS. Connected Debian tracker confirms the same description. No explicit remediation or affected versions beyond the cited release are provided ...
PT-2019-13240 · Xpdf · Xpdf
Name of the Vulnerable Software and Affected Versions: Xpdf version 4.01.01 Description: The issue allows a remote attacker to cause a denial-of-service DoS attack via a crafted file, leveraging infinite recursion in the Parser::getObj function. Recommendations: For Xpdf version 4.01.01, as a...
Updated poppler packages fix security vulnerabilities
In Poppler 0.68.0, the Parser::getObj function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. CVE-2018-16646 An issue was discovered in Poppler 0.71.0. There is a reachable abort in Object.h, will lead to denial of service becau...
Poppler Infinite Recursion Vulnerability
Poppler is based on xpdf-3.0 code base PDF rendering library. An infinite recursion vulnerability exists in the Parser::getObj function in Parser.cc in Poppler 0.68.0, which can be exploited by a remote attacker via a specially crafted file to cause a denial of service...
DEBIAN-CVE-2018-16646
In Poppler 0.68.0, the Parser::getObj function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack...
CVE-2018-16646
In Poppler 0.68.0, the Parser::getObj function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack...
Design/Logic Flaw
In Poppler 0.68.0, the Parser::getObj function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack...
CVE-2018-16646
In Poppler 0.68.0, the Parser::getObj function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack...
CVE-2018-16646
CVE-2018-16646 affects Poppler, where in version 0.68.0 the Parser::getObj() function in Parser.cc may trigger infinite recursion via a crafted file, enabling remote DoS. Public disclosures in connected advisories confirm the issue and link it to Poppler-based components. Remediation actions acro...
PT-2018-3607 · Poppler +4 · Poppler +4
Name of the Vulnerable Software and Affected Versions: Poppler version 0.68.0 Description: The issue is related to the Parser::getObj function in the Poppler library for rendering PDF files, which can cause infinite recursion when processing a crafted file. This can be exploited by a remote...
UBUNTU-CVE-2018-16646
In Poppler 0.68.0, the Parser::getObj function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack...
poppler/pdf_fuzzer: Index-out-of-bounds in BaseCryptStream::BaseCryptStream
Project: https://anongit.freedesktop.org/git/poppler/poppler.git Detailed report: https://oss-fuzz.com/testcase?key=4785085529194496 Project: poppler Fuzzer: libFuzzerpopplerpdffuzzer Fuzz target binary: pdffuzzer Job Type: libfuzzerubsanpoppler Platform Id: linux Crash Type: Index-out-of-bounds...