5 matches found
SUSE CVE-2018-18662
There is an out-of-bounds read in fzrunt3glyph in fitz/font.c in Artifex MuPDF 1.14.0, as demonstrated by mutool...
Xpdf Invalid Memory Access Vulnerability (CNVD-2020-54074)
Xpdf is a free PDF viewer and toolkit that includes a text extractor, image converter, HTML converter and more. An invalid memory access vulnerability exists in the TextString::TextString function in Catalog.cc in Xpdf 4.0.2. An attacker can exploit this vulnerability by sending a specially craft...
Code injection
IrfanView version 4.44 32bit with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address controls Code Flow starting at PDF!xmlParserInputRead+0x000000000009174a."...
Vivvo Article Manager <= 3.2 (id) Remote SQL Injection Vulnerability
No description provided by source. MercilessTurk [email protected] App Name: phpWordPress Vivvo Article Manager App Author: vivvo.net App Version: =3.2 Vulnerable Code in pdfversion.php : line 19: $aid=securesql$GET'id'; line 20: $query="SELECT from tblArticles where id=$aid"; securesql...
Vivvo Article Manager 3.2 - 'id' SQL Injection
MercilessTurk [email protected] App Name: phpWordPress Vivvo Article Manager App Author: vivvo.net App Version: =3.2 Vulnerable Code in pdfversion.php : line 19: $aid=securesql$GET'id'; line 20: $query="SELECT from tblArticles where id=$aid"; securesql function doesn't block all sql injection...