Astra Linux - уязвимость в poppler

A flaw was discovered in Poppler regarding the way certain PDF files are converted into HTML format. A remote attacker could exploit this flaw by providing a malicious PDF file. When such a file is processed by the ‘pdftohtml’ program, it could cause the application to crash, resulting in a denia...

Unity Linux 20.1070e Security Update: poppler (UTSA-2026-017695)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017695 advisory. A flaw was found in Poppler in the way certain PDF files were converted into HTML. A remote attacker could exploit this flaw by providing a malicious PDF file that,...

EUVD-2006-1248

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-24999

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is an invalid memory access in the function fprintf located in Error.cc in Xpdf 4.0.2. It can be triggered by sending a crafted PDF file to the pdftohtml...

Linux Distros Unpatched Vulnerability : CVE-2020-24996

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is an invalid memory access in the function TextString::TextString located in Catalog.cc in Xpdf 4.0.2. It can be triggered by for example sending a craft...

SUSE CVE-2005-3626

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service crash via a crafted FlateDecode stream that triggers a null dereference...

SUSE CVE-2018-7452

A NULL pointer dereference in JPXStream::fillReadBuf in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml...

SUSE CVE-2018-8101

The JPXStream::inverseTransformLevel function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service heap-based buffer over-read and application crash via a specific pdf file, as demonstrated by pdftohtml...

SUSE CVE-2018-8104

The BufStream::lookChar function in Stream.cc in xpdf 4.00 allows attackers to launch denial of service heap-based buffer over-read and application crash via a specific pdf file, as demonstrated by pdftohtml...

SUSE CVE-2018-8107

The JPXStream::close function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service heap-based buffer over-read and application crash via a specific pdf file, as demonstrated by pdftohtml...

SUSE CVE-2018-18651

An issue was discovered in Xpdf 4.00. catalog-getNumPages in AcroForm.cc allows attackers to launch a denial of service hang caused by large loop via a specific pdf file, as demonstrated by pdftohtml. This is mainly caused by a large number after the /Count field in the file...

SUSE CVE-2018-18650

An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows attackers to launch a denial of service Integer Overflow via a crafted /Size value in a pdf file, as demonstrated by pdftohtml. This is mainly caused by the program attempting a malloc operation for a large amount of...

SUSE CVE-2020-24999

There is an invalid memory access in the function fprintf located in Error.cc in Xpdf 4.0.2. It can be triggered by sending a crafted PDF file to the pdftohtml binary, which allows a remote attacker to cause a Denial of Service Segmentation fault or possibly have unspecified other impact...

SUSE CVE-2020-27778

A flaw was found in Poppler in the way certain PDF files were converted into HTML. A remote attacker could exploit this flaw by providing a malicious PDF file that, when processed by the 'pdftohtml' program, would crash the application causing a denial of service...

CVE-2018-8103

The JBIG2Stream::readGenericBitmap function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launch denial of service heap-based buffer over-read and application crash via a specific pdf file, as demonstrated by pdftohtml...

CVE-2018-7455

An out-of-bounds read in JPXStream::readTilePart in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml...

CVE-2018-16369

XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a denial of service stack consumption via a crafted pdf file, related to AcroForm::scanField, as demonstrated by pdftohtml. NOTE: this might overlap CVE-2018-7453...

NewStart CGSL MAIN 6.02 : poppler Vulnerability (NS-SA-2022-0061)

The remote NewStart CGSL host, running version MAIN 6.02, has poppler packages installed that are affected by a vulnerability: - A flaw was found in Poppler in the way certain PDF files were converted into HTML. A remote attacker could exploit this flaw by providing a malicious PDF file that, whe...

Denial Of Service (DoS)

poppler is vulnerable to Denial Of Service DoS. A remote attacker could exploit this flaw by providing a malicious PDF file that, when processed by the 'pdftohtml' program, would crash the application causing a denial of service. A flaw was found in Poppler in the way certain PDF files were...

poppler: pdftohtml: access to uninitialized pointer could lead to DoS

A flaw was found in Poppler in the way certain PDF files were converted into HTML. This flaw allows a remote attacker to provide a malicious PDF file that, when processed by the 'pdftohtml' program, crashes the application, causing a denial of service. The highest threat from this vulnerability i...