14 matches found
EUVD-2019-4795
Malware in sbrugna...
SUSE CVE-2019-13287
In Xpdf 4.01.01, there is an out-of-bounds read vulnerability in the function SplashXPath::strokeAdjust located at splash/SplashXPath.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure. This is...
SUSE CVE-2019-13289
In Xpdf 4.01.01, there is a use-after-free vulnerability in the function JBIG2Stream::close located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool...
CVE-2019-16115
In Xpdf 4.01.01, a stack-based buffer under-read could be triggered in IdentityFunction::transform in Function.cc, used by GfxAxialShading::getColor. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It allows an attacker to use a crafted PDF file to cause...
CVE-2019-16115
In Xpdf 4.01.01, a stack-based buffer under-read could be triggered in IdentityFunction::transform in Function.cc, used by GfxAxialShading::getColor. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It allows an attacker to use a crafted PDF file to cause...
PT-2019-14519 · Foolabs +1 · Xpdf +1
Name of the Vulnerable Software and Affected Versions: Xpdf version 4.01.01 Description: A stack-based buffer under-read issue exists in the IdentityFunction::transform function in Function.cc, which is used by GfxAxialShading::getColor. This issue can be triggered by sending a crafted PDF docume...
UBUNTU-CVE-2019-13287
In Xpdf 4.01.01, there is an out-of-bounds read vulnerability in the function SplashXPath::strokeAdjust located at splash/SplashXPath.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure. This is...
Out-of-bounds
In Xpdf 4.01.01, there is an out-of-bounds read vulnerability in the function SplashXPath::strokeAdjust located at splash/SplashXPath.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure. This is...
Heap overflow
In Xpdf 4.01.01, there is a heap-based buffer over-read in the function JBIG2Stream::readTextRegionSeg located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure...
Design/Logic Flaw
In Xpdf 4.01.01, there is a use-after-free vulnerability in the function JBIG2Stream::close located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool...
UBUNTU-CVE-2019-13289
In Xpdf 4.01.01, there is a use-after-free vulnerability in the function JBIG2Stream::close located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool...
PT-2019-13238 · Xpdf · Xpdf
Name of the Vulnerable Software and Affected Versions: Xpdf version 4.01.01 Description: The issue is a heap-based buffer over-read in the JBIG2Stream::readTextRegionSeg function, which can be triggered by sending a crafted PDF document to the pdftoppm tool. This might allow an attacker to cause...
CVE-2019-12515
There is an out-of-bounds read vulnerability in the function FlateStream::getChar located at Stream.cc in Xpdf 4.01.01. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure or a denial of service...
CVE-2019-12515
There is an out-of-bounds read vulnerability in the function FlateStream::getChar located at Stream.cc in Xpdf 4.01.01. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure or a denial of service...