openSUSE Security Advisory (SUSE-SU-2024:2281-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED12 / SLES12 Security Update : podofo (SUSE-SU-2024:2287-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2287-1 advisory. - PdfEncrypt: Validate more encrypt dictionary parameters bsc1213720 - PdfXRefStreamParserObject: Fixed handling of...

SUSE-SU-2024:2287-1 Security update for podofo

This update for podofo fixes the following issues: - PdfEncrypt: Validate more encrypt dictionary parameters bsc1213720 - PdfXRefStreamParserObject: Fixed handling of invalid XRef stream entries bsc1213720 - Drop unused backup sources to clean up the compile env bsc1213720...

SUSE SLES15 / openSUSE 15 Security Update : podofo (SUSE-SU-2024:2281-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2281-1 advisory. - PdfEncrypt: Validate more encrypt dictionary parameters bsc1213720 - PdfXRefStreamParserObject: Fixed handling of invalid XRef stream...

PT-2024-40997 · Podofo · Podofo

Name of the Vulnerable Software and Affected Versions: podofo affected versions not specified Description: The issue concerns the validation of encrypt dictionary parameters in PdfEncrypt and the handling of invalid XRef stream entries in PdfXRefStreamParserObject. Additionally, there is a cleanu...

SUSE-SU-2024:2281-1 Security update for podofo

This update for podofo fixes the following issues: - PdfEncrypt: Validate more encrypt dictionary parameters bsc1213720 - PdfXRefStreamParserObject: Fixed handling of invalid XRef stream entries bsc1213720...

CVE-2023-2241

A vulnerability, which was classified as critical, was found in PoDoFo 0.10.0. Affected is the function readXRefStreamEntry of the file PdfXRefStreamParserObject.cpp. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to th...

UBUNTU-CVE-2023-2241

A vulnerability, which was classified as critical, was found in PoDoFo 0.10.0. Affected is the function readXRefStreamEntry of the file PdfXRefStreamParserObject.cpp. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to th...

PoDoFo integer overflow vulnerability (CNVD-2018-03968)

PoDoFo is an open source , written in C++ using the PDF file format library . An integer overflow vulnerability exists in the 'PdfXRefStreamParserObject::ParseStream' function in the ase/PdfXRefStreamParserObject.cpp file in PoDoFo version 0.9.5. An attacker can exploit this vulnerability to caus...

CVE-2018-5295

In PoDoFo 0.9.5, there is an integer overflow in the PdfXRefStreamParserObject::ParseStream function base/PdfXRefStreamParserObject.cpp. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound. In PoDoFo 0.9.5, there is an integer overflow in the PdfXRefStreamParserObject::ParseStream function base/PdfXRefStreamParserObject.cpp. Remote attackers could leverage this vulnerability to cause a...

CVE-2018-5295

In PoDoFo 0.9.5, there is an integer overflow in the PdfXRefStreamParserObject::ParseStream function base/PdfXRefStreamParserObject.cpp. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file...

Integer overflow

In PoDoFo 0.9.5, there is an integer overflow in the PdfXRefStreamParserObject::ParseStream function base/PdfXRefStreamParserObject.cpp. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file...

CVE-2018-5295

In PoDoFo 0.9.5, there is an integer overflow in the PdfXRefStreamParserObject::ParseStream function base/PdfXRefStreamParserObject.cpp. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file...

CVE-2018-5295

In PoDoFo 0.9.5, there is an integer overflow in the PdfXRefStreamParserObject::ParseStream function base/PdfXRefStreamParserObject.cpp. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file...

CVE-2018-5295

In PoDoFo 0.9.5, there is an integer overflow in the PdfXRefStreamParserObject::ParseStream function base/PdfXRefStreamParserObject.cpp. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file...

CVE-2018-5295

CVE-2018-5295 affects PoDoFo 0.9.5, where an integer overflow in PdfXRefStreamParserObject::ParseStream could allow remote attackers to cause a denial of service via a crafted PDF. Public references in connected advisories confirm PoDoFo parsing-related overflow as the root cause. Several vendor ...

PoDoFo Denial of Service Vulnerability (CNVD-2017-07617)

PoDoFo is an open source , written in C++ using the PDF file format library . A denial of service vulnerability exists in the 'PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry' function in the base/PdfXRefStreamParserObject.cpp file in PoDoFo version 0.9.5. ' function is vulnerable to a...

CVE-2017-8787

The PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry function in base/PdfXRefStreamParserObject.cpp:224 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service heap-based buffer over-read or possibly have unspecified other impact via a crafted PDF file...

Heap overflow

The PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry function in base/PdfXRefStreamParserObject.cpp:224 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service heap-based buffer over-read or possibly have unspecified other impact via a crafted PDF file...