37 matches found
EUVD-2018-11221
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2019-9687
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PoDoFo 0.9.6 has a heap-based buffer overflow in PdfString::ConvertUTF16toUTF8 in base/PdfString.cpp. CVE-2019-9687 Note that Nessus relies on the presence of t...
Linux Distros Unpatched Vulnerability : CVE-2020-18971
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack-based Buffer Overflow in PoDoFo v0.9.6 allows attackers to cause a denial of service via the component 'src/base/PdfDictionary.cpp:65'. CVE-2020-18971 Not...
SUSE CVE-2018-19532
A NULL pointer dereference vulnerability exists in the function PdfTranslator::setTarget in pdftranslator.cpp of PoDoFo 0.9.6, while creating the PdfXObject, as demonstrated by podofoimpose. It allows an attacker to cause Denial of Service...
SUSE CVE-2019-9687
PoDoFo 0.9.6 has a heap-based buffer overflow in PdfString::ConvertUTF16toUTF8 in base/PdfString.cpp...
SUSE CVE-2020-18971
Stack-based Buffer Overflow in PoDoFo v0.9.6 allows attackers to cause a denial of service via the component 'src/base/PdfDictionary.cpp:65'...
SUSE CVE-2020-18972
Exposure of Sensitive Information to an Unauthorized Actor in PoDoFo v0.9.6 allows attackers to obtain sensitive information via 'IsNextToken' in the component 'src/base/PdfToenizer.cpp'...
Null pointer dereference
The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.6 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted file, because of ImageExtractor.cpp...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference. The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.6 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted file, because of ImageExtractor.cpp...
CVE-2019-20093
The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.6 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted file, because of ImageExtractor.cpp...
CVE-2019-20093
The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.6 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted file, because of ImageExtractor.cpp...
CVE-2019-10723
An issue was discovered in PoDoFo 0.9.6. The PdfPagesTreeCache class in doc/PdfPagesTreeCache.cpp has an attempted excessive memory allocation because nInitialSize is not validated...
CVE-2019-10723
An issue was discovered in PoDoFo 0.9.6. The PdfPagesTreeCache class in doc/PdfPagesTreeCache.cpp has an attempted excessive memory allocation because nInitialSize is not validated...
CVE-2019-9687
PoDoFo 0.9.6 has a heap-based buffer overflow in PdfString::ConvertUTF16toUTF8 in base/PdfString.cpp...
CVE-2019-9687
PoDoFo 0.9.6 has a heap-based buffer overflow in PdfString::ConvertUTF16toUTF8 in base/PdfString.cpp...
CVE-2019-9687
PoDoFo 0.9.6 has a heap-based buffer overflow in PdfString::ConvertUTF16toUTF8 in base/PdfString.cpp...
CVE-2019-9687
PoDoFo 0.9.6 has a heap-based buffer overflow in PdfString::ConvertUTF16toUTF8 in base/PdfString.cpp...
CVE-2018-20797
An issue was discovered in PoDoFo 0.9.6. There is an attempted excessive memory allocation in PoDoFo::podofocalloc in base/PdfMemoryManagement.cpp when called from PoDoFo::PdfPredictorDecoder::PdfPredictorDecoder in base/PdfFiltersPrivate.cpp...
Design/Logic Flaw
An issue was discovered in PoDoFo 0.9.6. There is an attempted excessive memory allocation in PoDoFo::podofocalloc in base/PdfMemoryManagement.cpp when called from PoDoFo::PdfPredictorDecoder::PdfPredictorDecoder in base/PdfFiltersPrivate.cpp...
Null pointer dereference
PoDoFo::Impose::PdfTranslator::setSource in pdftranslator.cpp in PoDoFo 0.9.6 has a NULL pointer dereference that can for example be triggered by sending a crafted PDF file to the podofoimpose binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly have unspecified...