QPDF Denial of Service Vulnerability (CNVD-2017-25627)

QPDF is a command line program capable of structuring PDFs. The program can encrypt PDF files, analyze or change the internal structure of PDF files. A security vulnerability exists in libqpdf in QPDF version 6.0.0. An attacker can exploit this vulnerability with the help of specially crafted fil...

QPDF Denial of Service Vulnerability (CNVD-2017-25630)

QPDF is a command line program capable of structuring PDFs. The program can encrypt PDF files, analyze or change the internal structure of PDF files. A security vulnerability exists in libqpdf in QPDF version 6.0.0. An attacker can exploit this vulnerability with the help of specially crafted fil...

DEBIAN-CVE-2017-11624

A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDFTokenizer::resolveLiteral function in QPDFTokenizer.cc after two consecutive calls to QPDFObjectHandle::parseInternal, aka an "infinite...

CVE-2017-11626

A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDFTokenizer::resolveLiteral function in QPDFTokenizer.cc after four consecutive calls to QPDFObjectHandle::parseInternal, aka an "infinite...

Stack overflow

A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDFTokenizer::resolveLiteral function in QPDFTokenizer.cc after two consecutive calls to QPDFObjectHandle::parseInternal, aka an "infinite...

ALPINE-CVE-2017-11627

A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the PointerHolder function in PointerHolder.hh, aka an "infinite loop."...

CVE-2017-11627

A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the PointerHolder function in PointerHolder.hh, aka an "infinite loop."...

ALPINE-CVE-2017-11625

A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDF::resolveObjectsInStream function in QPDF.cc, aka an "infinite loop."...

Stack overflow

A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDF::resolveObjectsInStream function in QPDF.cc, aka an "infinite loop."...

Stack overflow

A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDFTokenizer::resolveLiteral function in QPDFTokenizer.cc after four consecutive calls to QPDFObjectHandle::parseInternal, aka an "infinite...

CVE-2017-11625

A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDF::resolveObjectsInStream function in QPDF.cc, aka an "infinite loop."...

CVE-2017-11624

CVE-2017-11624 is a stack‑consumption DoS in libqpdf (QPDF) 6.0.0 caused by the QPDFTokenizer::resolveLiteral path after two consecutive QPDFObjectHandle::parseInternal calls, leading to an infinite loop. Public details describe a crafted PDF triggering DoS with potential impact on availability. ...

CVE-2017-11624

A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDFTokenizer::resolveLiteral function in QPDFTokenizer.cc after two consecutive calls to QPDFObjectHandle::parseInternal, aka an "infinite...

CVE-2017-11625

A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDF::resolveObjectsInStream function in QPDF.cc, aka an "infinite loop."...

CVE-2017-11624

A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDFTokenizer::resolveLiteral function in QPDFTokenizer.cc after two consecutive calls to QPDFObjectHandle::parseInternal, aka an "infinite...

CVE-2017-11627

CVE-2017-11627 is a stack-consumption vulnerability in libqpdf (QPDF 6.0.0) that allows DoS via a crafted PDF, related to the PointerHolder.hh code and described as an infinite loop. Affected component: libqpdf.a within QPDF 6.0.0. Impact as stated: denial of service with potential stack consumpt...

CVE-2017-11625

CVE-2017-11625 is a stack-consumption DoS in libqpdf (QPDF 6.0.0) triggered by processing crafted PDF documents. The issue is tied to the internal path QPDF.cc:QPDF::resolveObjectsInStream, causing an infinite loop/stack growth. Several advisories (including SUSE updates to 7.1.1) document this f...

CVE-2017-11626

A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDFTokenizer::resolveLiteral function in QPDFTokenizer.cc after four consecutive calls to QPDFObjectHandle::parseInternal, aka an "infinite...

CVE-2017-11626

A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDFTokenizer::resolveLiteral function in QPDFTokenizer.cc after four consecutive calls to QPDFObjectHandle::parseInternal, aka an "infinite...

CVE-2017-11627

A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the PointerHolder function in PointerHolder.hh, aka an "infinite loop."...