13 matches found
SUSE CVE-2019-13287
In Xpdf 4.01.01, there is an out-of-bounds read vulnerability in the function SplashXPath::strokeAdjust located at splash/SplashXPath.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure. This is...
CVE-2019-13287
In Xpdf 4.01.01, there is an out-of-bounds read vulnerability in the function SplashXPath::strokeAdjust located at splash/SplashXPath.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure. This is...
Xpdf buffer overflow vulnerability (CNVD-2019-21463)
Xpdf is an open source PDF reader from Foo Labs. The product supports decoding LZW compressed format files and read encrypted PDF files. A buffer overflow vulnerability exists in the 'SplashXPath::strokeAdjust' function in the splash/SplashXPath.cc file in Xpdf version 4.01.01. The vulnerability...
CVE-2019-13287
In Xpdf 4.01.01, there is an out-of-bounds read vulnerability in the function SplashXPath::strokeAdjust located at splash/SplashXPath.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure. This is...
CVE-2019-13287
In Xpdf 4.01.01, there is an out-of-bounds read vulnerability in the function SplashXPath::strokeAdjust located at splash/SplashXPath.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure. This is...
Out-of-bounds
In Xpdf 4.01.01, there is an out-of-bounds read vulnerability in the function SplashXPath::strokeAdjust located at splash/SplashXPath.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure. This is...
CVE-2019-13287
In Xpdf 4.01.01, there is an out-of-bounds read vulnerability in the function SplashXPath::strokeAdjust located at splash/SplashXPath.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure. This is...
CVE-2019-13287
CVE-2019-13287 affects Xpdf 4.01.01 with an out-of-bounds read in SplashXPath::strokeAdjust() (splash/SplashXPath.cc). A crafted PDF delivered to pdftoppm can trigger the read, potentially leading to information disclosure. This is connected to CVE-2018-16368. Public documentation in the connecte...
PT-2019-13239 · Xpdf +1 · Xpdf +1
Name of the Vulnerable Software and Affected Versions: Xpdf version 4.01.01 Description: The issue is related to an out-of-bounds read in the SplashXPath::strokeAdjust function, which can be triggered by a crafted PDF document sent to the pdftoppm tool. This might allow an attacker to cause...
Heap overflow
SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted pdf file, as demonstrated by pdftoppm...
CVE-2018-16368
CVE-2018-16368 affects Xpdf (SplashXPath.c) in versions around 4.00 and 4.01.01, where SplashXPath::strokeAdjust() can be triggered by a crafted PDF sent to pdftoppm, enabling a remote attacker to cause a denial of service via a heap-based buffer over-read. Related entries note potential informat...
Xpdf Denial of Service Vulnerability (CNVD-2019-17489)
Xpdf is a free PDF viewer and toolkit that includes a text extractor, image converter, HTML converter and more. A denial of service vulnerability exists in SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00. A remote attacker can exploit this vulnerability to cause a denial of servic...
CVE-2018-16368
SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted pdf file, as demonstrated by pdftoppm...