MGASA-2022-0320 Updated xpdf packages fix security vulnerability

In Xpdf prior to 4.04, the DCT JPEG decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc. CVE-2022-24106 Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc...

Updated xpdf packages fix security vulnerability

A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by sending crafted TrueType data in a PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data into dump...

MGASA-2019-0422 Updated xpdf packages fix security vulnerability

The updated packages fix a security vulnerability: Catalog.cc in Xpdf 4.02 has a NULL pointer dereference because Catalog.pageLabels is initialized too late in the Catalog constructor. CVE-2019-17064...

Updated xpdf packages fix security vulnerabilities

The updated xpdf packages fix security vulnerabilities: An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpIdiv case. CVE-2019-10018 An issue was discovered in Xpdf 4.01.01. There is an FPE in the function...

[slackware-security] xpdf (SSA:2013-233-02)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security xpdf SSA:2013-233-02 New xpdf packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue. Here are the details from the Slackware 14.0 ChangeLog: +--------------------------+...

MGASA-2013-0261 Updated xpdf packages fixes security vulnerability

PDF files could be used to inject shell code when xpdf was run from some terminal emulators, due to the use of escape sequences in error messages CVE-2012-2142...

Updated xpdf packages fixes security vulnerability

PDF files could be used to inject shell code when xpdf was run from some terminal emulators, due to the use of escape sequences in error messages CVE-2012-2142...

Slackware Advisory SSA:2009-129-01 xpdf

The remote host is missing an update as announced via advisory SSA:2009-129-01. OpenVAS Vulnerability Test $Id: esoftslkssa200912901.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

openSUSE Security Update : xpdf (xpdf-1397)

Specially crafted PDF files could cause buffer overflows in xpdf when viewing such a document CVE-2009-3603, CVE-2009-3604, CVE-2009-3605, CVE-2009-3606, CVE-2009-3608, CVE-2009-3609. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

[SECURITY] [DSA 971-1] New xpdf packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 971-1 [email protected] http://www.debian.org/security/ Martin Schulze February 14th, 2006 http://www.debian.org/security/faq -...

Important: Red Hat Security Advisory: : Updated Xpdf packages fix security vulnerability.

Updated Xpdf packages are available that fix a vulnerability where a malicious PDF document could run arbitrary code. Updated 16 July 2003 Updated packages are now available, as the original errata packages did not fix all possible ways of exploiting this vulnerability. Xpdf is an X Window System...