22 matches found
EUVD-2018-21827
PDFunite 0.41.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by processing malformed PDF files during merge operations. Attackers can trigger a segmentation fault in the XRef::getEntry function within libpoppler by providing a specially crafted PDF...
CVE-2018-25306 PDFunite 0.41.0 Buffer Overflow via Malformed PDF
PDFunite 0.41.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by processing malformed PDF files during merge operations. Attackers can trigger a segmentation fault in the XRef::getEntry function within libpoppler by providing a specially crafted PDF...
openSUSE 15 Security Update : poppler (SUSE-SU-2023:3241-1)
The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3241-1 advisory. - In Xpdf 4.01.01, a stack-based buffer under-read could be triggered in IdentityFunction::transform in Function.cc, used by GfxAxialShading::getColo...
OSV-2020-713 Heap-buffer-overflow in XRef::getEntry
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12797 Crash type: Heap-buffer-overflow READ 4 Crash state: XRef::getEntry Parser::makeStream Parser::getObj...
Huawei EulerOS: Security Advisory for poppler (EulerOS-SA-2019-1102)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc
In Poppler 0.73.0, a heap-based buffer over-read due to an integer signedness error in the XRef::getEntry function in XRef.cc allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo...
The vulnerability of the XRef::getEntry function in the Poppler PDF rendering library, related to reading beyond the allowed buffer data limits, allows an attacker to access confidential information or cause service failures.
The vulnerability of the XRef::getEntry function in the Poppler PDF viewer library relates to reading data beyond the allowed buffer size. Exploiting this vulnerability allows an attacker to gain access to confidential information or cause service failures by using a specially crafted PDF documen...
EulerOS 2.0 SP3 : poppler (EulerOS-SA-2019-1102)
According to the version of the poppler packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - poppler: heap-based buffer over-read in XRef::getEntry in XRef.ccCVE-2019-7310 Note that Tenable Network Security has extracted the preceding...
Denial Of Service
libpoppler.so is susceptible to denial of service DoS. The lack of proper memory handling for negative XRef indices in the function XRef::getEntry in XRef.cc leads to huge integer overflow, allowing an attacker to crash the process using a malicious PDF input to pdftocairo...
Heap overflow
In Poppler 0.73.0, a heap-based buffer over-read due to an integer signedness error in the XRef::getEntry function in XRef.cc allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo...
CVE-2019-7310
In Poppler 0.73.0, a heap-based buffer over-read due to an integer signedness error in the XRef::getEntry function in XRef.cc allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo...
CVE-2019-7310
In Poppler 0.73.0, a heap-based buffer over-read due to an integer signedness error in the XRef::getEntry function in XRef.cc allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo...
CVE-2019-7310
CVE-2019-7310 is a heap-based buffer over-read in Poppler 0.73.0’s XRef::getEntry (XRef.cc) that can be triggered by a crafted PDF document, potentially causing a denial of service (application crash) and possibly other impact (as demonstrated by pdftocairo). Affected products in multiple advisor...
CVE-2019-7310
In Poppler 0.73.0, a heap-based buffer over-read due to an integer signedness error in the XRef::getEntry function in XRef.cc allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo...
CVE-2019-7310
In Poppler 0.73.0, a heap-based buffer over-read due to an integer signedness error in the XRef::getEntry function in XRef.cc allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo...
UBUNTU-CVE-2019-7310
In Poppler 0.73.0, a heap-based buffer over-read due to an integer signedness error in the XRef::getEntry function in XRef.cc allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo...
PT-2019-1767 · Poppler +4 · Poppler +4
Name of the Vulnerable Software and Affected Versions: Poppler version 0.73.0 Description: The issue is related to a heap-based buffer over-read in the XRef::getEntry function of the Poppler library, which is used for displaying PDF files. This is caused by an integer signedness error. Exploitati...
poppler/pdf_fuzzer: Heap-buffer-overflow in XRef::getEntry
Project: https://anongit.freedesktop.org/git/poppler/poppler.git Detailed report: https://oss-fuzz.com/testcase?key=5762973841227776 Project: poppler Fuzzer: libFuzzerpopplerpdffuzzer Fuzz target binary: pdffuzzer Job Type: libfuzzerasanpoppler Platform Id: linux Crash Type: Heap-buffer-overflow...
CVE-2018-20481
XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service NULL pointer dereference via a crafted PDF document, when XRefEntry::setFlag in XRef.h is called from Parser::makeStream in Parser.cc...
CVE-2018-20481
XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service NULL pointer dereference via a crafted PDF document, when XRefEntry::setFlag in XRef.h is called from Parser::makeStream in Parser.cc...