227 matches found
poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc
In Poppler 0.73.0, a heap-based buffer over-read due to an integer signedness error in the XRef::getEntry function in XRef.cc allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo...
poppler: SIGABRT PDFDoc::setup class in PDFDoc.cc
In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup by crafting a PDF file in which an xref data structure is mishandled during extractPDFSubtype processing...
poppler security update
0.66.0-11.el80.12 - Ignore dict Length if it is broken - Resolves: 1741146 0.66.0-11.el80.11 - Check whether input is RGB in PSOutputDev::checkPageSlice - also when using '-optimizecolorspace' flag - Resolves: 1741145 0.66.0-11.el80.10 - Fail gracefully if not all components of JPEG2000Stream -...
CVE-2019-16088
Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc...
CVE-2019-16088
Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc...
Design/Logic Flaw
Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc...
CVE-2019-16088
Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc...
UBUNTU-CVE-2019-16088
Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc...
CVE-2019-16088
Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc...
CVE-2019-16088
Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc...
CVE-2019-16088
CVE-2019-16088 affects Xpdf 3.04, with a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc. The connected Nessus and PTSecurity entries describe later Xpdf issues (not this CVE) and do not provide a patch or remediation for 3.04. Exploitation sta...
CVE-2019-15860
Xpdf 2.00 allows a SIGSEGV in XRef::constructXRef in XRef.cc. NOTE: 2.00 is a version from November 2002...
CVE-2019-15860
Xpdf 2.00 allows a SIGSEGV in XRef::constructXRef in XRef.cc. NOTE: 2.00 is a version from November 2002...
Design/Logic Flaw
Xpdf 2.00 allows a SIGSEGV in XRef::constructXRef in XRef.cc. NOTE: 2.00 is a version from November 2002...
UBUNTU-CVE-2019-15860
Xpdf 2.00 allows a SIGSEGV in XRef::constructXRef in XRef.cc. NOTE: 2.00 is a version from November 2002...
CVE-2019-15860
CVE-2019-15860 affects Xpdf 2.00 (dated November 2002) and allows a SIGSEGV in XRef::constructXRef in XRef.cc. The reported impact is a segmentation fault potentially impacting program stability. The mode of exploitation, affected platforms, vulnerable component (XRef.cc function) and root cause ...
CVE-2019-15860
Xpdf 2.00 allows a SIGSEGV in XRef::constructXRef in XRef.cc. NOTE: 2.00 is a version from November 2002...
CVE-2019-15860
Xpdf 2.00 allows a SIGSEGV in XRef::constructXRef in XRef.cc. NOTE: 2.00 is a version from November 2002...
Denial Of Service (Dos)
poppler is vulnerable to denial of service. A remote attacker is able to crash the application by crafting a PDF file with a malicious xref data structure that causes the application during extractPDFSubtype processing...
poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc
In Poppler 0.73.0, a heap-based buffer over-read due to an integer signedness error in the XRef::getEntry function in XRef.cc allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo...