227 matches found
poppler: NULL pointer dereference in the XRef::getEntry in XRef.cc
XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service NULL pointer dereference via a crafted PDF document, when XRefEntry::setFlag in XRef.h is called from Parser::makeStream in Parser.cc...
poppler: SIGABRT PDFDoc::setup class in PDFDoc.cc
In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup by crafting a PDF file in which an xref data structure is mishandled during extractPDFSubtype processing...
The vulnerability of the XRef::getEntry function in the Poppler PDF rendering library, related to reading beyond the allowed buffer data limits, allows an attacker to access confidential information or cause service failures.
The vulnerability of the XRef::getEntry function in the Poppler PDF viewer library relates to reading data beyond the allowed buffer size. Exploiting this vulnerability allows an attacker to gain access to confidential information or cause service failures by using a specially crafted PDF documen...
EulerOS 2.0 SP3 : poppler (EulerOS-SA-2019-1102)
According to the version of the poppler packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - poppler: heap-based buffer over-read in XRef::getEntry in XRef.ccCVE-2019-7310 Note that Tenable Network Security has extracted the preceding...
Denial Of Service
libpoppler.so is susceptible to denial of service DoS. The lack of proper memory handling for negative XRef indices in the function XRef::getEntry in XRef.cc leads to huge integer overflow, allowing an attacker to crash the process using a malicious PDF input to pdftocairo...
CVE-2019-7310
In Poppler 0.73.0, a heap-based buffer over-read due to an integer signedness error in the XRef::getEntry function in XRef.cc allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo...
Heap overflow
In Poppler 0.73.0, a heap-based buffer over-read due to an integer signedness error in the XRef::getEntry function in XRef.cc allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo...
CVE-2019-7310
In Poppler 0.73.0, a heap-based buffer over-read due to an integer signedness error in the XRef::getEntry function in XRef.cc allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo...
DEBIAN-CVE-2019-7310
In Poppler 0.73.0, a heap-based buffer over-read due to an integer signedness error in the XRef::getEntry function in XRef.cc allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo...
CVE-2019-7310
In Poppler 0.73.0, a heap-based buffer over-read due to an integer signedness error in the XRef::getEntry function in XRef.cc allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo...
CVE-2019-7310
CVE-2019-7310 is a heap-based buffer over-read in Poppler 0.73.0’s XRef::getEntry (XRef.cc) that can be triggered by a crafted PDF document, potentially causing a denial of service (application crash) and possibly other impact (as demonstrated by pdftocairo). Affected products in multiple advisor...
CVE-2019-7310
In Poppler 0.73.0, a heap-based buffer over-read due to an integer signedness error in the XRef::getEntry function in XRef.cc allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo...
CVE-2019-7310
In Poppler 0.73.0, a heap-based buffer over-read due to an integer signedness error in the XRef::getEntry function in XRef.cc allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo...
UBUNTU-CVE-2019-7310
In Poppler 0.73.0, a heap-based buffer over-read due to an integer signedness error in the XRef::getEntry function in XRef.cc allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo...
PT-2019-1767 · Poppler +4 · Poppler +4
Name of the Vulnerable Software and Affected Versions: Poppler version 0.73.0 Description: The issue is related to a heap-based buffer over-read in the XRef::getEntry function of the Poppler library, which is used for displaying PDF files. This is caused by an integer signedness error. Exploitati...
poppler/pdf_fuzzer: Heap-buffer-overflow in XRef::getEntry
Project: https://anongit.freedesktop.org/git/poppler/poppler.git Detailed report: https://oss-fuzz.com/testcase?key=5762973841227776 Project: poppler Fuzzer: libFuzzerpopplerpdffuzzer Fuzz target binary: pdffuzzer Job Type: libfuzzerasanpoppler Platform Id: linux Crash Type: Heap-buffer-overflow...
CVE-2018-20662
In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup by crafting a PDF file in which an xref data structure is mishandled during extractPDFSubtype processing...
CVE-2018-20662
In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup by crafting a PDF file in which an xref data structure is mishandled during extractPDFSubtype processing...
CVE-2018-20662
In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup by crafting a PDF file in which an xref data structure is mishandled during extractPDFSubtype processing...
Denial Of Service (DoS)
libpoppler.so is susceptible to denial of service DoS. The attack is possible due to the way unallocated XRef entries are handled in the function XRef::getEntry in XRef.cc...