Lucene search
+L

227 matches found

redhat
redhat
added 2019/08/06 12:11 p.m.24 views

poppler: NULL pointer dereference in the XRef::getEntry in XRef.cc

XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service NULL pointer dereference via a crafted PDF document, when XRefEntry::setFlag in XRef.h is called from Parser::makeStream in Parser.cc...

6.5CVSS5.9AI score0.03422EPSS
Exploits1References4
redhat
redhat
added 2019/08/06 12:11 p.m.11 views

poppler: SIGABRT PDFDoc::setup class in PDFDoc.cc

In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup by crafting a PDF file in which an xref data structure is mishandled during extractPDFSubtype processing...

6.5CVSS5.8AI score0.02243EPSS
Exploits0References4
bdu_fstec
bdu_fstec
added 2019/04/17 12:0 a.m.6 views

The vulnerability of the XRef::getEntry function in the Poppler PDF rendering library, related to reading beyond the allowed buffer data limits, allows an attacker to access confidential information or cause service failures.

The vulnerability of the XRef::getEntry function in the Poppler PDF viewer library relates to reading data beyond the allowed buffer size. Exploiting this vulnerability allows an attacker to gain access to confidential information or cause service failures by using a specially crafted PDF documen...

6.8CVSS6.7AI score0.02196EPSS
Exploits1References16Affected Software5
nessus
nessus
added 2019/03/26 12:0 a.m.36 views

EulerOS 2.0 SP3 : poppler (EulerOS-SA-2019-1102)

According to the version of the poppler packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - poppler: heap-based buffer over-read in XRef::getEntry in XRef.ccCVE-2019-7310 Note that Tenable Network Security has extracted the preceding...

7.8CVSS7.5AI score0.02196EPSS
Exploits1References2
veracode
veracode
added 2019/02/04 4:43 a.m.34 views

Denial Of Service

libpoppler.so is susceptible to denial of service DoS. The lack of proper memory handling for negative XRef indices in the function XRef::getEntry in XRef.cc leads to huge integer overflow, allowing an attacker to crash the process using a malicious PDF input to pdftocairo...

7.8CVSS8.1AI score0.02196EPSS
Exploits1References11Affected Software3
osv
osv
added 2019/02/03 3:29 a.m.27 views

CVE-2019-7310

In Poppler 0.73.0, a heap-based buffer over-read due to an integer signedness error in the XRef::getEntry function in XRef.cc allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo...

7.8CVSS7.6AI score
Exploits0References9
prion
prion
added 2019/02/03 3:29 a.m.23 views

Heap overflow

In Poppler 0.73.0, a heap-based buffer over-read due to an integer signedness error in the XRef::getEntry function in XRef.cc allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo...

6.8CVSS8AI score0.02196EPSS
Exploits1References9Affected Software11
nvd
nvd
added 2019/02/03 3:29 a.m.22 views

CVE-2019-7310

In Poppler 0.73.0, a heap-based buffer over-read due to an integer signedness error in the XRef::getEntry function in XRef.cc allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo...

7.8CVSS8AI score0.02196EPSS
Exploits1References9
osv
osv
added 2019/02/03 3:29 a.m.2 views

DEBIAN-CVE-2019-7310

In Poppler 0.73.0, a heap-based buffer over-read due to an integer signedness error in the XRef::getEntry function in XRef.cc allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo...

7.8CVSS7.6AI score0.02196EPSS
Exploits1References1
debiancve
debiancve
added 2019/02/03 3:0 a.m.28 views

CVE-2019-7310

In Poppler 0.73.0, a heap-based buffer over-read due to an integer signedness error in the XRef::getEntry function in XRef.cc allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo...

7.8CVSS7.6AI score0.02196EPSS
Exploits1
cve
cve
added 2019/02/03 3:0 a.m.195 views

CVE-2019-7310

CVE-2019-7310 is a heap-based buffer over-read in Poppler 0.73.0’s XRef::getEntry (XRef.cc) that can be triggered by a crafted PDF document, potentially causing a denial of service (application crash) and possibly other impact (as demonstrated by pdftocairo). Affected products in multiple advisor...

7.8CVSS8AI score0.02196EPSS
Exploits1References9Affected Software1
cvelist
cvelist
added 2019/02/03 3:0 a.m.38 views

CVE-2019-7310

In Poppler 0.73.0, a heap-based buffer over-read due to an integer signedness error in the XRef::getEntry function in XRef.cc allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo...

8.1AI score0.02196EPSS
Exploits1References9
ubuntucve
ubuntucve
added 2019/02/02 12:0 a.m.29 views

CVE-2019-7310

In Poppler 0.73.0, a heap-based buffer over-read due to an integer signedness error in the XRef::getEntry function in XRef.cc allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo...

7.8CVSS7AI score0.02196EPSS
Exploits1References3
osv
osv
added 2019/02/02 12:0 a.m.6 views

UBUNTU-CVE-2019-7310

In Poppler 0.73.0, a heap-based buffer over-read due to an integer signedness error in the XRef::getEntry function in XRef.cc allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo...

8.8CVSS7.2AI score0.02196EPSS
Exploits1References4
ptsecurity
ptsecurity
added 2019/02/01 12:0 a.m.7 views

PT-2019-1767 · Poppler +4 · Poppler +4

Name of the Vulnerable Software and Affected Versions: Poppler version 0.73.0 Description: The issue is related to a heap-based buffer over-read in the XRef::getEntry function of the Poppler library, which is used for displaying PDF files. This is caused by an integer signedness error. Exploitati...

9.8CVSS7AI score0.03518EPSS
Exploits21References224
ossfuzz
ossfuzz
added 2019/01/31 6:47 p.m.18 views

poppler/pdf_fuzzer: Heap-buffer-overflow in XRef::getEntry

Project: https://anongit.freedesktop.org/git/poppler/poppler.git Detailed report: https://oss-fuzz.com/testcase?key=5762973841227776 Project: poppler Fuzzer: libFuzzerpopplerpdffuzzer Fuzz target binary: pdffuzzer Job Type: libfuzzerasanpoppler Platform Id: linux Crash Type: Heap-buffer-overflow...

6.4AI score
Exploits0Affected Software1
osv
osv
added 2019/01/03 1:29 p.m.34 views

CVE-2018-20662

In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup by crafting a PDF file in which an xref data structure is mishandled during extractPDFSubtype processing...

6.5CVSS6.5AI score
Exploits0References11
nvd
nvd
added 2019/01/03 1:29 p.m.25 views

CVE-2018-20662

In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup by crafting a PDF file in which an xref data structure is mishandled during extractPDFSubtype processing...

6.5CVSS6.4AI score0.02243EPSS
Exploits0References11
debiancve
debiancve
added 2019/01/03 1:0 p.m.41 views

CVE-2018-20662

In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup by crafting a PDF file in which an xref data structure is mishandled during extractPDFSubtype processing...

6.5CVSS7.2AI score0.02243EPSS
Exploits0
veracode
veracode
added 2018/12/26 8:52 a.m.21 views

Denial Of Service (DoS)

libpoppler.so is susceptible to denial of service DoS. The attack is possible due to the way unallocated XRef entries are handled in the function XRef::getEntry in XRef.cc...

6.5CVSS7.5AI score0.03422EPSS
Exploits1References9Affected Software3
Rows per page
Query Builder