Lucene search
+L

227 matches found

prion
prion
added 2018/12/26 4:29 a.m.22 views

Null pointer dereference

XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service NULL pointer dereference via a crafted PDF document, when XRefEntry::setFlag in XRef.h is called from Parser::makeStream in Parser.cc...

4.3CVSS7AI score0.03422EPSS
Exploits1References8Affected Software3
nvd
nvd
added 2018/12/26 4:29 a.m.26 views

CVE-2018-20481

XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service NULL pointer dereference via a crafted PDF document, when XRefEntry::setFlag in XRef.h is called from Parser::makeStream in Parser.cc...

6.5CVSS6.5AI score0.03422EPSS
Exploits1References8
cvelist
cvelist
added 2018/12/26 4:0 a.m.25 views

CVE-2018-20481

XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service NULL pointer dereference via a crafted PDF document, when XRefEntry::setFlag in XRef.h is called from Parser::makeStream in Parser.cc...

6.5AI score0.03422EPSS
Exploits1References8
debiancve
debiancve
added 2018/12/26 4:0 a.m.38 views

CVE-2018-20481

XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service NULL pointer dereference via a crafted PDF document, when XRefEntry::setFlag in XRef.h is called from Parser::makeStream in Parser.cc...

6.5CVSS7.3AI score0.03422EPSS
Exploits1
cnvd
cnvd
added 2018/12/26 12:0 a.m.3 views

Poppler Denial of Service Vulnerability (CNVD-2018-26766)

Poppler is a C++ class library for generating PDF, the library is inherited from Xpdf PDF reader. Poppler0.72.0 version of the XRef.cc file of the XRef::getEntry there is a denial-of-service vulnerability, the vulnerability stems from the program incorrectly handles the unallocated entries, a...

6.5CVSS7.8AI score0.03422EPSS
Exploits1References1
ubuntucve
ubuntucve
added 2018/12/25 12:0 a.m.31 views

CVE-2018-20481

XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service NULL pointer dereference via a crafted PDF document, when XRefEntry::setFlag in XRef.h is called from Parser::makeStream in Parser.cc...

6.5CVSS6.8AI score0.03422EPSS
Exploits1References4
osv
osv
added 2018/12/25 12:0 a.m.5 views

UBUNTU-CVE-2018-20481

XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service NULL pointer dereference via a crafted PDF document, when XRefEntry::setFlag in XRef.h is called from Parser::makeStream in Parser.cc...

6.5CVSS5.8AI score0.03422EPSS
Exploits1References5
prion
prion
added 2018/12/24 6:29 p.m.14 views

Type confusion

In Foxit Quick PDF Library all versions prior to 16.12, issue where loading a malformed or malicious PDF containing invalid xref table pointers or invalid xref table data using the LoadFromFile, LoadFromString, LoadFromStream, DAOpenFile or DAOpenFileReadOnly functions may result in an access...

7.5CVSS9.3AI score0.01652EPSS
Exploits0References2Affected Software1
nvd
nvd
added 2018/12/24 6:29 p.m.19 views

CVE-2018-20249

In Foxit Quick PDF Library all versions prior to 16.12, issue where loading a malformed or malicious PDF containing invalid xref entries using the DAOpenFile or DAOpenFileReadOnly functions may result in an access violation caused by out of bounds memory access...

8.8CVSS8.6AI score0.01445EPSS
Exploits0References2
osv
osv
added 2018/12/24 6:29 p.m.4 views

CVE-2018-20248

In Foxit Quick PDF Library all versions prior to 16.12, issue where loading a malformed or malicious PDF containing invalid xref table pointers or invalid xref table data using the LoadFromFile, LoadFromString, LoadFromStream, DAOpenFile or DAOpenFileReadOnly functions may result in an access...

9.8CVSS5.8AI score0.01652EPSS
Exploits0References2
prion
prion
added 2018/12/24 6:29 p.m.26 views

Type confusion

In Foxit Quick PDF Library all versions prior to 16.12, issue where loading a malformed or malicious PDF containing invalid xref entries using the DAOpenFile or DAOpenFileReadOnly functions may result in an access violation caused by out of bounds memory access...

6.8CVSS8.6AI score0.01445EPSS
Exploits0References2Affected Software1
ptsecurity
ptsecurity
added 2018/12/20 12:0 a.m.3 views

PT-2018-3606 · Poppler +4 · Poppler +4

Name of the Vulnerable Software and Affected Versions: Poppler version 0.72.0 Description: The issue is related to the XRef::getEntry function in XRef.cc of the Poppler library, which mishandles unallocated XRef entries. This can be exploited by remote attackers to cause a denial of service NULL...

9.8CVSS6AI score0.03518EPSS
Exploits19References197
cnvd
cnvd
added 2018/10/26 12:0 a.m.5 views

Xpdf Denial of Service Vulnerability (CNVD-2019-17487)

Xpdf is a free PDF viewer and toolkit that includes a text extractor, image converter, HTML converter and more. A denial of service vulnerability exists in XRef::readXRefStream in XRef.cc in Xpdf 4.00. An attacker can exploit this vulnerability to cause a denial of service integer overflow via a...

5.5CVSS6.6AI score0.00924EPSS
Exploits1References1
prion
prion
added 2018/10/25 1:29 p.m.19 views

Integer overflow

An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows attackers to launch a denial of service Integer Overflow via a crafted /Size value in a pdf file, as demonstrated by pdftohtml. This is mainly caused by the program attempting a malloc operation for a large amount of...

4.3CVSS5.3AI score0.00924EPSS
Exploits1References2Affected Software1
nvd
nvd
added 2018/10/25 1:29 p.m.25 views

CVE-2018-18650

An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows attackers to launch a denial of service Integer Overflow via a crafted /Size value in a pdf file, as demonstrated by pdftohtml. This is mainly caused by the program attempting a malloc operation for a large amount of...

5.5CVSS5.3AI score0.00924EPSS
Exploits1References2
ubuntucve
ubuntucve
added 2018/10/25 1:29 p.m.25 views

CVE-2018-18650

An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows attackers to launch a denial of service Integer Overflow via a crafted /Size value in a pdf file, as demonstrated by pdftohtml. This is mainly caused by the program attempting a malloc operation for a large amount of...

5.5CVSS6.1AI score0.00924EPSS
Exploits1References2
osv
osv
added 2018/10/25 1:29 p.m.6 views

UBUNTU-CVE-2018-18650

An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows attackers to launch a denial of service Integer Overflow via a crafted /Size value in a pdf file, as demonstrated by pdftohtml. This is mainly caused by the program attempting a malloc operation for a large amount of...

5.5CVSS6AI score0.00924EPSS
Exploits1References3
cnvd
cnvd
added 2018/09/07 12:0 a.m.4 views

Unspecified Vulnerability in Artifex MuPDF

Artifex MuPDF is a free, lightweight PDF reader from Artifex Software. A security vulnerability exists in the 'pdfgetxrefentry' function in the pdf/pdf-xref.c file in Artifex MuPDF version 1.13.0. A remote attacker can exploit this vulnerability with the help of a specially crafted pdf file to...

5.5CVSS6.4AI score0.0147EPSS
Exploits1References1
osv
osv
added 2018/09/03 12:29 a.m.1 views

DEBIAN-CVE-2018-16369

XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a denial of service stack consumption via a crafted pdf file, related to AcroForm::scanField, as demonstrated by pdftohtml. NOTE: this might overlap CVE-2018-7453...

5.5CVSS6.3AI score0.01618EPSS
Exploits1References1
ubuntucve
ubuntucve
added 2018/09/03 12:29 a.m.20 views

CVE-2018-16369

XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a denial of service stack consumption via a crafted pdf file, related to AcroForm::scanField, as demonstrated by pdftohtml. NOTE: this might overlap CVE-2018-7453...

5.5CVSS6.8AI score0.01618EPSS
Exploits1References2
Rows per page
Query Builder