Lucene search
+L

227 matches found

prion
prion
added 2018/09/03 12:29 a.m.20 views

Code injection

XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a denial of service stack consumption via a crafted pdf file, related to AcroForm::scanField, as demonstrated by pdftohtml. NOTE: this might overlap CVE-2018-7453...

4.3CVSS5.2AI score0.01618EPSS
Exploits1References1Affected Software1
debiancve
debiancve
added 2018/09/03 12:0 a.m.53 views

CVE-2018-16369

XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a denial of service stack consumption via a crafted pdf file, related to AcroForm::scanField, as demonstrated by pdftohtml. NOTE: this might overlap CVE-2018-7453...

5.5CVSS5.2AI score0.01618EPSS
Exploits1
cnvd
cnvd
added 2018/09/03 12:0 a.m.4 views

Xpdf Denial of Service Vulnerability (CNVD-2019-17490)

Xpdf is a free PDF viewer and toolkit that includes a text extractor, image converter, HTML converter and more. A denial of service vulnerability exists in XRef::fetch in Xpdf 4.00 in XRef.cc. A remote attacker can exploit this vulnerability to cause a denial of service stack consumption via a...

5.5CVSS6AI score0.01618EPSS
Exploits1References1
cve
cve
added 2018/09/03 12:0 a.m.70 views

CVE-2018-16369

CVE-2018-16369 affects Xpdf 4.00 (XRef::fetch) where a crafted PDF can cause a stack DoS via AcroForm::scanField, as demonstrated by pdftohtml. The vulnerability is noted to possibly overlap CVE-2018-7453 (infinite recursion in AcroForm::scanField). Multiple advisories (e.g., Slackware SSA:2024-0...

5.5CVSS5.1AI score0.01618EPSS
Exploits1References1Affected Software1
ptsecurity
ptsecurity
added 2018/09/02 12:0 a.m.9 views

PT-2018-3976 · Xpdf +2 · Xpdf +2

Name of the Vulnerable Software and Affected Versions: Xpdf version 4.00 Description: The issue is related to errors in the code of the Xpdf software, specifically in the XRef::fetch function in XRef.cc. It allows remote attackers to cause a denial of service, which is a stack consumption, via a...

9.1CVSS5.8AI score0.01618EPSS
Exploits22References69
osv
osv
added 2018/04/22 5:29 a.m.2 views

DEBIAN-CVE-2018-10289

In MuPDF 1.13.0, there is an infinite loop in the fzskipspace function of the pdf/pdf-xref.c file. A remote adversary could leverage this vulnerability to cause a denial of service via a crafted pdf file...

5.5CVSS6.8AI score0.0106EPSS
Exploits1References1
osv
osv
added 2018/02/26 4:23 p.m.10 views

MGASA-2018-0145 Updated qpdf packages fix security vulnerabilities

Updated qpdf packages fix security vulnerabilities: 1. Stack overflow due to endless recursion in QPDFTokenizer::resolveLiteral 2. Another stack overflow / endless recursion in QPDFWriter::enqueueObject 3. Stack out of bounds read in iteraterc4 4. heap out of bounds read large in PlBuffer::write ...

7.8CVSS5.8AI score0.01804EPSS
Exploits4References4
osv
osv
added 2018/02/22 7:49 p.m.4 views

MGASA-2018-0131 Updated qpdf packages fix security vulnerability

Qpdf has been updated to the latest version to fix several security issues. - Stack overflow due to endless recursion in QPDFTokenizer::resolveLiteral - Another stack overflow / endless recursion in QPDFWriter::enqueueObject - Stack out of bounds read in iteraterc4 - heap out of bounds read large...

7.6AI score
Exploits0References3
ubuntucve
ubuntucve
added 2018/02/15 9:29 p.m.23 views

CVE-2018-7174

An issue was discovered in xpdf 4.00. An infinite loop in XRef::Xref allows an attacker to cause denial of service because loop detection exists only for tables, not streams...

5.5CVSS6.4AI score0.00846EPSS
Exploits0References2
nvd
nvd
added 2018/02/15 9:29 p.m.29 views

CVE-2018-7174

An issue was discovered in xpdf 4.00. An infinite loop in XRef::Xref allows an attacker to cause denial of service because loop detection exists only for tables, not streams...

5.5CVSS5.3AI score0.00846EPSS
Exploits0References1
osv
osv
added 2018/02/15 9:29 p.m.4 views

UBUNTU-CVE-2018-7174

An issue was discovered in xpdf 4.00. An infinite loop in XRef::Xref allows an attacker to cause denial of service because loop detection exists only for tables, not streams...

5.5CVSS6.4AI score0.00846EPSS
Exploits0References3
debiancve
debiancve
added 2018/02/15 9:0 p.m.41 views

CVE-2018-7174

An issue was discovered in xpdf 4.00. An infinite loop in XRef::Xref allows an attacker to cause denial of service because loop detection exists only for tables, not streams...

5.5CVSS3.5AI score0.00846EPSS
Exploits0
prion
prion
added 2018/02/13 7:29 p.m.15 views

Code injection

An issue was discovered in QPDF before 7.0.0. There is an infinite loop due to looping xref tables in QPDF.cc...

4.3CVSS5.5AI score0.01144EPSS
Exploits0References3Affected Software1
osv
osv
added 2018/02/13 7:29 p.m.1 views

DEBIAN-CVE-2017-18186

An issue was discovered in QPDF before 7.0.0. There is an infinite loop due to looping xref tables in QPDF.cc...

5.5CVSS5.5AI score0.01144EPSS
Exploits0References1
cvelist
cvelist
added 2018/02/13 7:0 p.m.21 views

CVE-2017-18186

An issue was discovered in QPDF before 7.0.0. There is an infinite loop due to looping xref tables in QPDF.cc...

5.5AI score0.01144EPSS
Exploits0References3
debiancve
debiancve
added 2018/02/13 7:0 p.m.48 views

CVE-2017-18186

An issue was discovered in QPDF before 7.0.0. There is an infinite loop due to looping xref tables in QPDF.cc...

5.5CVSS5.6AI score0.01144EPSS
Exploits0
cve
cve
added 2018/02/13 7:0 p.m.83 views

CVE-2017-18186

CVE-2017-18186 affects QPDF before 7.0.0. The issue is an infinite loop caused by looping xref tables in QPDF.cc, as described in multiple sources (e.g., SUSE/RHEL/NASL entries). The CVE entry lists CVSS metrics: CVSSv2 base 4.3 (MEDIUM) with network attack vector and partial availability impact;...

5.5CVSS5.4AI score0.01144EPSS
Exploits0References3Affected Software1
osv
osv
added 2018/02/13 12:0 a.m.3 views

UBUNTU-CVE-2017-18186

An issue was discovered in QPDF before 7.0.0. There is an infinite loop due to looping xref tables in QPDF.cc...

5.5CVSS6.4AI score0.01144EPSS
Exploits0References3
osv
osv
added 2018/01/24 9:29 p.m.3 views

UBUNTU-CVE-2018-6192

In Artifex MuPDF 1.12.0, the pdfreadnewxref function in pdf/pdf-xref.c allows remote attackers to cause a denial of service segmentation violation and application crash via a crafted pdf file...

5.5CVSS6.8AI score0.01846EPSS
Exploits1References3
alpinelinux
alpinelinux
added 2018/01/24 9:0 p.m.100 views

CVE-2018-6192

In Artifex MuPDF 1.12.0, the pdfreadnewxref function in pdf/pdf-xref.c allows remote attackers to cause a denial of service segmentation violation and application crash via a crafted pdf file...

5.5CVSS5.4AI score0.01846EPSS
Exploits1
Rows per page
Query Builder