Linux Distros Unpatched Vulnerability : CVE-2019-15860

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Xpdf 2.00 allows a SIGSEGV in XRef::constructXRef in XRef.cc. NOTE: 2.00 is a version from November 2002. CVE-2019-15860 Note that Nessus relies on the presence...

Denial Of Service (DoS)

libpoppler.so is vulnerable to Denial of Service DoS. The vulnerability exists in the readXRefTable function in XRef.cc because it does not properly validate the user-inputs, which allows an attacker to cause an application crash...

SUSE CVE-2022-41844

An issue was discovered in Xpdf 4.04. There is a crash in XRef::fetchint, int, Object, int in xpdf/XRef.cc, a different vulnerability than CVE-2018-16369 and CVE-2019-16088...

CVE-2022-41844

An issue was discovered in Xpdf 4.04. There is a crash in XRef::fetchint, int, Object, int in xpdf/XRef.cc, a different vulnerability than CVE-2018-16369 and CVE-2019-16088...

CVE-2019-7310

In Poppler 0.73.0, a heap-based buffer over-read due to an integer signedness error in the XRef::getEntry function in XRef.cc allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo...

CVE-2019-15860

Xpdf 2.00 allows a SIGSEGV in XRef::constructXRef in XRef.cc. NOTE: 2.00 is a version from November 2002...

CVE-2019-15860

Xpdf 2.00 allows a SIGSEGV in XRef::constructXRef in XRef.cc. NOTE: 2.00 is a version from November 2002...

CVE-2018-20481

XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service NULL pointer dereference via a crafted PDF document, when XRefEntry::setFlag in XRef.h is called from Parser::makeStream in Parser.cc...

CVE-2018-16369

XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a denial of service stack consumption via a crafted pdf file, related to AcroForm::scanField, as demonstrated by pdftohtml. NOTE: this might overlap CVE-2018-7453...

CVE-2017-14517

In Poppler 0.59.0, a NULL Pointer Dereference exists in the XRef::parseEntry function in XRef.cc via a crafted PDF document...

SuSE 10 Security Update : poppler (ZYPP Patch Number 6743)

This update of poppler fixes two security issues : - Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via ...

SuSE 10 Security Update : poppler (ZYPP Patch Number 6751)

This update of poppler fixes two security issues : - Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via ...

Integer overflow

Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based...