Poppler@* Security Vulnerabilities and Issues — Poppler@* CVE List

Lucene search

FreedesktopPoppler*

5 matches found

CVE•added 2013/04/09 8:55 p.m.•71 views

CVE-2013-1788

poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger an "invalid memory access" in (1) splash/Splash.cc, (2) poppler/Function.cc, and (3) poppler/Stream.cc.

6.8CVSS7.7AI score0.05453EPSS

CVE•added 2013/04/09 8:55 p.m.•64 views

CVE-2013-1790

poppler/Stream.cc in poppler before 0.22.1 allows context-dependent attackers to have an unspecified impact via vectors that trigger a read of uninitialized memory by the CCITTFaxStream::lookChar function.

6.8CVSS7.2AI score0.02786EPSS

CVE•added 2013/04/09 8:55 p.m.•61 views

CVE-2013-1789

splash/Splash.cc in poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to the (1) Splash::arbitraryTransformMask, (2) Splash::blitMask, and (3) Splash::scaleMaskYuXu functions.

4.3CVSS7AI score0.02487EPSS

CVE•added 2013/11/23 11:55 a.m.•58 views

CVE-2013-4474

Format string vulnerability in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.3 allows remote attackers to cause a denial of service (crash) via format string specifiers in a destination filename.

5CVSS7.1AI score0.29757EPSS

CVE•added 2013/11/23 11:55 a.m.•56 views

CVE-2013-4473

Stack-based buffer overflow in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a source filename.

7.5CVSS7.9AI score0.02273EPSS