Xpdfreader Security Vulnerabilities and Issues — Xpdfreader CVE List

Lucene search

GlyphandcogXpdfreader

27 matches found

CVE•added 2019/09/08 10:15 p.m.•298 views

CVE-2019-16115

In Xpdf 4.01.01, a stack-based buffer under-read could be triggered in IdentityFunction::transform in Function.cc, used by GfxAxialShading::getColor. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It allows an attacker to use a crafted PDF file to cause De...

7.8CVSS7.6AI score0.0018EPSS

CVE•added 2019/09/06 10:15 p.m.•284 views

CVE-2019-16088

Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc.

5.5CVSS5.2AI score0.0023EPSS

CVE•added 2019/06/02 12:29 a.m.•249 views

CVE-2019-12515

There is an out-of-bounds read vulnerability in the function FlateStream::getChar() located at Stream.cc in Xpdf 4.01.01. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure or a denial of service.

7.1CVSS6.6AI score0.00296EPSS

CVE•added 2019/07/04 10:15 p.m.•149 views

CVE-2019-13288

In Xpdf 4.01.01, the Parser::getObj() function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. This is similar to CVE-2018-16646.

5.5CVSS5.7AI score0.31539EPSS

CVE•added 2019/07/04 8:15 p.m.•144 views

CVE-2019-13283

In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in strncpy from FoFiType1::parse in fofi/FoFiType1.cc because it does not ensure the source string has a valid length before making a fixed-length copy. It can, for example, be triggered by sending a crafted PDF document to the pdfto...

7.8CVSS8AI score0.00286EPSS

CVE•added 2019/07/04 10:15 p.m.•129 views

CVE-2019-13286

In Xpdf 4.01.01, there is a heap-based buffer over-read in the function JBIG2Stream::readTextRegionSeg() located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure.

5.5CVSS6AI score0.00321EPSS

CVE•added 2019/05/27 11:29 p.m.•124 views

CVE-2019-12360

A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by sending crafted TrueType data in a PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data into dump co...

7.1CVSS6.8AI score0.00242EPSS

CVE•added 2019/05/31 2:29 a.m.•124 views

CVE-2019-12493

A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSpace and GfxDeviceNColorSpace mishandle tint transform functions. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allow ...

7.1CVSS6.7AI score0.00301EPSS

CVE•added 2019/07/04 10:15 p.m.•123 views

CVE-2019-13287

In Xpdf 4.01.01, there is an out-of-bounds read vulnerability in the function SplashXPath::strokeAdjust() located at splash/SplashXPath.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure. This is r...

5.5CVSS5.2AI score0.00402EPSS

CVE•added 2019/07/04 10:15 p.m.•121 views

CVE-2019-13289

In Xpdf 4.01.01, there is a use-after-free vulnerability in the function JBIG2Stream::close() located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool.

7.8CVSS7.5AI score0.00288EPSS

CVE•added 2019/07/04 10:15 p.m.•117 views

CVE-2019-13291

In Xpdf 4.01.01, there is a heap-based buffer over-read in the function DCTStream::readScan() located at Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allow an attacker to cause Information Disclosure.

5.5CVSS5.5AI score0.00245EPSS

CVE•added 2019/07/04 8:15 p.m.•101 views

CVE-2019-13282

In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in SampledFunction::transform in Function.cc when using a large index for samples. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an attacker to use a crafted pdf file to cause De...

7.8CVSS7.8AI score0.00296EPSS

CVE•added 2019/07/04 8:15 p.m.•95 views

CVE-2019-13281

In Xpdf 4.01.01, a heap-based buffer overflow could be triggered in DCTStream::decodeImage() in Stream.cc when writing to frameBuf memory. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an attacker to use a crafted pdf file to cause Denial of Se...

7.8CVSS7.7AI score0.00411EPSS

CVE•added 2019/10/01 4:15 p.m.•86 views

CVE-2019-17064

Catalog.cc in Xpdf 4.02 has a NULL pointer dereference because Catalog.pageLabels is initialized too late in the Catalog constructor.

5.5CVSS5.2AI score0.00368EPSS

CVE•added 2019/06/25 12:15 a.m.•81 views

CVE-2019-12958

In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in FoFiType1C::convertToType0 in fofi/FoFiType1C.cc when it is trying to access the second privateDicts array element, because the privateDicts array has only one element allocated.

5.5CVSS6.1AI score0.00201EPSS

CVE•added 2019/06/25 12:15 a.m.•75 views

CVE-2019-12957

In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToType1 in fofi/FoFiType1C.cc when the index number is larger than the charset array bounds. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It allows an attacker to use a crafted p...

7.8CVSS7.8AI score0.00296EPSS

CVE•added 2019/07/27 7:15 p.m.•55 views

CVE-2019-14288

An issue was discovered in Xpdf 4.01.01. There is an Integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "one byte per line" case.

7.8CVSS7.8AI score0.00201EPSS

CVE•added 2019/07/27 7:15 p.m.•50 views

CVE-2019-14293

An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 2.

5.5CVSS5.7AI score0.00165EPSS

CVE•added 2019/07/27 7:15 p.m.•47 views

CVE-2019-14291

An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 3.

5.5CVSS5.7AI score0.00165EPSS

CVE•added 2019/03/06 8:29 a.m.•47 views

CVE-2019-9587

There is a stack consumption issue in md5Round1() located in Decrypt.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdfimages binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. This is rel...

7.8CVSS7.7AI score0.00337EPSS

CVE•added 2019/07/27 7:15 p.m.•45 views

CVE-2019-14289

An issue was discovered in Xpdf 4.01.01. There is an integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "multiple bytes per line" case.

5.5CVSS5.9AI score0.00165EPSS

CVE•added 2019/07/27 7:15 p.m.•45 views

CVE-2019-14290

An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 2.

5.5CVSS5.7AI score0.00165EPSS

CVE•added 2019/07/27 7:15 p.m.•45 views

CVE-2019-14292

An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 1.

5.5CVSS5.7AI score0.00168EPSS

CVE•added 2019/07/27 7:15 p.m.•44 views

CVE-2019-14294

An issue was discovered in Xpdf 4.01.01. There is a use-after-free in the function JPXStream::fillReadBuf at JPXStream.cc, due to an out of bounds read.

5.5CVSS5.7AI score0.00194EPSS

CVE•added 2019/03/06 8:29 a.m.•44 views

CVE-2019-9589

There is a NULL pointer dereference vulnerability in PSOutputDev::setupResources() located in PSOutputDev.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have un...

7.8CVSS7.9AI score0.00248EPSS

CVE•added 2019/03/06 8:29 a.m.•39 views

CVE-2019-9588

There is an Invalid memory access in gAtomicIncrement() located at GMutex.h in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.

7.8CVSS8AI score0.00337EPSS

CVE•added 2019/09/03 7:15 a.m.•37 views

CVE-2019-15860

Xpdf 2.00 allows a SIGSEGV in XRef::constructXRef in XRef.cc. NOTE: 2.00 is a version from November 2002.

5.5CVSS5.4AI score0.00165EPSS