6 matches found
CVE-2010-3704
CVE-2010-3704 affects the PDF parsing code (FoFiType1.parse) in xpdf (before 3.02pl5) and in Poppler up to 0.15.1, kdegraphics, and related products. The vulnerability stems from a PostScript Type 1 font handling path that uses a crafted font containing a negative array index, bypassing input val...
CVE-2005-3624
CVE-2005-3624 affects multiple PDF tools (xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, etc.). The issue is in CCITTFaxDecode handling in Stream.cc, where negative or very large integers can trigger integer overflows/underflows, leading to heap corruption. The documented impact...
CVE-2005-3625
CVE-2005-3625 is confirmed to affect Xpdf and related tools (gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, etc.). The issue is a denial-of-service in PDF stream handling where streams that end prematurely can cause an infinite loop, demonstrated for the CCITTFaxDecode and DCTDecode s...
CVE-2005-3626
CVE-2005-3626 affects Xpdf and related components (gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, etc.). The vulnerability arises from a crafted FlateDecode stream that triggers a null dereference, leading to a denial of service (crash). The connected Nessus entry (NEWSTART_CGSL_NS-SA...
CVE-2009-4035
Summary (CVE-2009-4035): The flaw exists in FoFiType1::parse in FoFiType1.cc used by Xpdf 3.0.0, gpdf 2.8.2, and kdegraphics 3.3.1 (and possibly other libraries). The code fails to validate the return value of getNextLine, enabling a signed-to-unsigned conversion error when processing a crafted T...
CVE-2006-6297
CVE-2006-6297 affects KDE kdegraphics components, notably the kdegraphics-kfile-plugins (kfile_jpeg) used by Konqueror, digiKam and other KDE image viewers. The issue is a stack consumption/stack overflow vulnerability in the kfile_jpeg EXIF handling that can trigger a denial of service via a cra...