Lucene search
K

8 matches found

CVE
CVE
added 2005/08/16 4:0 a.m.125 views

CVE-2005-2097

CVE-2005-2097 affects xpdf and variants such as gpdf (and related components like CUPS’ pdftops) where carefully crafted PDFs can cause a denial of service by exhausting disk space (creating a large temporary file). Public sources in the connected documents confirm heap-based overflows and DoS po...

2.1CVSS5.7AI score0.00429EPSS
CVE
CVE
added 2006/01/06 10:0 p.m.114 views

CVE-2005-3624

CVE-2005-3624 affects multiple PDF tools (xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, etc.). The issue is in CCITTFaxDecode handling in Stream.cc, where negative or very large integers can trigger integer overflows/underflows, leading to heap corruption. The documented impact...

5CVSS6.3AI score0.02301EPSS
CVE
CVE
added 2004/10/26 4:0 a.m.109 views

CVE-2004-0889

CVE-2004-0889 involves multiple integer overflows in xpdf 3.0 and in code paths that reuse xpdf (e.g., in CUPS) that can be exploited remotely to crash the service (DoS) and potentially execute arbitrary code. The description confirms a remote impact and the possibility of code execution, tied to...

10CVSS7.3AI score0.06209EPSS
CVE
CVE
added 2005/02/15 5:0 a.m.107 views

CVE-2005-0206

Technical details about CVE-2005-0206 are not provided in the connected documents. Available sources reference related issues (CVE-2004-0888) and patch notes without explicit impact, affected products, or fixes for this CVE.

7.5CVSS6.7AI score0.02986EPSS
CVE
CVE
added 2006/01/06 10:0 p.m.100 views

CVE-2005-3625

CVE-2005-3625 is confirmed to affect Xpdf and related tools (gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, etc.). The issue is a denial-of-service in PDF stream handling where streams that end prematurely can cause an infinite loop, demonstrated for the CCITTFaxDecode and DCTDecode s...

10CVSS6.2AI score0.03855EPSS
CVE
CVE
added 2006/01/06 10:0 p.m.98 views

CVE-2005-3626

CVE-2005-3626 affects Xpdf and related components (gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, etc.). The vulnerability arises from a crafted FlateDecode stream that triggers a null dereference, leading to a denial of service (crash). The connected Nessus entry (NEWSTART_CGSL_NS-SA...

5CVSS6.1AI score0.0341EPSS
CVE
CVE
added 2009/12/21 9:0 p.m.98 views

CVE-2009-4035

Summary (CVE-2009-4035): The flaw exists in FoFiType1::parse in FoFiType1.cc used by Xpdf 3.0.0, gpdf 2.8.2, and kdegraphics 3.3.1 (and possibly other libraries). The code fails to validate the return value of getNextLine, enabling a signed-to-unsigned conversion error when processing a crafted T...

9.3CVSS7.1AI score0.03785EPSS
CVE
CVE
added 2004/10/26 4:0 a.m.95 views

CVE-2004-0888

CVE-2004-0888 : Multiple integer overflows in xpdf (v2.0/v3.0) and in code that uses xpdf (e.g., CUPS, gpdf, kdegraphics) allow remote attackers to crash services and possibly execute arbitrary code. Some reports note 64-bit builds can exacerbate the overflow (pdftops/filter path). Remediation is...

10CVSS7.6AI score0.09334EPSS