3 matches found
CVE-2021-30860
CVE-2021-30860 affects Apple CoreGraphics in macOS/iOS/watchOS/tvOS stack. A vulnerability in integer overflow during processing of maliciously crafted PDFs could lead to arbitrary code execution. Fixed in Security Update 2021-005 for Catalina, iOS 14.8 / iPadOS 14.8, macOS Big Sur 11.6, and watc...
CVE-2023-3044
CVE-2023-3044 describes a divide-by-zero in Xpdf text extraction caused by an excessively large PDF page size used in fuzz testing. Connected sources indicate this is related to CVE-2022-30524 and historically affects Xpdf 4.04; mitigations are to upgrade to Xpdf 4.05 or later (per distro advisor...
CVE-2024-7868
CVE-2024-7868 affects Xpdf 4.05 and earlier, where invalid header info in a DCT (JPEG) stream can trigger an uninitialized variable in the DCT decoder, with a proof-of-concept PDF causing a segfault. Fedora/Slackware advisories indicate the issue is addressed by upgrading to Xpdf 4.06; multiple a...