Lucene search

K

8 matches found

CVE
CVE
added 2018/10/18 6:29 a.m.58 views

CVE-2018-18456

The function Object::isName() in Object.h (called from Gfx::opSetFillColorN) in Xpdf 4.00 allows remote attackers to cause a denial of service (stack-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.

5.5CVSS5.6AI score0.00526EPSS
CVE
CVE
added 2018/10/18 6:29 a.m.51 views

CVE-2018-18454

CCITTFaxStream::readRow() in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.

5.5CVSS5.6AI score0.00687EPSS
CVE
CVE
added 2018/10/18 6:29 a.m.49 views

CVE-2018-18458

The function DCTStream::decodeImage in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm.

5.5CVSS5.3AI score0.00215EPSS
CVE
CVE
added 2018/10/18 6:29 a.m.41 views

CVE-2018-18457

The function DCTStream::readScan in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm.

5.5CVSS5.3AI score0.00215EPSS
CVE
CVE
added 2018/10/18 6:29 a.m.39 views

CVE-2018-18459

The function DCTStream::getBlock in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm.

5.5CVSS5.3AI score0.00215EPSS
CVE
CVE
added 2018/10/25 1:29 p.m.38 views

CVE-2018-18650

An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows attackers to launch a denial of service (Integer Overflow) via a crafted /Size value in a pdf file, as demonstrated by pdftohtml. This is mainly caused by the program attempting a malloc operation for a large amount of mem...

5.5CVSS5.3AI score0.00178EPSS
CVE
CVE
added 2018/10/25 1:29 p.m.38 views

CVE-2018-18651

An issue was discovered in Xpdf 4.00. catalog->getNumPages() in AcroForm.cc allows attackers to launch a denial of service (hang caused by large loop) via a specific pdf file, as demonstrated by pdftohtml. This is mainly caused by a large number after the /Count field in the file.

5.5CVSS5.3AI score0.00178EPSS
CVE
CVE
added 2018/10/18 6:29 a.m.33 views

CVE-2018-18455

The GfxImageColorMap class in GfxState.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.

5.5CVSS5.4AI score0.00215EPSS