Xpdf Security Vulnerabilities and Issues — Xpdf CVE List

Lucene search

XpdfreaderXpdf

13 matches found

CVE•added 2019/03/25 12:29 a.m.•86 views

CVE-2019-10018

An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpIdiv case.

5.5CVSS5.8AI score0.00486EPSS

CVE•added 2019/03/25 12:29 a.m.•77 views

CVE-2019-10019

An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PSOutputDev::checkPageSlice at PSOutputDev.cc for nStripes.

5.5CVSS5.7AI score0.00177EPSS

CVE•added 2019/03/25 12:29 a.m.•65 views

CVE-2019-10023

An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpMod case.

5.5CVSS5.8AI score0.00164EPSS

CVE•added 2019/03/25 12:29 a.m.•55 views

CVE-2019-10021

An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nComps.

5.5CVSS5.8AI score0.00164EPSS

CVE•added 2019/03/25 12:29 a.m.•50 views

CVE-2019-10026

An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec in Function.cc for the psOpRoll case.

5.5CVSS5.7AI score0.00164EPSS

CVE•added 2019/03/21 4:1 p.m.•49 views

CVE-2019-9877

There is an invalid memory access vulnerability in the function TextPage::findGaps() located at TextOutputDev.c in Xpdf 4.01, which can (for example) be triggered by sending a crafted pdf file to the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly h...

7.8CVSS6AI score0.0022EPSS

CVE•added 2019/03/25 12:29 a.m.•47 views

CVE-2019-10025

An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nBits.

5.5CVSS5.7AI score0.00164EPSS

CVE•added 2019/03/25 12:29 a.m.•45 views

CVE-2019-10020

An issue was discovered in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for x Bresenham parameters.

5.5CVSS5.7AI score0.00164EPSS

CVE•added 2019/03/25 12:29 a.m.•45 views

CVE-2019-10024

An issue was discovered in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for y Bresenham parameters.

5.5CVSS5.7AI score0.00164EPSS

CVE•added 2019/03/25 12:29 a.m.•44 views

CVE-2019-10022

An issue was discovered in Xpdf 4.01.01. There is a NULL pointer dereference in the function Gfx::opSetExtGState in Gfx.cc.

5.5CVSS5.7AI score0.00177EPSS

CVE•added 2019/03/21 4:1 p.m.•44 views

CVE-2019-9878

There is an invalid memory access in the function GfxIndexedColorSpace::mapColorToBase() located in GfxState.cc in Xpdf 4.0.0, as used in pdfalto 0.2. It can be triggered by (for example) sending a crafted pdf file to the pdftops binary. It allows an attacker to cause Denial of Service (Segmentatio...

7.8CVSS8AI score0.00229EPSS

CVE•added 2019/10/30 9:15 p.m.•37 views

CVE-2010-0207

In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial of service (application crash) in xpdf-based PDF viewers.

5.5CVSS5.4AI score0.00443EPSS

CVE•added 2019/10/30 9:15 p.m.•34 views

CVE-2010-0206

xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream objects.

5.5CVSS5.4AI score0.00443EPSS