Total
53 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-14294 | 1 Glyphandcog | 1 Xpdfreader | 2020-08-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Xpdf 4.01.01. There is a use-after-free in the function JPXStream::fillReadBuf at JPXStream.cc, due to an out of bounds read. | |||||
| CVE-2019-16088 | 1 Glyphandcog | 1 Xpdfreader | 2020-08-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc. | |||||
| CVE-2019-16115 | 1 Glyphandcog | 1 Xpdfreader | 2020-08-24 | 6.8 MEDIUM | 7.8 HIGH |
| In Xpdf 4.01.01, a stack-based buffer under-read could be triggered in IdentityFunction::transform in Function.cc, used by GfxAxialShading::getColor. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It allows an attacker to use a crafted PDF file to cause Denial of Service or possibly unspecified other impact. | |||||
| CVE-2019-12360 | 1 Glyphandcog | 1 Xpdfreader | 2020-07-04 | 5.8 MEDIUM | 7.1 HIGH |
| A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by sending crafted TrueType data in a PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data into dump content. | |||||
| CVE-2019-17064 | 1 Glyphandcog | 1 Xpdfreader | 2019-12-09 | 4.3 MEDIUM | 5.5 MEDIUM |
| Catalog.cc in Xpdf 4.02 has a NULL pointer dereference because Catalog.pageLabels is initialized too late in the Catalog constructor. | |||||
| CVE-2019-12958 | 1 Glyphandcog | 1 Xpdfreader | 2019-10-25 | 4.3 MEDIUM | 5.5 MEDIUM |
| In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in FoFiType1C::convertToType0 in fofi/FoFiType1C.cc when it is trying to access the second privateDicts array element, because the privateDicts array has only one element allocated. | |||||
| CVE-2019-12515 | 1 Glyphandcog | 1 Xpdfreader | 2019-10-25 | 5.8 MEDIUM | 7.1 HIGH |
| There is an out-of-bounds read vulnerability in the function FlateStream::getChar() located at Stream.cc in Xpdf 4.01.01. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure or a denial of service. | |||||
| CVE-2019-12493 | 1 Glyphandcog | 1 Xpdfreader | 2019-09-30 | 5.8 MEDIUM | 7.1 HIGH |
| A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSpace and GfxDeviceNColorSpace mishandle tint transform functions. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data. | |||||
| CVE-2019-14293 | 1 Glyphandcog | 1 Xpdfreader | 2019-07-29 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 2. | |||||
| CVE-2019-14292 | 1 Glyphandcog | 1 Xpdfreader | 2019-07-29 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 1. | |||||
| CVE-2019-14290 | 1 Glyphandcog | 1 Xpdfreader | 2019-07-29 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 2. | |||||
| CVE-2019-14291 | 1 Glyphandcog | 1 Xpdfreader | 2019-07-29 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 3. | |||||
| CVE-2019-14289 | 1 Glyphandcog | 1 Xpdfreader | 2019-07-29 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Xpdf 4.01.01. There is an integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "multiple bytes per line" case. | |||||
| CVE-2019-14288 | 1 Glyphandcog | 1 Xpdfreader | 2019-07-29 | 4.3 MEDIUM | 7.8 HIGH |
| An issue was discovered in Xpdf 4.01.01. There is an Integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "one byte per line" case. | |||||
| CVE-2019-13287 | 1 Glyphandcog | 1 Xpdfreader | 2019-07-09 | 4.3 MEDIUM | 5.5 MEDIUM |
| In Xpdf 4.01.01, there is an out-of-bounds read vulnerability in the function SplashXPath::strokeAdjust() located at splash/SplashXPath.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure. This is related to CVE-2018-16368. | |||||
| CVE-2019-13289 | 1 Glyphandcog | 1 Xpdfreader | 2019-07-09 | 6.8 MEDIUM | 7.8 HIGH |
| In Xpdf 4.01.01, there is a use-after-free vulnerability in the function JBIG2Stream::close() located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. | |||||
| CVE-2019-9587 | 1 Glyphandcog | 1 Xpdfreader | 2019-03-06 | 6.8 MEDIUM | 7.8 HIGH |
| There is a stack consumption issue in md5Round1() located in Decrypt.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdfimages binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. This is related to Catalog::countPageTree. | |||||
| CVE-2019-9589 | 1 Glyphandcog | 1 Xpdfreader | 2019-03-06 | 6.8 MEDIUM | 7.8 HIGH |
| There is a NULL pointer dereference vulnerability in PSOutputDev::setupResources() located in PSOutputDev.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. | |||||
| CVE-2019-9588 | 1 Glyphandcog | 1 Xpdfreader | 2019-03-06 | 6.8 MEDIUM | 7.8 HIGH |
| There is an Invalid memory access in gAtomicIncrement() located at GMutex.h in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. | |||||
| CVE-2009-0147 | 3 Apple, Foolabs, Glyphandcog | 3 Cups, Xpdf, Xpdfreader | 2019-03-06 | 4.3 MEDIUM | N/A |
| Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg, (2) JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap. | |||||