Total
65 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-8103 | 1 Xpdfreader | 1 Xpdf | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
The JBIG2Stream::readGenericBitmap function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml. | |||||
CVE-2018-8104 | 1 Xpdfreader | 1 Xpdf | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
The BufStream::lookChar function in Stream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml. | |||||
CVE-2018-8105 | 1 Xpdfreader | 1 Xpdf | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
The JPXStream::fillReadBuf function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml. | |||||
CVE-2018-8106 | 1 Xpdfreader | 1 Xpdf | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
The JPXStream::readTilePartData function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml. | |||||
CVE-2018-8107 | 1 Xpdfreader | 1 Xpdf | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
The JPXStream::close function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml. | |||||
CVE-2019-10021 | 1 Xpdfreader | 1 Xpdf | 2019-06-27 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nComps. | |||||
CVE-2019-10019 | 1 Xpdfreader | 1 Xpdf | 2019-06-27 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PSOutputDev::checkPageSlice at PSOutputDev.cc for nStripes. | |||||
CVE-2019-10023 | 1 Xpdfreader | 1 Xpdf | 2019-06-27 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpMod case. | |||||
CVE-2019-10020 | 1 Xpdfreader | 1 Xpdf | 2019-03-25 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for x Bresenham parameters. | |||||
CVE-2019-10022 | 1 Xpdfreader | 1 Xpdf | 2019-03-25 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in Xpdf 4.01.01. There is a NULL pointer dereference in the function Gfx::opSetExtGState in Gfx.cc. | |||||
CVE-2019-10024 | 1 Xpdfreader | 1 Xpdf | 2019-03-25 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for y Bresenham parameters. | |||||
CVE-2019-10025 | 1 Xpdfreader | 1 Xpdf | 2019-03-25 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nBits. | |||||
CVE-2019-10026 | 1 Xpdfreader | 1 Xpdf | 2019-03-25 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec in Function.cc for the psOpRoll case. | |||||
CVE-2018-18650 | 1 Xpdfreader | 1 Xpdf | 2018-12-06 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows attackers to launch a denial of service (Integer Overflow) via a crafted /Size value in a pdf file, as demonstrated by pdftohtml. This is mainly caused by the program attempting a malloc operation for a large amount of memory. | |||||
CVE-2018-18455 | 1 Xpdfreader | 1 Xpdf | 2018-11-30 | 4.3 MEDIUM | 5.5 MEDIUM |
The GfxImageColorMap class in GfxState.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm. | |||||
CVE-2018-18456 | 1 Xpdfreader | 1 Xpdf | 2018-11-30 | 4.3 MEDIUM | 5.5 MEDIUM |
The function Object::isName() in Object.h (called from Gfx::opSetFillColorN) in Xpdf 4.00 allows remote attackers to cause a denial of service (stack-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm. | |||||
CVE-2018-18457 | 1 Xpdfreader | 1 Xpdf | 2018-11-30 | 4.3 MEDIUM | 5.5 MEDIUM |
The function DCTStream::readScan in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm. | |||||
CVE-2018-18458 | 1 Xpdfreader | 1 Xpdf | 2018-11-30 | 4.3 MEDIUM | 5.5 MEDIUM |
The function DCTStream::decodeImage in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm. | |||||
CVE-2018-18459 | 1 Xpdfreader | 1 Xpdf | 2018-11-30 | 4.3 MEDIUM | 5.5 MEDIUM |
The function DCTStream::getBlock in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm. | |||||
CVE-2018-11033 | 1 Xpdfreader | 1 Xpdf | 2018-06-19 | 6.8 MEDIUM | 7.8 HIGH |
The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in xpdf before 4.00 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JPEG data. |