← Back

Xpdf

xpdf

Vendor: Glyphandcog • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-16927
1Glyphandcog
1Xpdf
Nov 21, 2024
Sep 27, 2019
N/A· v4
5.5 MEDIUM· v3
4.3 MEDIUM· v2
Xpdf 4.01.01 has an out-of-bounds write in the vertProfile part of the TextPage::findGaps function in TextOutputDev.cc, a different vulnerability than CVE-2019-9877.
CVE-2011-2902
2Debian
Glyphandcog
2Debian Linux
Xpdf
Nov 21, 2024
Jan 30, 2018
N/A· v4
5.3 MEDIUM· v3
6.4 MEDIUM· v2
zxpdf in xpdf before 3.02-19 as packaged in Debian unstable and 3.02-12+squeeze1 as packaged in Debian squeeze deletes temporary files insecurely, which allows remote attackers to delete arbitrary files via a crafted .pd...Show more
zxpdf in xpdf before 3.02-19 as packaged in Debian unstable and 3.02-12+squeeze1 as packaged in Debian squeeze deletes temporary files insecurely, which allows remote attackers to delete arbitrary files via a crafted .pdf.gz file name.Show less