CVEs (26)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
11Debian Easy Software ProductsGentoo+8 more16Cups Debian LinuxEnterprise Linux+13 moreApr 16, 2026 Jan 27, 2005 N/A· v4 N/A· v3 10.0 HIGH· v2 Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code,...Show more |
3Easy Software Products KdeXpdf3Cups KdeXpdfApr 16, 2026 Jan 10, 2005 N/A· v4 N/A· v3 9.3 HIGH· v2 Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of s...Show more |
4Adobe MandrakesoftRedhat+1 more7Acrobat Enterprise LinuxLinux+4 moreApr 16, 2026 Jul 24, 2003 N/A· v4 N/A· v3 7.5 HIGH· v2 Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink. |
Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-...Show more |
xpdf PDF viewer client earlier than 0.91 allows local users to overwrite arbitrary files via a symlink attack. |
xpdf PDF viewer client earlier than 0.91 does not properly launch a web browser for embedded URL's, which allows an attacker to execute arbitrary commands via a URL that contains shell metacharacters. |