Xpdf

xpdf

Vendor: Xpdfreader • 82 CVEs

CVEs (82)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-18455 1Xpdfreader 1Xpdf Nov 21, 2024 Oct 18, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The GfxImageColorMap class in GfxState.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.
CVE-2018-18454 1Xpdfreader 1Xpdf Nov 21, 2024 Oct 18, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 CCITTFaxStream::readRow() in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.
CVE-2018-16369 1Xpdfreader 1Xpdf Nov 21, 2024 Sep 3, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (stack consumption) via a crafted pdf file, related to AcroForm::scanField, as demonstrated by pdftohtml. NOTE: this might overlap...Show more XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (stack consumption) via a crafted pdf file, related to AcroForm::scanField, as demonstrated by pdftohtml. NOTE: this might overlap CVE-2018-7453.Show less
CVE-2018-16368 1Xpdfreader 1Xpdf Nov 21, 2024 Sep 3, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.
CVE-2018-11033 1Xpdfreader 1Xpdf Nov 21, 2024 May 14, 2018 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in xpdf before 4.00 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JPEG...Show more The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in xpdf before 4.00 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JPEG data.Show less
CVE-2018-8107 1Xpdfreader 1Xpdf Nov 21, 2024 Mar 14, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The JPXStream::close function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.
CVE-2018-8106 1Xpdfreader 1Xpdf Nov 21, 2024 Mar 14, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The JPXStream::readTilePartData function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml...Show more The JPXStream::readTilePartData function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.Show less
CVE-2018-8105 1Xpdfreader 1Xpdf Nov 21, 2024 Mar 14, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The JPXStream::fillReadBuf function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.
CVE-2018-8104 1Xpdfreader 1Xpdf Nov 21, 2024 Mar 14, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The BufStream::lookChar function in Stream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.
CVE-2018-8103 1Xpdfreader 1Xpdf Nov 21, 2024 Mar 14, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The JBIG2Stream::readGenericBitmap function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdft...Show more The JBIG2Stream::readGenericBitmap function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.Show less
CVE-2018-8102 1Xpdfreader 1Xpdf Nov 21, 2024 Mar 14, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The JBIG2MMRDecoder::getBlackCode function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launch denial of service (buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.
CVE-2018-8101 1Xpdfreader 1Xpdf Nov 21, 2024 Mar 14, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The JPXStream::inverseTransformLevel function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdft...Show more The JPXStream::inverseTransformLevel function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.Show less
CVE-2018-8100 1Xpdfreader 1Xpdf Nov 21, 2024 Mar 14, 2018 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a specific p...Show more The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a specific pdf file, as demonstrated by pdftohtml.Show less
CVE-2018-7455 1Xpdfreader 1Xpdf Nov 21, 2024 Feb 24, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 An out-of-bounds read in JPXStream::readTilePart in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml.
CVE-2018-7454 1Xpdfreader 1Xpdf Nov 21, 2024 Feb 24, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 A NULL pointer dereference in XFAForm::scanFields in XFAForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml.
CVE-2018-7453 1Xpdfreader 1Xpdf Nov 21, 2024 Feb 24, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 Infinite recursion in AcroForm::scanField in AcroForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file due to lack of loop checking, as demonstrated by pdftohtml.
CVE-2018-7452 1Xpdfreader 1Xpdf Nov 21, 2024 Feb 24, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 A NULL pointer dereference in JPXStream::fillReadBuf in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml.
CVE-2018-7175 1Xpdfreader 1Xpdf Nov 21, 2024 Feb 15, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in xpdf 4.00. A NULL pointer dereference in readCodestream allows an attacker to cause denial of service via a JPX image with zero components.
CVE-2018-7174 1Xpdfreader 1Xpdf Nov 21, 2024 Feb 15, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in xpdf 4.00. An infinite loop in XRef::Xref allows an attacker to cause denial of service because loop detection exists only for tables, not streams.
CVE-2018-7173 1Xpdfreader 1Xpdf Nov 21, 2024 Feb 15, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an attacker to cause denial of service via a specific file due to inappropriate decoding.

Previous 1 2 345 Next