CPE Details
XpdfReader Xpdf 3.02 pl1
3.02
2020-12-23
18h25 +00:00
18h25 +00:00
2020-12-23
18h25 +00:00
18h25 +00:00
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
CPE Name: cpe:2.3:a:xpdfreader:xpdf:3.02:pl1:*:*:*:*:*:*
Informations
Vendor
xpdfreaderProduct
xpdfVersion
3.02Update
pl1Related CVE
| CVE ID | Publié | Description | Score | Gravité |
|---|---|---|---|---|
| In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address. | 2.1 |
Bas |
||
| In Xpdf 4.05 (and earlier), very large coordinates in a page box can cause an integer overflow and divide-by-zero. | 2.1 |
Bas |
||
| In Xpdf 4.05 (and earlier), a PDF object loop in a pattern resource leads to infinite recursion and a stack overflow. | 2.1 |
Bas |
||
| Out-of-bounds array write in Xpdf 4.05 and earlier, due to missing object type check in AcroForm field reference. | 2.1 |
Bas |
||
| In Xpdf 4.05 (and earlier), a PDF object loop in the PDF resources leads to infinite recursion and a stack overflow. | 5.5 |
Moyen |
||
| Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid character code in a Type 1 font. The root problem was a bounds check that was being optimized away by modern compilers. | 5.5 |
Moyen |
||
| Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by long Unicode sequence in ActualText. | 5.5 |
Moyen |
||
| In Xpdf 4.05 (and earlier), a PDF object loop in the attachments leads to infinite recursion and a stack overflow. | 5.5 |
Moyen |
||
| In Xpdf 4.05 (and earlier), a PDF object loop in an object stream leads to infinite recursion and a stack overflow. | 5.5 |
Moyen |
||
| Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by negative object number in indirect reference in the input PDF file. | 5.5 |
Moyen |
||
| An excessively large PDF page size (found in fuzz testing, unlikely in normal PDF files) can result in a divide-by-zero in Xpdf's text extraction code. This is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate. | 3.3 |
Bas |
||
| In Xpdf 4.04 (and earlier), a PDF object loop in the embedded file tree leads to infinite recursion and a stack overflow. | 5.5 |
Moyen |
||
| In Xpdf 4.04 (and earlier), a PDF object loop in the page label tree leads to infinite recursion and a stack overflow. | 9.1 |
Critique |
||
| In Xpdf 4.04 (and earlier), a bad color space object in the input PDF file can cause a divide-by-zero. | 5.5 |
Moyen |
||
| XPDF v4.04 and earlier was discovered to contain a stack overflow via the function Catalog::countPageTree() at Catalog.cc. | 5.5 |
Moyen |
||
| An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. | 7.8 |
Haute |
||
| The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator. | 7.8 |
Haute |
||
| The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference. | 7.5 |
|||
| Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function. | 6.8 |
2025©
tesweb SA
