Vulnerabilities > Glyphandcog

DATE CVE VULNERABILITY TITLE RISK
2019-07-04 CVE-2019-13286 Out-of-bounds Read vulnerability in multiple products
In Xpdf 4.01.01, there is a heap-based buffer over-read in the function JBIG2Stream::readTextRegionSeg() located at JBIG2Stream.cc.
local
low complexity
glyphandcog fedoraproject CWE-125
5.5
2019-07-04 CVE-2019-13283 Out-of-bounds Read vulnerability in multiple products
In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in strncpy from FoFiType1::parse in fofi/FoFiType1.cc because it does not ensure the source string has a valid length before making a fixed-length copy.
local
low complexity
glyphandcog fedoraproject CWE-125
7.8
2019-07-04 CVE-2019-13282 Out-of-bounds Read vulnerability in multiple products
In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in SampledFunction::transform in Function.cc when using a large index for samples.
local
low complexity
glyphandcog fedoraproject CWE-125
7.8
2019-07-04 CVE-2019-13281 Out-of-bounds Write vulnerability in multiple products
In Xpdf 4.01.01, a heap-based buffer overflow could be triggered in DCTStream::decodeImage() in Stream.cc when writing to frameBuf memory.
local
low complexity
glyphandcog fedoraproject CWE-787
7.8
2019-06-25 CVE-2019-12958 Out-of-bounds Read vulnerability in Glyphandcog Xpdfreader 4.01.01
In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in FoFiType1C::convertToType0 in fofi/FoFiType1C.cc when it is trying to access the second privateDicts array element, because the privateDicts array has only one element allocated.
local
low complexity
glyphandcog CWE-125
5.5
2019-06-25 CVE-2019-12957 Improper Validation of Array Index vulnerability in multiple products
In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToType1 in fofi/FoFiType1C.cc when the index number is larger than the charset array bounds.
local
low complexity
glyphandcog fedoraproject CWE-129
7.8
2019-06-02 CVE-2019-12515 Out-of-bounds Read vulnerability in Glyphandcog Xpdfreader 4.01.01
There is an out-of-bounds read vulnerability in the function FlateStream::getChar() located at Stream.cc in Xpdf 4.01.01.
local
low complexity
glyphandcog CWE-125
7.1
2019-05-31 CVE-2019-12493 Out-of-bounds Read vulnerability in Glyphandcog Xpdfreader 4.01.01
A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSpace and GfxDeviceNColorSpace mishandle tint transform functions.
local
low complexity
glyphandcog CWE-125
7.1
2019-05-27 CVE-2019-12360 Out-of-bounds Read vulnerability in Glyphandcog Xpdfreader 4.01.01
A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01.
local
low complexity
glyphandcog CWE-125
7.1
2019-03-06 CVE-2019-9589 NULL Pointer Dereference vulnerability in Glyphandcog Xpdfreader 4.01
There is a NULL pointer dereference vulnerability in PSOutputDev::setupResources() located in PSOutputDev.cc in Xpdf 4.01.
local
low complexity
glyphandcog CWE-476
7.8