Vulnerabilities > Podofo Project

DATE CVE VULNERABILITY TITLE RISK
2017-03-15 CVE-2017-6845 NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.4
The PoDoFo::PdfColor::operator function in PdfColor.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
local
low complexity
podofo-project CWE-476
5.5
2017-03-15 CVE-2017-6844 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Podofo Project Podofo 0.9.4
Buffer overflow in the PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file.
local
low complexity
podofo-project CWE-119
7.8
2017-03-15 CVE-2017-6843 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Podofo Project Podofo 0.9.4
Heap-based buffer overflow in the PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file.
local
low complexity
podofo-project CWE-119
7.8
2017-03-15 CVE-2017-6842 NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.5
The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
local
low complexity
podofo-project CWE-476
5.5
2017-03-15 CVE-2017-6841 NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.5
The GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement function in graphicsstack.h in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
local
low complexity
podofo-project CWE-476
5.5
2017-03-15 CVE-2017-6840 Out-of-bounds Read vulnerability in Podofo Project Podofo 0.9.5
The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (invalid read) via a crafted file.
local
low complexity
podofo-project CWE-125
5.5
2017-03-01 CVE-2017-5886 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Podofo Project Podofo 0.9.4
Heap-based buffer overflow in the PoDoFo::PdfTokenizer::GetNextToken function in PdfTokenizer.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file.
local
low complexity
podofo-project CWE-119
7.8
2017-03-01 CVE-2017-5855 NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.4
The PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
local
low complexity
podofo-project CWE-476
5.5
2017-03-01 CVE-2017-5854 NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.4
base/PdfOutputStream.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.
local
low complexity
podofo-project CWE-476
5.5
2017-03-01 CVE-2017-5853 Integer Overflow or Wraparound vulnerability in Podofo Project Podofo 0.9.4
Integer overflow in base/PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file.
local
low complexity
podofo-project CWE-190
7.8