Vulnerabilities > Podofo Project > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-04-22 CVE-2017-8054 Infinite Loop vulnerability in Podofo Project Podofo 0.9.5
The function PdfPagesTree::GetPageNodeFromArray in PdfPageTree.cpp:464 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted PDF document.
local
low complexity
podofo-project CWE-835
5.5
2017-04-22 CVE-2017-8053 Infinite Loop vulnerability in Podofo Project Podofo 0.9.5
PoDoFo 0.9.5 allows denial of service (infinite recursion and stack consumption) via a crafted PDF file in PoDoFo::PdfParser::ReadDocumentStructure (PdfParser.cpp).
local
low complexity
podofo-project CWE-835
5.5
2017-04-21 CVE-2017-7994 NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.5
The function TextExtractor::ExtractText in TextExtractor.cpp:77 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.
network
low complexity
podofo-project CWE-476
6.5
2017-04-03 CVE-2017-7383 NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.5
The PdfFontFactory.cpp:195:62 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.
local
low complexity
podofo-project CWE-476
5.5
2017-04-03 CVE-2017-7382 NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.5
The PdfFontFactory.cpp:200:88 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.
local
low complexity
podofo-project CWE-476
5.5
2017-04-03 CVE-2017-7381 NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.5
The doc/PdfPage.cpp:609:23 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.
local
low complexity
podofo-project CWE-476
5.5
2017-04-03 CVE-2017-7380 NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.5
The doc/PdfPage.cpp:614:20 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.
local
low complexity
podofo-project CWE-476
5.5
2017-04-03 CVE-2017-7379 Out-of-bounds Read vulnerability in Podofo Project Podofo 0.9.5
The PoDoFo::PdfSimpleEncoding::ConvertToEncoding function in PdfEncoding.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted PDF document.
local
low complexity
podofo-project CWE-125
5.5
2017-04-03 CVE-2017-7378 Out-of-bounds Read vulnerability in Podofo Project Podofo 0.9.5
The PoDoFo::PdfPainter::ExpandTabs function in PdfPainter.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted PDF document.
local
low complexity
podofo-project CWE-125
5.5
2017-03-15 CVE-2017-6849 NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.4
The PoDoFo::PdfColorGray::~PdfColorGray function in PdfColor.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
local
low complexity
podofo-project CWE-476
5.5