Vulnerabilities > Podofo Project > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-03-15 | CVE-2017-6845 | NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.4 The PoDoFo::PdfColor::operator function in PdfColor.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. | 4.3 |
2017-03-15 | CVE-2017-6844 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Podofo Project Podofo 0.9.4 Buffer overflow in the PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file. | 6.8 |
2017-03-15 | CVE-2017-6843 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Podofo Project Podofo 0.9.4 Heap-based buffer overflow in the PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file. | 6.8 |
2017-03-15 | CVE-2017-6842 | NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.5 The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. | 4.3 |
2017-03-15 | CVE-2017-6841 | NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.5 The GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement function in graphicsstack.h in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. | 4.3 |
2017-03-15 | CVE-2017-6840 | Out-of-bounds Read vulnerability in Podofo Project Podofo 0.9.5 The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (invalid read) via a crafted file. | 4.3 |
2017-03-01 | CVE-2017-5886 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Podofo Project Podofo 0.9.4 Heap-based buffer overflow in the PoDoFo::PdfTokenizer::GetNextToken function in PdfTokenizer.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file. | 6.8 |
2017-03-01 | CVE-2017-5855 | NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.4 The PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. | 4.3 |
2017-03-01 | CVE-2017-5854 | NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.4 base/PdfOutputStream.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file. | 4.3 |
2017-03-01 | CVE-2017-5853 | Integer Overflow or Wraparound vulnerability in Podofo Project Podofo 0.9.4 Integer overflow in base/PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file. | 6.8 |