Vulnerabilities > Xpdfreader

DATE CVE VULNERABILITY TITLE RISK
2018-10-18 CVE-2018-18455 Out-of-bounds Read vulnerability in Xpdfreader Xpdf 4.00
The GfxImageColorMap class in GfxState.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.
local
low complexity
xpdfreader CWE-125
5.5
2018-10-18 CVE-2018-18454 Out-of-bounds Read vulnerability in Xpdfreader Xpdf 4.00
CCITTFaxStream::readRow() in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.
local
low complexity
xpdfreader CWE-125
5.5
2018-09-03 CVE-2018-16369 Unspecified vulnerability in Xpdfreader Xpdf 4.00
XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (stack consumption) via a crafted pdf file, related to AcroForm::scanField, as demonstrated by pdftohtml.
local
low complexity
xpdfreader
5.5
2018-09-03 CVE-2018-16368 Out-of-bounds Read vulnerability in Xpdfreader Xpdf 4.00
SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.
local
low complexity
xpdfreader CWE-125
5.5
2018-05-14 CVE-2018-11033 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xpdfreader Xpdf 4.00
The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in xpdf before 4.00 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JPEG data.
local
low complexity
xpdfreader CWE-119
7.8
2018-03-14 CVE-2018-8107 Out-of-bounds Read vulnerability in Xpdfreader Xpdf 4.00
The JPXStream::close function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.
local
low complexity
xpdfreader CWE-125
5.5
2018-03-14 CVE-2018-8106 Out-of-bounds Read vulnerability in Xpdfreader Xpdf 4.00
The JPXStream::readTilePartData function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.
local
low complexity
xpdfreader CWE-125
5.5
2018-03-14 CVE-2018-8105 Out-of-bounds Read vulnerability in Xpdfreader Xpdf 4.00
The JPXStream::fillReadBuf function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.
local
low complexity
xpdfreader CWE-125
5.5
2018-03-14 CVE-2018-8104 Out-of-bounds Read vulnerability in Xpdfreader Xpdf 4.00
The BufStream::lookChar function in Stream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.
local
low complexity
xpdfreader CWE-125
5.5
2018-03-14 CVE-2018-8103 Out-of-bounds Read vulnerability in Xpdfreader Xpdf 4.00
The JBIG2Stream::readGenericBitmap function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.
local
low complexity
xpdfreader CWE-125
5.5