Vulnerabilities > Xpdfreader
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-03-14 | CVE-2018-8100 | Out-of-bounds Write vulnerability in Xpdfreader Xpdf 4.00 The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a specific pdf file, as demonstrated by pdftohtml. | 6.8 |
2018-02-24 | CVE-2018-7455 | Out-of-bounds Read vulnerability in Xpdfreader Xpdf 4.00 An out-of-bounds read in JPXStream::readTilePart in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml. | 4.3 |
2018-02-24 | CVE-2018-7454 | NULL Pointer Dereference vulnerability in Xpdfreader Xpdf 4.00 A NULL pointer dereference in XFAForm::scanFields in XFAForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml. | 4.3 |
2018-02-24 | CVE-2018-7453 | Infinite Loop vulnerability in Xpdfreader Xpdf 4.00 Infinite recursion in AcroForm::scanField in AcroForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file due to lack of loop checking, as demonstrated by pdftohtml. | 4.3 |
2018-02-24 | CVE-2018-7452 | NULL Pointer Dereference vulnerability in Xpdfreader Xpdf 4.00 A NULL pointer dereference in JPXStream::fillReadBuf in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml. | 4.3 |
2018-02-15 | CVE-2018-7175 | NULL Pointer Dereference vulnerability in Xpdfreader Xpdf 4.00 An issue was discovered in xpdf 4.00. | 4.3 |
2018-02-15 | CVE-2018-7174 | Infinite Loop vulnerability in Xpdfreader Xpdf 4.00 An issue was discovered in xpdf 4.00. | 4.3 |
2018-02-15 | CVE-2018-7173 | Encoding Error vulnerability in Xpdfreader Xpdf 4.00 A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an attacker to cause denial of service via a specific file due to inappropriate decoding. | 4.3 |
2010-11-05 | CVE-2010-3702 | Null Pointer Dereference vulnerability in multiple products The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference. network low complexity apple freedesktop xpdfreader fedoraproject opensuse suse debian redhat canonical CWE-476 | 7.5 |