Vulnerabilities > Xpdfreader > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-18 | CVE-2018-18459 | NULL Pointer Dereference vulnerability in Xpdfreader Xpdf 4.00 The function DCTStream::getBlock in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm. | 5.5 |
| 2018-10-18 | CVE-2018-18458 | NULL Pointer Dereference vulnerability in Xpdfreader Xpdf 4.00 The function DCTStream::decodeImage in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm. | 5.5 |
| 2018-10-18 | CVE-2018-18457 | NULL Pointer Dereference vulnerability in Xpdfreader Xpdf 4.00 The function DCTStream::readScan in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm. | 5.5 |
| 2018-10-18 | CVE-2018-18456 | Out-of-bounds Read vulnerability in Xpdfreader Xpdf 4.00 The function Object::isName() in Object.h (called from Gfx::opSetFillColorN) in Xpdf 4.00 allows remote attackers to cause a denial of service (stack-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm. | 5.5 |
| 2018-10-18 | CVE-2018-18455 | Out-of-bounds Read vulnerability in Xpdfreader Xpdf 4.00 The GfxImageColorMap class in GfxState.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm. | 5.5 |
| 2018-10-18 | CVE-2018-18454 | Out-of-bounds Read vulnerability in Xpdfreader Xpdf 4.00 CCITTFaxStream::readRow() in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm. | 5.5 |
| 2018-09-03 | CVE-2018-16369 | Unspecified vulnerability in Xpdfreader Xpdf 4.00 XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (stack consumption) via a crafted pdf file, related to AcroForm::scanField, as demonstrated by pdftohtml. | 5.5 |
| 2018-09-03 | CVE-2018-16368 | Out-of-bounds Read vulnerability in Xpdfreader Xpdf 4.00 SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm. | 5.5 |
| 2018-03-14 | CVE-2018-8107 | Out-of-bounds Read vulnerability in Xpdfreader Xpdf 4.00 The JPXStream::close function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml. | 5.5 |
| 2018-03-14 | CVE-2018-8106 | Out-of-bounds Read vulnerability in Xpdfreader Xpdf 4.00 The JPXStream::readTilePartData function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml. | 5.5 |