Vulnerabilities > Xpdfreader > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-14 | CVE-2018-8102 | Out-of-bounds Read vulnerability in Xpdfreader Xpdf 4.00 The JBIG2MMRDecoder::getBlackCode function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launch denial of service (buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml. | 4.3 |
| 2018-03-14 | CVE-2018-8101 | Out-of-bounds Read vulnerability in Xpdfreader Xpdf 4.00 The JPXStream::inverseTransformLevel function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml. | 4.3 |
| 2018-03-14 | CVE-2018-8100 | Out-of-bounds Write vulnerability in Xpdfreader Xpdf 4.00 The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a specific pdf file, as demonstrated by pdftohtml. | 6.8 |
| 2018-02-24 | CVE-2018-7455 | Out-of-bounds Read vulnerability in Xpdfreader Xpdf 4.00 An out-of-bounds read in JPXStream::readTilePart in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml. | 4.3 |
| 2018-02-24 | CVE-2018-7454 | NULL Pointer Dereference vulnerability in Xpdfreader Xpdf 4.00 A NULL pointer dereference in XFAForm::scanFields in XFAForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml. | 4.3 |
| 2018-02-24 | CVE-2018-7453 | Infinite Loop vulnerability in Xpdfreader Xpdf 4.00 Infinite recursion in AcroForm::scanField in AcroForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file due to lack of loop checking, as demonstrated by pdftohtml. | 4.3 |
| 2018-02-24 | CVE-2018-7452 | NULL Pointer Dereference vulnerability in Xpdfreader Xpdf 4.00 A NULL pointer dereference in JPXStream::fillReadBuf in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml. | 4.3 |
| 2018-02-15 | CVE-2018-7175 | NULL Pointer Dereference vulnerability in Xpdfreader Xpdf 4.00 An issue was discovered in xpdf 4.00. | 4.3 |
| 2018-02-15 | CVE-2018-7174 | Infinite Loop vulnerability in Xpdfreader Xpdf 4.00 An issue was discovered in xpdf 4.00. | 4.3 |
| 2018-02-15 | CVE-2018-7173 | Encoding Error vulnerability in Xpdfreader Xpdf 4.00 A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an attacker to cause denial of service via a specific file due to inappropriate decoding. | 4.3 |