Vulnerabilities > Xpdfreader > Xpdf > 4.00
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-18 | CVE-2018-18457 | NULL Pointer Dereference vulnerability in Xpdfreader Xpdf 4.00 The function DCTStream::readScan in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm. | 4.3 |
| 2018-10-18 | CVE-2018-18456 | Out-of-bounds Read vulnerability in Xpdfreader Xpdf 4.00 The function Object::isName() in Object.h (called from Gfx::opSetFillColorN) in Xpdf 4.00 allows remote attackers to cause a denial of service (stack-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm. | 4.3 |
| 2018-10-18 | CVE-2018-18455 | Out-of-bounds Read vulnerability in Xpdfreader Xpdf 4.00 The GfxImageColorMap class in GfxState.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm. | 4.3 |
| 2018-10-18 | CVE-2018-18454 | Out-of-bounds Read vulnerability in Xpdfreader Xpdf 4.00 CCITTFaxStream::readRow() in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm. | 4.3 |
| 2018-09-03 | CVE-2018-16369 | Unspecified vulnerability in Xpdfreader Xpdf 4.00 XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (stack consumption) via a crafted pdf file, related to AcroForm::scanField, as demonstrated by pdftohtml. network xpdfreader | 4.3 |
| 2018-09-03 | CVE-2018-16368 | Out-of-bounds Read vulnerability in Xpdfreader Xpdf 4.00 SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm. | 4.3 |
| 2018-05-14 | CVE-2018-11033 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xpdfreader Xpdf 4.00 The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in xpdf before 4.00 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JPEG data. | 6.8 |
| 2018-03-14 | CVE-2018-8107 | Out-of-bounds Read vulnerability in Xpdfreader Xpdf 4.00 The JPXStream::close function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml. | 4.3 |
| 2018-03-14 | CVE-2018-8106 | Out-of-bounds Read vulnerability in Xpdfreader Xpdf 4.00 The JPXStream::readTilePartData function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml. | 4.3 |
| 2018-03-14 | CVE-2018-8105 | Out-of-bounds Read vulnerability in Xpdfreader Xpdf 4.00 The JPXStream::fillReadBuf function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml. | 4.3 |