Vulnerabilities > Xpdfreader > Xpdf
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-21 | CVE-2019-9877 | Out-of-bounds Write vulnerability in Xpdfreader Xpdf 4.0.1 There is an invalid memory access vulnerability in the function TextPage::findGaps() located at TextOutputDev.c in Xpdf 4.01, which can (for example) be triggered by sending a crafted pdf file to the pdftops binary. | 7.8 |
| 2018-10-25 | CVE-2018-18651 | Excessive Iteration vulnerability in Xpdfreader Xpdf 4.00 An issue was discovered in Xpdf 4.00. | 5.5 |
| 2018-10-25 | CVE-2018-18650 | Integer Overflow or Wraparound vulnerability in Xpdfreader Xpdf 4.00 An issue was discovered in Xpdf 4.00. | 5.5 |
| 2018-10-18 | CVE-2018-18459 | NULL Pointer Dereference vulnerability in Xpdfreader Xpdf 4.00 The function DCTStream::getBlock in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm. | 5.5 |
| 2018-10-18 | CVE-2018-18458 | NULL Pointer Dereference vulnerability in Xpdfreader Xpdf 4.00 The function DCTStream::decodeImage in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm. | 5.5 |
| 2018-10-18 | CVE-2018-18457 | NULL Pointer Dereference vulnerability in Xpdfreader Xpdf 4.00 The function DCTStream::readScan in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm. | 5.5 |
| 2018-10-18 | CVE-2018-18456 | Out-of-bounds Read vulnerability in Xpdfreader Xpdf 4.00 The function Object::isName() in Object.h (called from Gfx::opSetFillColorN) in Xpdf 4.00 allows remote attackers to cause a denial of service (stack-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm. | 5.5 |
| 2018-10-18 | CVE-2018-18455 | Out-of-bounds Read vulnerability in Xpdfreader Xpdf 4.00 The GfxImageColorMap class in GfxState.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm. | 5.5 |
| 2018-10-18 | CVE-2018-18454 | Out-of-bounds Read vulnerability in Xpdfreader Xpdf 4.00 CCITTFaxStream::readRow() in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm. | 5.5 |
| 2018-09-03 | CVE-2018-16369 | Unspecified vulnerability in Xpdfreader Xpdf 4.00 XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (stack consumption) via a crafted pdf file, related to AcroForm::scanField, as demonstrated by pdftohtml. | 5.5 |