Latest xpdfreader xpdf Vulnerabilities

CVE-2022-48545
An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02.
Xpdfreader Xpdf=4.02
CVE-2023-3436
Xpdf 4.04 will deadlock on a PDF object stream whose "Length" field is itself in another object stream.
Xpdfreader Xpdf=4.04
CVE-2023-3044
An excessively large PDF page size (found in fuzz testing, unlikely in normal PDF files) can result in a divide-by-zero in Xpdf's text extraction code. This is related to CVE-2022-30524, but the p...
Xpdfreader Xpdf<4.05
CVE-2023-2664
 In Xpdf 4.04 (and earlier), a PDF object loop in the embedded file tree leads to infinite recursion and a stack overflow.
Xpdfreader Xpdf<=4.04
CVE-2023-2663
 In Xpdf 4.04 (and earlier), a PDF object loop in the page label tree leads to infinite recursion and a stack overflow.
Xpdfreader Xpdf<=4.04
CVE-2023-2662
In Xpdf 4.04 (and earlier), a bad color space object in the input PDF file can cause a divide-by-zero.
Xpdfreader Xpdf<=4.04
CVE-2023-26930
** DISPUTED ** Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via the PDFDoc malloc in the pdftotext.cc function. NOTE: Vendor states “it's an expec...
Xpdfreader Xpdf=4.04
=4.04
CVE-2022-45586
Stack overflow vulnerability in function Dict::find in xpdf/Dict.cc in xpdf 4.04, allows local attackers to cause a denial of service.
Xpdfreader Xpdf=4.04
CVE-2022-45587
Stack overflow vulnerability in function gmalloc in goo/gmem.cc in xpdf 4.04, allows local attackers to cause a denial of service.
Xpdfreader Xpdf=4.04
CVE-2021-36493
Xpdfreader Xpdf=4.03
CVE-2022-43071
A stack overflow in the Catalog::readPageLabelTree2(Object*) function of XPDF v4.04 allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.
Xpdfreader Xpdf=4.04
CVE-2022-43295
XPDF v4.04 was discovered to contain a stack overflow via the function FileStream::copy() at xpdf/Stream.cc:795.
Xpdfreader Xpdf=4.04
CVE-2022-41843
An issue was discovered in Xpdf 4.04. There is a crash in convertToType0 in fofi/FoFiType1C.cc, a different vulnerability than CVE-2022-38928.
Xpdfreader Xpdf=4.04
CVE-2022-41842
An issue was discovered in Xpdf 4.04. There is a crash in gfseek(_IO_FILE*, long, int) in goo/gfile.cc.
Xpdfreader Xpdf=4.04
CVE-2022-41844
An issue was discovered in Xpdf 4.04. There is a crash in XRef::fetch(int, int, Object*, int) in xpdf/XRef.cc, a different vulnerability than CVE-2018-16369 and CVE-2019-16088.
Xpdfreader Xpdf=4.04
CVE-2022-38222
There is a use-after-free issue in JBIG2Stream::close() located in JBIG2Stream.cc in Xpdf 4.04. It can be triggered by sending a crafted PDF file to (for example) the pdfimages binary. It allows an at...
Xpdfreader Xpdf=4.04
CVE-2022-38928
XPDF 4.04 is vulnerable to Null Pointer Dereference in FoFiType1C.cc:2393.
Xpdfreader Xpdf=4.04
CVE-2022-38334
XPDF v4.04 and earlier was discovered to contain a stack overflow via the function Catalog::countPageTree() at Catalog.cc.
Xpdfreader Xpdf<=4.04
CVE-2022-36561
XPDF v4.0.4 was discovered to contain a segmentation violation via the component /xpdf/AcroForm.cc:538.
Xpdfreader Xpdf=4.04
CVE-2022-38171
Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIG2Stream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to ...
Xpdfreader Xpdf=4.04
freedesktop poppler<22.09.0
CVE-2022-33108
XPDF v4.04 was discovered to contain a stack overflow vulnerability via the Object::Copy class of object.cc files.
Xpdfreader Xpdf=4.04
CVE-2021-27548
There is a Null Pointer Dereference vulnerability in the XFAScanner::scanNode() function in XFAScanner.cc in xpdf 4.03.
Xpdfreader Xpdf=4.03
CVE-2022-30775
xpdf 4.04 allocates excessive memory when presented with crafted input. This can be triggered by (for example) sending a crafted PDF document to the pdftoppm binary. It is most easily reproduced with ...
Xpdfreader Xpdf=4.04
CVE-2022-30524
There is an invalid memory access in the TextLine class in TextOutputDev.cc in Xpdf 4.0.4 because the text extractor mishandles characters at large y coordinates. It can be triggered by (for example) ...
Xpdfreader Xpdf=4.0.4
CVE-2022-27135
xpdf 4.03 has heap buffer overflow in the function readXRefTable located in XRef.cc. An attacker can exploit this bug to cause a Denial of Service (Segmentation fault) or other unspecified effects by ...
Xpdfreader Xpdf=4.03
CVE-2021-30860
Apple Multiple Products Integer Overflow Vulnerability
Apple iPadOS<14.8
Apple iPhone OS<12.5.5
Apple iPhone OS>=13.0<14.8
Apple Mac OS X>=10.15<10.15.7
Apple Mac OS X=10.15.7
Apple Mac OS X=10.15.7-security_update_2020
and 16 more
CVE-2020-35376
Xpdf 4.02 allows stack consumption because of an incorrect subroutine reference in a Type 1C font charstring, related to the FoFiType1C::getOp() function.
Xpdfreader Xpdf=4.02
Fedoraproject Fedora=32
Fedoraproject Fedora=33
CVE-2020-25725
In Xpdf 4.02, SplashOutputDev::endType3Char(GfxState *state) SplashOutputDev.cc:3079 is trying to use the freed `t3GlyphStack->cache`, which causes an `heap-use-after-free` problem. The codes of a pre...
Xpdfreader Xpdf=4.02
Fedoraproject Fedora=32
Fedoraproject Fedora=33
CVE-2020-24996
There is an invalid memory access in the function TextString::~TextString() located in Catalog.cc in Xpdf 4.0.2. It can be triggered by (for example) sending a crafted pdf file to the pdftohtml binary...
Xpdfreader Xpdf=4.0.2
CVE-2012-2142
The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator.
freedesktop poppler<0.21.4
Xpdfreader Xpdf=3.02
Redhat Enterprise Linux=5.0
Redhat Enterprise Linux=6.0
Opensuse Opensuse=12.2
CVE-2010-0207
In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial of service (application crash) in xpdf-based PDF viewers.
debian/poppler
debian/xpdf<=3.04-13<=3.04+git20210103-3<=3.04+git20220601-1
Xpdfreader Xpdf=3.03-17
Debian Debian Linux=8.0
Xpdfreader Xpdf=3.04-4
Debian Debian Linux=9.0
and 2 more
CVE-2010-0206
xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream objects.
debian/poppler
debian/xpdf<=3.04-13<=3.04+git20210103-3<=3.04+git20220601-1
Xpdfreader Xpdf=3.03-17
Debian Debian Linux=8.0
Xpdfreader Xpdf=3.04-4
Debian Debian Linux=9.0
and 2 more
CVE-2019-10024
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for y Bresenham parameters.
Xpdfreader Xpdf=4.01.01
CVE-2019-10025
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nBits.
Xpdfreader Xpdf=4.01.01
CVE-2019-10020
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for x Bresenham parameters.
Xpdfreader Xpdf=4.01.01
CVE-2019-10026
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec in Function.cc for the psOpRoll case.
Xpdfreader Xpdf=4.01.01
CVE-2019-10022
An issue was discovered in Xpdf 4.01.01. There is a NULL pointer dereference in the function Gfx::opSetExtGState in Gfx.cc.
Xpdfreader Xpdf=4.01.01
CVE-2019-10019
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PSOutputDev::checkPageSlice at PSOutputDev.cc for nStripes.
Xpdfreader Xpdf=4.01.01
ubuntu/poppler<0.41.0-0ubuntu1.14
debian/xpdf
CVE-2019-10018
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpIdiv case.
Xpdfreader Xpdf=4.01.01
Debian Debian Linux=9.0
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=18.10
Canonical Ubuntu Linux=19.04
and 2 more
CVE-2019-10023
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpMod case.
Xpdfreader Xpdf=4.01.01
ubuntu/poppler<0.41.0-0ubuntu1.14
debian/xpdf
CVE-2019-10021
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nComps.
Xpdfreader Xpdf=4.01.01
ubuntu/poppler<0.41.0-0ubuntu1.14
debian/xpdf
CVE-2019-9878
There is an invalid memory access in the function GfxIndexedColorSpace::mapColorToBase() located in GfxState.cc in Xpdf 4.0.0, as used in pdfalto 0.2. It can be triggered by (for example) sending a cr...
Pdfalto Project Pdfalto=0.2
Xpdfreader Xpdf=4.0.0
CVE-2018-18651
An issue was discovered in Xpdf 4.00. catalog->getNumPages() in AcroForm.cc allows attackers to launch a denial of service (hang caused by large loop) via a specific pdf file, as demonstrated by pdfto...
Xpdfreader Xpdf=4.00
CVE-2018-18650
An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows attackers to launch a denial of service (Integer Overflow) via a crafted /Size value in a pdf file, as demonstrated by pdft...
Xpdfreader Xpdf=4.00
CVE-2018-18457
The function DCTStream::readScan in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm.
Xpdfreader Xpdf=4.00
CVE-2018-18456
The function Object::isName() in Object.h (called from Gfx::opSetFillColorN) in Xpdf 4.00 allows remote attackers to cause a denial of service (stack-based buffer over-read) via a crafted pdf file, as...
Xpdfreader Xpdf=4.00
CVE-2018-18458
The function DCTStream::decodeImage in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm.
Xpdfreader Xpdf=4.00
CVE-2018-18455
The GfxImageColorMap class in GfxState.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.
Xpdfreader Xpdf=4.00
CVE-2018-18454
CCITTFaxStream::readRow() in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.
Xpdfreader Xpdf=4.00
CVE-2018-18459
The function DCTStream::getBlock in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm.
Xpdfreader Xpdf=4.00

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203