Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

freedesktop poppler 0.24.2 vulnerabilities and exploits

(subscribe to this query)
3.3
CVSSv2
CVE-2013-4472
The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 and previous versions, when running on a system other than Unix, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names.
Freedesktop Poppler 0.24.0Freedesktop Poppler 0.24.2Freedesktop Poppler 0.24.1Freedesktop Poppler
7.5
CVSSv2
CVE-2013-4473
Stack-based buffer overflow in the extractPages function in utils/pdfseparate.cc in poppler prior to 0.24.2 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a source filename.
Freedesktop Poppler 0.22.4Freedesktop Poppler 0.22.3Freedesktop Poppler 0.1Freedesktop Poppler 0.1.1Freedesktop Poppler 0.11.3Freedesktop Poppler 0.12.0Freedesktop Poppler 0.12.1Freedesktop Poppler 0.12.2Freedesktop Poppler 0.12.3Freedesktop Poppler 0.15.0Freedesktop Poppler 0.15.1Freedesktop Poppler 0.15.2Freedesktop Poppler 0.15.3Freedesktop Poppler 0.18.0Freedesktop Poppler 0.18.1Freedesktop Poppler 0.18.2Freedesktop Poppler 0.18.3Freedesktop Poppler 0.21.0Freedesktop Poppler 0.21.1Freedesktop Poppler 0.21.2Freedesktop Poppler 0.21.3Freedesktop Poppler 0.4.4
4.3
CVSSv2
CVE-2017-7511
poppler since version 0.17.3 has been vulnerable to NULL pointer dereference in pdfunite triggered by specially crafted documents.
Freedesktop Poppler 0.54.0Freedesktop Poppler 0.53.0Freedesktop Poppler 0.52.0Freedesktop Poppler 0.45.0Freedesktop Poppler 0.44.0Freedesktop Poppler 0.37.0Freedesktop Poppler 0.36.0Freedesktop Poppler 0.28.1Freedesktop Poppler 0.28.0Freedesktop Poppler 0.25.3Freedesktop Poppler 0.25.2Freedesktop Poppler 0.24.1Freedesktop Poppler 0.24.0Freedesktop Poppler 0.22.3Freedesktop Poppler 0.22.2Freedesktop Poppler 0.21.0Freedesktop Poppler 0.20.5Freedesktop Poppler 0.19.3Freedesktop Poppler 0.19.2Freedesktop Poppler 0.17.4Freedesktop Poppler 0.17.3Freedesktop Poppler 0.55.0
5
CVSSv2
CVE-2013-7296
The JBIG2Stream::readSegments method in JBIG2Stream.cc in Poppler prior to 0.24.5 does not use the correct specifier within a format string, which allows context-dependent malicious users to cause a denial of service (segmentation fault and application crash) via a crafted PDF fi...
Freedesktop Poppler 0.23.3Freedesktop Poppler 0.23.2Freedesktop Poppler 0.22.0Freedesktop Poppler 0.21.4Freedesktop Poppler 0.20.3Freedesktop Poppler 0.20.2Freedesktop Poppler 0.19.0Freedesktop Poppler 0.18.4Freedesktop Poppler 0.17.2Freedesktop Poppler 0.17.1Freedesktop Poppler 0.16.2Freedesktop Poppler 0.16.1Freedesktop Poppler 0.14.3Freedesktop Poppler 0.14.2Freedesktop Poppler 0.13.0Freedesktop Poppler 0.12.4Freedesktop Poppler 0.11.1Freedesktop Poppler 0.11.0Freedesktop Poppler 0.10.0Freedesktop Poppler 0.1.2Freedesktop PopplerFreedesktop Poppler 0.24.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925CVE-2023-41826LFICVE-2022-22364CVE-2024-2887command injectionremote code executionCVE-2024-34446CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook