Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xpdf xpdf 1.0a vulnerabilities and exploits
(subscribe to this query)
5.1
CVSSv2
CVE-2005-3193
Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and previous versions, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and (5) libextractor allows user-assisted malicious u...
Xpdf Xpdf 0.93
Xpdf Xpdf 1.0
Xpdf Xpdf 1.0a
Xpdf Xpdf 3.0.1
Xpdf Xpdf 3.0 Pl2
Xpdf Xpdf 0.90
Xpdf Xpdf 2.1
Xpdf Xpdf 2.2
Xpdf Xpdf 0.91
Xpdf Xpdf 0.92
Xpdf Xpdf 2.3
Xpdf Xpdf 3.0
Xpdf Xpdf 1.1
Xpdf Xpdf 2.0
Xpdf Xpdf 3.0 Pl3
5.1
CVSSv2
CVE-2005-3191
Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and previous versions, as used in products such as (a) Poppler, (b) teTeX, (c) KDE kpdf, (d) pdftohtm...
Xpdf Xpdf 1.0
Xpdf Xpdf 1.0a
Xpdf Xpdf 3.0 Pl2
Xpdf Xpdf 3.0 Pl3
Xpdf Xpdf 0.92
Xpdf Xpdf 0.93
Xpdf Xpdf 3.0
Xpdf Xpdf 3.0.1
Xpdf Xpdf 1.1
Xpdf Xpdf 2.0
Xpdf Xpdf 0.90
Xpdf Xpdf 0.91
Xpdf Xpdf 2.1
Xpdf Xpdf 2.2
Xpdf Xpdf 2.3
7.5
CVSSv2
CVE-2005-0064
Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and previous versions allows remote malicious users to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value.
Xpdf Xpdf 0.4
Xpdf Xpdf 0.5
Xpdf Xpdf 0.91
Xpdf Xpdf 0.91a
Xpdf Xpdf 0.92e
Xpdf Xpdf 0.93
Xpdf Xpdf 2.0
Xpdf Xpdf 2.1
Xpdf Xpdf 0.5a
Xpdf Xpdf 0.6
Xpdf Xpdf 0.91b
Xpdf Xpdf 0.91c
Xpdf Xpdf 0.93a
Xpdf Xpdf 0.93b
Xpdf Xpdf 2.2
Xpdf Xpdf 2.3
Xpdf Xpdf 0.7
Xpdf Xpdf 0.7a
Xpdf Xpdf 0.92
Xpdf Xpdf 0.92a
Xpdf Xpdf 0.93c
Xpdf Xpdf 1.0
7.6
CVSSv2
CVE-2006-1244
Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPa...
Libextractor Libextractor 0.3.8
Libextractor Libextractor 0.3.9
Xpdf Xpdf 0.92
Xpdf Xpdf 0.93
Xpdf Xpdf 1.0
Xpdf Xpdf 3.0
Xpdf Xpdf 3.0.1
Libextractor Libextractor 0.3.6
Libextractor Libextractor 0.3.7
Xpdf Xpdf 0.90
Xpdf Xpdf 0.91
Xpdf Xpdf 2.2
Xpdf Xpdf 2.3
Libextractor Libextractor 0.4
Libextractor Libextractor 0.4.1
Xpdf Xpdf 1.0a
Xpdf Xpdf 1.1
Xpdf Xpdf 3.0.1 Pl1
Xpdf Xpdf 3.0 Pl2
Gnome Gpdf 2.8.2
Libextractor Libextractor 0.3.11
Libextractor Libextractor 0.4.2
7.2
CVSSv2
CVE-2002-1384
Integer overflow in pdftops, as used in Xpdf 2.01 and previous versions, xpdf-i, and CUPS prior to 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf.
Easy Software Products Cups 1.0.4
Easy Software Products Cups 1.1.4
Easy Software Products Cups 1.1.4 2
Xpdf Xpdf 1.0a
Xpdf Xpdf 1.1
Easy Software Products Cups 1.0.4 8
Easy Software Products Cups 1.1.1
Easy Software Products Cups 1.1.4 3
Easy Software Products Cups 1.1.4 5
Xpdf Xpdf 2.0
Xpdf Xpdf 2.1
Easy Software Products Cups 1.1.10
Easy Software Products Cups 1.1.13
Easy Software Products Cups 1.1.6
Easy Software Products Cups 1.1.7
Xpdf Xpdf 0.90
Easy Software Products Cups 1.1.14
Easy Software Products Cups 1.1.17
Xpdf Xpdf 0.91
Xpdf Xpdf 1.0
10
CVSSv2
CVE-2004-0888
Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identifi...
Easy Software Products Cups 1.1.10
Easy Software Products Cups 1.1.12
Easy Software Products Cups 1.1.19
Easy Software Products Cups 1.1.19 Rc5
Gnome Gpdf 0.112
Gnome Gpdf 0.131
Kde Koffice 1.3 Beta3
Kde Kpdf 3.2
Pdftohtml Pdftohtml 0.36
Tetex Tetex 1.0.7
Xpdf Xpdf 1.0
Xpdf Xpdf 1.0a
Easy Software Products Cups 1.0.4
Easy Software Products Cups 1.1.15
Easy Software Products Cups 1.1.16
Easy Software Products Cups 1.1.4 2
Easy Software Products Cups 1.1.4 3
Kde Koffice 1.3.2
Kde Koffice 1.3.3
Pdftohtml Pdftohtml 0.33
Pdftohtml Pdftohtml 0.33a
Tetex Tetex 2.0.2
10
CVSSv2
CVE-2004-0889
Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.
Easy Software Products Cups 1.0.4
Easy Software Products Cups 1.1.12
Easy Software Products Cups 1.1.13
Easy Software Products Cups 1.1.19 Rc5
Easy Software Products Cups 1.1.20
Gnome Gpdf 0.131
Kde Koffice 1.3
Kde Kpdf 3.2
Pdftohtml Pdftohtml 0.32a
Tetex Tetex 1.0.7
Tetex Tetex 2.0
Xpdf Xpdf 1.0a
Xpdf Xpdf 1.1
Easy Software Products Cups 1.1.1
Easy Software Products Cups 1.1.10
Easy Software Products Cups 1.1.18
Easy Software Products Cups 1.1.19
Easy Software Products Cups 1.1.7
Gnome Gpdf 0.112
Kde Koffice 1.3 Beta2
Kde Koffice 1.3 Beta3
Pdftohtml Pdftohtml 0.35
7.5
CVSSv2
CVE-2005-0206
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
Easy Software Products Cups 1.0.4
Easy Software Products Cups 1.0.4 8
Easy Software Products Cups 1.1.1
Easy Software Products Cups 1.1.17
Easy Software Products Cups 1.1.18
Easy Software Products Cups 1.1.4 5
Easy Software Products Cups 1.1.6
Kde Koffice 1.3.3
Kde Koffice 1.3 Beta1
Pdftohtml Pdftohtml 0.33a
Pdftohtml Pdftohtml 0.34
Tetex Tetex 2.0.1
Tetex Tetex 2.0.2
Xpdf Xpdf 2.0
Xpdf Xpdf 2.1
Ascii Ptex 3.1.4
Cstex Cstetex 2.0.2
Easy Software Products Cups 1.1.15
Easy Software Products Cups 1.1.16
Easy Software Products Cups 1.1.4 2
Easy Software Products Cups 1.1.4 3
Kde Koffice 1.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started