Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
glyphandcog xpdfreader 4.01.01 vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv3
CVE-2019-12515
There is an out-of-bounds read vulnerability in the function FlateStream::getChar() located at Stream.cc in Xpdf 4.01.01. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an malicious user to cause Information Disclosure or ...
Glyphandcog Xpdfreader 4.01.01
5.5
CVSSv3
CVE-2019-13287
In Xpdf 4.01.01, there is an out-of-bounds read vulnerability in the function SplashXPath::strokeAdjust() located at splash/SplashXPath.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an malicious user to cause Informat...
Glyphandcog Xpdfreader 4.01.01
5.5
CVSSv3
CVE-2019-13288
In Xpdf 4.01.01, the Parser::getObj() function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. This is similar to CVE-2018-16646.
Glyphandcog Xpdfreader 4.01.01
2 Github repositories
7.8
CVSSv3
CVE-2019-14288
An issue exists in Xpdf 4.01.01. There is an Integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "one byte per line" case.
Glyphandcog Xpdfreader 4.01.01
5.5
CVSSv3
CVE-2019-14289
An issue exists in Xpdf 4.01.01. There is an integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "multiple bytes per line" case.
Glyphandcog Xpdfreader 4.01.01
7.8
CVSSv3
CVE-2019-16115
In Xpdf 4.01.01, a stack-based buffer under-read could be triggered in IdentityFunction::transform in Function.cc, used by GfxAxialShading::getColor. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It allows an malicious user to use a cra...
Glyphandcog Xpdfreader 4.01.01
7.8
CVSSv3
CVE-2019-13282
In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in SampledFunction::transform in Function.cc when using a large index for samples. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an malicious user to use a cra...
Glyphandcog Xpdfreader 4.01.01
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
5.5
CVSSv3
CVE-2019-13286
In Xpdf 4.01.01, there is a heap-based buffer over-read in the function JBIG2Stream::readTextRegionSeg() located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an malicious user to cause Information Disc...
Glyphandcog Xpdfreader 4.01.01
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
7.8
CVSSv3
CVE-2019-12957
In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToType1 in fofi/FoFiType1C.cc when the index number is larger than the charset array bounds. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It allows an maliciou...
Glyphandcog Xpdfreader 4.01.01
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
7.8
CVSSv3
CVE-2019-13281
In Xpdf 4.01.01, a heap-based buffer overflow could be triggered in DCTStream::decodeImage() in Stream.cc when writing to frameBuf memory. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an malicious user to use a crafted pdf f...
Glyphandcog Xpdfreader 4.01.01
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »