Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xpdfreader xpdf 4.00 vulnerabilities and exploits
(subscribe to this query)
384
VMScore
CVE-2018-7453
Infinite recursion in AcroForm::scanField in AcroForm.cc in xpdf 4.00 allows malicious users to launch denial of service via a specific pdf file due to lack of loop checking, as demonstrated by pdftohtml.
Xpdfreader Xpdf 4.00
384
VMScore
CVE-2018-7454
A NULL pointer dereference in XFAForm::scanFields in XFAForm.cc in xpdf 4.00 allows malicious users to launch denial of service via a specific pdf file, as demonstrated by pdftohtml.
Xpdfreader Xpdf 4.00
384
VMScore
CVE-2018-7455
An out-of-bounds read in JPXStream::readTilePart in JPXStream.cc in xpdf 4.00 allows malicious users to launch denial of service via a specific pdf file, as demonstrated by pdftohtml.
Xpdfreader Xpdf 4.00
383
VMScore
CVE-2018-18650
An issue exists in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows malicious users to launch a denial of service (Integer Overflow) via a crafted /Size value in a pdf file, as demonstrated by pdftohtml. This is mainly caused by the program attempting a malloc operation for a la...
Xpdfreader Xpdf 4.00
383
VMScore
CVE-2018-18651
An issue exists in Xpdf 4.00. catalog->getNumPages() in AcroForm.cc allows malicious users to launch a denial of service (hang caused by large loop) via a specific pdf file, as demonstrated by pdftohtml. This is mainly caused by a large number after the /Count field in the fil...
Xpdfreader Xpdf 4.00
383
VMScore
CVE-2018-18454
CCITTFaxStream::readRow() in Stream.cc in Xpdf 4.00 allows remote malicious users to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.
Xpdfreader Xpdf 4.00
383
VMScore
CVE-2018-18455
The GfxImageColorMap class in GfxState.cc in Xpdf 4.00 allows remote malicious users to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.
Xpdfreader Xpdf 4.00
383
VMScore
CVE-2018-18456
The function Object::isName() in Object.h (called from Gfx::opSetFillColorN) in Xpdf 4.00 allows remote malicious users to cause a denial of service (stack-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.
Xpdfreader Xpdf 4.00
383
VMScore
CVE-2018-18457
The function DCTStream::readScan in Stream.cc in Xpdf 4.00 allows remote malicious users to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm.
Xpdfreader Xpdf 4.00
383
VMScore
CVE-2018-18458
The function DCTStream::decodeImage in Stream.cc in Xpdf 4.00 allows remote malicious users to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm.
Xpdfreader Xpdf 4.00
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »