Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xpdfreader xpdf 4.04 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-43295
XPDF v4.04 exists to contain a stack overflow via the function FileStream::copy() at xpdf/Stream.cc:795.
Xpdfreader Xpdf 4.04
NA
CVE-2022-43071
A stack overflow in the Catalog::readPageLabelTree2(Object*) function of XPDF v4.04 allows malicious users to cause a Denial of Service (DoS) via a crafted PDF file.
Xpdfreader Xpdf 4.04
4.3
CVSSv2
CVE-2022-30775
xpdf 4.04 allocates excessive memory when presented with crafted input. This can be triggered by (for example) sending a crafted PDF document to the pdftoppm binary. It is most easily reproduced with the DCMAKE_CXX_COMPILER=afl-clang-fast++ option.
Xpdfreader Xpdf 4.04
NA
CVE-2022-36561
XPDF v4.0.4 exists to contain a segmentation violation via the component /xpdf/AcroForm.cc:538.
Xpdfreader Xpdf 4.04
NA
CVE-2022-38171
Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIG2Stream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability...
Xpdfreader Xpdf 4.04
Freedesktop Poppler
1 Github repository
NA
CVE-2023-2662
In Xpdf 4.04 (and previous versions), a bad color space object in the input PDF file can cause a divide-by-zero.
Xpdfreader Xpdf
NA
CVE-2023-2663
In Xpdf 4.04 (and previous versions), a PDF object loop in the page label tree leads to infinite recursion and a stack overflow.
Xpdfreader Xpdf
NA
CVE-2023-2664
In Xpdf 4.04 (and previous versions), a PDF object loop in the embedded file tree leads to infinite recursion and a stack overflow.
Xpdfreader Xpdf
NA
CVE-2022-24107
Xpdf before 4.04 lacked an integer overflow check in JPXStream.cc.
Glyphandcog Xpdfreader
NA
CVE-2022-24106
In Xpdf before 4.04, the DCT (JPEG) decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc.
Glyphandcog Xpdfreader
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2