Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xpdfreader xpdf vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2018-18456
The function Object::isName() in Object.h (called from Gfx::opSetFillColorN) in Xpdf 4.00 allows remote malicious users to cause a denial of service (stack-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.
Xpdfreader Xpdf 4.00
383
VMScore
CVE-2018-18457
The function DCTStream::readScan in Stream.cc in Xpdf 4.00 allows remote malicious users to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm.
Xpdfreader Xpdf 4.00
383
VMScore
CVE-2018-18458
The function DCTStream::decodeImage in Stream.cc in Xpdf 4.00 allows remote malicious users to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm.
Xpdfreader Xpdf 4.00
383
VMScore
CVE-2018-18459
The function DCTStream::getBlock in Stream.cc in Xpdf 4.00 allows remote malicious users to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm.
Xpdfreader Xpdf 4.00
383
VMScore
CVE-2018-18650
An issue exists in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows malicious users to launch a denial of service (Integer Overflow) via a crafted /Size value in a pdf file, as demonstrated by pdftohtml. This is mainly caused by the program attempting a malloc operation for a la...
Xpdfreader Xpdf 4.00
383
VMScore
CVE-2018-18651
An issue exists in Xpdf 4.00. catalog->getNumPages() in AcroForm.cc allows malicious users to launch a denial of service (hang caused by large loop) via a specific pdf file, as demonstrated by pdftohtml. This is mainly caused by a large number after the /Count field in the fil...
Xpdfreader Xpdf 4.00
384
VMScore
CVE-2018-7452
A NULL pointer dereference in JPXStream::fillReadBuf in JPXStream.cc in xpdf 4.00 allows malicious users to launch denial of service via a specific pdf file, as demonstrated by pdftohtml.
Xpdfreader Xpdf 4.00
384
VMScore
CVE-2018-7453
Infinite recursion in AcroForm::scanField in AcroForm.cc in xpdf 4.00 allows malicious users to launch denial of service via a specific pdf file due to lack of loop checking, as demonstrated by pdftohtml.
Xpdfreader Xpdf 4.00
384
VMScore
CVE-2018-7454
A NULL pointer dereference in XFAForm::scanFields in XFAForm.cc in xpdf 4.00 allows malicious users to launch denial of service via a specific pdf file, as demonstrated by pdftohtml.
Xpdfreader Xpdf 4.00
384
VMScore
CVE-2018-7455
An out-of-bounds read in JPXStream::readTilePart in JPXStream.cc in xpdf 4.00 allows malicious users to launch denial of service via a specific pdf file, as demonstrated by pdftohtml.
Xpdfreader Xpdf 4.00
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »