Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xpdfreader vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2019-9878
There is an invalid memory access in the function GfxIndexedColorSpace::mapColorToBase() located in GfxState.cc in Xpdf 4.0.0, as used in pdfalto 0.2. It can be triggered by (for example) sending a crafted pdf file to the pdftops binary. It allows an malicious user to cause Denia...
Pdfalto Project Pdfalto 0.2
Xpdfreader Xpdf 4.0.0
6.8
CVSSv2
CVE-2019-9588
There is an Invalid memory access in gAtomicIncrement() located at GMutex.h in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an malicious user to cause Denial of Service (Segmentation fault) or possibly have unspecifie...
Glyphandcog Xpdfreader 4.01
6.8
CVSSv2
CVE-2019-9589
There is a NULL pointer dereference vulnerability in PSOutputDev::setupResources() located in PSOutputDev.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an malicious user to cause Denial of Service (Segmentation f...
Glyphandcog Xpdfreader 4.01
6.8
CVSSv2
CVE-2019-9587
There is a stack consumption issue in md5Round1() located in Decrypt.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdfimages binary. It allows an malicious user to cause Denial of Service (Segmentation fault) or possibly have unspecified ...
Glyphandcog Xpdfreader 4.01
4.3
CVSSv2
CVE-2018-18650
An issue exists in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows malicious users to launch a denial of service (Integer Overflow) via a crafted /Size value in a pdf file, as demonstrated by pdftohtml. This is mainly caused by the program attempting a malloc operation for a la...
Xpdfreader Xpdf 4.00
4.3
CVSSv2
CVE-2018-18651
An issue exists in Xpdf 4.00. catalog->getNumPages() in AcroForm.cc allows malicious users to launch a denial of service (hang caused by large loop) via a specific pdf file, as demonstrated by pdftohtml. This is mainly caused by a large number after the /Count field in the fil...
Xpdfreader Xpdf 4.00
4.3
CVSSv2
CVE-2018-18454
CCITTFaxStream::readRow() in Stream.cc in Xpdf 4.00 allows remote malicious users to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.
Xpdfreader Xpdf 4.00
4.3
CVSSv2
CVE-2018-18456
The function Object::isName() in Object.h (called from Gfx::opSetFillColorN) in Xpdf 4.00 allows remote malicious users to cause a denial of service (stack-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.
Xpdfreader Xpdf 4.00
4.3
CVSSv2
CVE-2018-18459
The function DCTStream::getBlock in Stream.cc in Xpdf 4.00 allows remote malicious users to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm.
Xpdfreader Xpdf 4.00
4.3
CVSSv2
CVE-2018-18455
The GfxImageColorMap class in GfxState.cc in Xpdf 4.00 allows remote malicious users to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.
Xpdfreader Xpdf 4.00
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »