Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xpdfreader vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-18457
The function DCTStream::readScan in Stream.cc in Xpdf 4.00 allows remote malicious users to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm.
Xpdfreader Xpdf 4.00
4.3
CVSSv2
CVE-2018-18458
The function DCTStream::decodeImage in Stream.cc in Xpdf 4.00 allows remote malicious users to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm.
Xpdfreader Xpdf 4.00
4.3
CVSSv2
CVE-2018-16368
SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00 allows remote malicious users to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.
Xpdfreader Xpdf 4.00
4.3
CVSSv2
CVE-2018-16369
XRef::fetch in XRef.cc in Xpdf 4.00 allows remote malicious users to cause a denial of service (stack consumption) via a crafted pdf file, related to AcroForm::scanField, as demonstrated by pdftohtml. NOTE: this might overlap CVE-2018-7453.
Xpdfreader Xpdf 4.00
6.8
CVSSv2
CVE-2018-11033
The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in xpdf prior to 4.00 allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JPEG data.
Xpdfreader Xpdf 4.00
4.3
CVSSv2
CVE-2018-8106
The JPXStream::readTilePartData function in JPXStream.cc in xpdf 4.00 allows malicious users to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.
Xpdfreader Xpdf 4.00
4.3
CVSSv2
CVE-2018-8107
The JPXStream::close function in JPXStream.cc in xpdf 4.00 allows malicious users to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.
Xpdfreader Xpdf 4.00
6.8
CVSSv2
CVE-2018-8100
The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00 allows malicious users to launch denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a specific pdf file, as demonstrated by pdftohtml.
Xpdfreader Xpdf 4.00
4.3
CVSSv2
CVE-2018-8101
The JPXStream::inverseTransformLevel function in JPXStream.cc in xpdf 4.00 allows malicious users to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.
Xpdfreader Xpdf 4.00
4.3
CVSSv2
CVE-2018-8102
The JBIG2MMRDecoder::getBlackCode function in JBIG2Stream.cc in xpdf 4.00 allows malicious users to launch denial of service (buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.
Xpdfreader Xpdf 4.00
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »