The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf prior to 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
poppler poppler 0.9.0 |
||
poppler poppler 0.9.1 |
||
poppler poppler 0.10.4 |
||
poppler poppler 0.10.5 |
||
poppler poppler 0.12.0 |
||
poppler poppler 0.12.1 |
||
poppler poppler 0.13.3 |
||
poppler poppler 0.13.4 |
||
poppler poppler 0.15.1 |
||
poppler poppler 0.10.0 |
||
poppler poppler 0.10.1 |
||
poppler poppler 0.11.0 |
||
poppler poppler 0.11.1 |
||
poppler poppler 0.12.4 |
||
poppler poppler 0.13.0 |
||
poppler poppler 0.14.3 |
||
poppler poppler 0.14.4 |
||
poppler poppler 0.10.2 |
||
poppler poppler 0.10.3 |
||
poppler poppler 0.11.2 |
||
poppler poppler 0.11.3 |
||
poppler poppler 0.13.1 |
||
poppler poppler 0.13.2 |
||
poppler poppler 0.14.5 |
||
poppler poppler 0.15.0 |
||
poppler poppler 0.9.2 |
||
poppler poppler 0.9.3 |
||
poppler poppler 0.8.7 |
||
poppler poppler 0.10.6 |
||
poppler poppler 0.10.7 |
||
poppler poppler 0.12.2 |
||
poppler poppler 0.12.3 |
||
poppler poppler 0.14.0 |
||
poppler poppler 0.14.1 |
||
poppler poppler 0.14.2 |
||
foolabs xpdf 0.7a |
||
glyphandcog xpdfreader 0.92 |
||
glyphandcog xpdfreader 0.7 |
||
glyphandcog xpdfreader 0.6 |
||
foolabs xpdf 0.5a |
||
glyphandcog xpdfreader 2.03 |
||
glyphandcog xpdfreader 2.00 |
||
foolabs xpdf 0.93b |
||
foolabs xpdf 0.92e |
||
foolabs xpdf 3.0.1 |
||
foolabs xpdf 0.91a |
||
foolabs xpdf 0.91b |
||
glyphandcog xpdfreader 0.4 |
||
glyphandcog xpdfreader 1.01 |
||
foolabs xpdf 0.93c |
||
foolabs xpdf 0.92d |
||
foolabs xpdf 0.92a |
||
glyphandcog xpdfreader 3.00 |
||
foolabs xpdf 3.02pl2 |
||
glyphandcog xpdfreader 0.90 |
||
glyphandcog xpdfreader 0.80 |
||
glyphandcog xpdfreader 0.3 |
||
glyphandcog xpdfreader 0.2 |
||
foolabs xpdf 1.00a |
||
glyphandcog xpdfreader 2.02 |
||
foolabs xpdf 0.92b |
||
foolabs xpdf 0.93a |
||
foolabs xpdf 3.02pl3 |
||
glyphandcog xpdfreader |
||
kde kdegraphics |
||
glyphandcog xpdfreader 3.01 |
||
foolabs xpdf 3.02pl1 |
||
glyphandcog xpdfreader 0.91 |
||
foolabs xpdf 0.91c |
||
glyphandcog xpdfreader 0.5 |
||
glyphandcog xpdfreader 1.00 |
||
glyphandcog xpdfreader 2.01 |
||
foolabs xpdf 0.92c |
||
glyphandcog xpdfreader 0.93 |
||
glyphandcog xpdfreader 3.02 |
Vulmon