Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Xpdf
(Xpdfreader)| Repositories | |
| #Vulnerabilities | 82 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-03-14 | CVE-2018-8103 | The JBIG2Stream::readGenericBitmap function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml. | Xpdf | 5.5 | ||
| 2018-03-14 | CVE-2018-8102 | The JBIG2MMRDecoder::getBlackCode function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launch denial of service (buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml. | Xpdf | 5.5 | ||
| 2018-03-14 | CVE-2018-8101 | The JPXStream::inverseTransformLevel function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml. | Xpdf | 5.5 | ||
| 2018-03-14 | CVE-2018-8100 | The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a specific pdf file, as demonstrated by pdftohtml. | Xpdf | 7.8 | ||
| 2018-02-24 | CVE-2018-7455 | An out-of-bounds read in JPXStream::readTilePart in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml. | Xpdf | 5.5 | ||
| 2018-02-24 | CVE-2018-7454 | A NULL pointer dereference in XFAForm::scanFields in XFAForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml. | Xpdf | 5.5 | ||
| 2018-02-24 | CVE-2018-7453 | Infinite recursion in AcroForm::scanField in AcroForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file due to lack of loop checking, as demonstrated by pdftohtml. | Xpdf | 5.5 | ||
| 2018-02-24 | CVE-2018-7452 | A NULL pointer dereference in JPXStream::fillReadBuf in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml. | Xpdf | 5.5 | ||
| 2018-02-15 | CVE-2018-7175 | An issue was discovered in xpdf 4.00. A NULL pointer dereference in readCodestream allows an attacker to cause denial of service via a JPX image with zero components. | Xpdf | 5.5 | ||
| 2018-02-15 | CVE-2018-7174 | An issue was discovered in xpdf 4.00. An infinite loop in XRef::Xref allows an attacker to cause denial of service because loop detection exists only for tables, not streams. | Xpdf | 5.5 |