Download
| Alert*
oval:org.secpod.oval:def:89045847
This update for poppler fixes the following issues: - CVE-2017-18267: Fixed an infinite recursion that would allow remote attackers to cause a denial of service . - CVE-2018-13988: Added an improper implementation check which otherwise could allow buffer overflows, memory corruption, and denial of s ... oval:org.secpod.oval:def:1601043 XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service via a crafted PDF document, when XRefEntry::setFlag in XRef.h is called from Parser::makeStream in Parser.cc.In Poppler 0.68.0, the Parser::getObj function in ... oval:org.secpod.oval:def:2000780 In Poppler 0.68.0, the Parser::getObj function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. oval:org.secpod.oval:def:115699 MinGW Windows Poppler library. oval:org.secpod.oval:def:51176 poppler: PDF rendering library Several security issues were fixed in poppler. oval:org.secpod.oval:def:51544 poppler: PDF rendering library Several security issues were fixed in poppler. oval:org.secpod.oval:def:704414 poppler: PDF rendering library Several security issues were fixed in poppler. oval:org.secpod.oval:def:49256 poppler: PDF rendering library Several security issues were fixed in poppler. oval:org.secpod.oval:def:115691 MinGW Windows Poppler library. oval:org.secpod.oval:def:503299 Poppler is a Portable Document Format rendering library, used by applications such as Evince or Okular. Security Fix: * poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc * poppler: heap-based buffer overflow in function ImageStream::getLine in Stream.cc * poppler: infinite recursi ... oval:org.secpod.oval:def:205250 Poppler is a Portable Document Format rendering library, used by applications such as Evince or Okular. Security Fix: * poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc * poppler: heap-based buffer overflow in function ImageStream::getLine in Stream.cc * poppler: infinite recursi ... oval:org.secpod.oval:def:205317 Poppler is a Portable Document Format rendering library, used by applications such as Evince or Okular. Security Fix: * poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc * poppler: heap-based buffer overflow in function ImageStream::getLine in Stream.cc * poppler: infinite recursi ... oval:org.secpod.oval:def:205288 Poppler is a Portable Document Format rendering library, used by applications such as Evince or Okular. Security Fix: * poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc * poppler: heap-based buffer overflow in function ImageStream::getLine in Stream.cc * poppler: infinite recursi ... oval:org.secpod.oval:def:1504089 evince [3.28.2-8] - Do not free EvDocumentInfo in ev_window_save_print_settings, - it is freed in EvDocuments destructor - Resolves: #1541358 [3.28.2-7] - Do not store page-scaling for documents with enforced - page-scaling - Resolves: #1541358 [3.28.2-6] - Use PrintScaling preference stored in PDFs ... oval:org.secpod.oval:def:1700243 In Poppler 0.68.0, the Parser::getObj function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack.An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by p ... oval:org.secpod.oval:def:89049132 This update for poppler fixes the following issues: * CVE-2022-27337: Fixed a logic error in the Hints::Hints function which can cause denial of service . * CVE-2018-21009: Fixed integer overflow in Parser:makeStream in Parser.cc . * CVE-2019-12293: Fixed heap-based buffer over-read in JPXStream:ini ... |