Download
| Alert*
oval:org.secpod.oval:def:704615
libpoppler-dev is installed oval:org.secpod.oval:def:610111 Two vulnerabilities were discovered in poppler, a PDF rendering library, which could result in denial of service or the execution of arbitrary code if a malformed PDF file or JBIG2 image is processed. oval:org.secpod.oval:def:88590 poppler: PDF rendering library poppler could be made to crash or execute arbitrary code if received a specially crafted PDF. oval:org.secpod.oval:def:92531 poppler: PDF rendering library poppler could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:1901751 An issue was discovered in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for x Bresenham parameters. oval:org.secpod.oval:def:1901752 An issue was discovered in Xpdf 4.01.01. There is a NULL pointer dereference in the function Gfx::opSetExtGState in Gfx.cc. oval:org.secpod.oval:def:1901757 An issue was discovered in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for y Bresenham parameters. oval:org.secpod.oval:def:1901749 An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nBits. oval:org.secpod.oval:def:1901823 FontInfoScanner::scanFonts in FontInfo.cc in Poppler 0.75.0 has infinite recursion, leading to a call to the error function in Error.cc. oval:org.secpod.oval:def:1900144 In libpoppler-dev 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service by crafting a PDF file in which an xref data structure is mishandled during extract PDFSubtype processing. oval:org.secpod.oval:def:1902102 Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsample_row_box_filter function. oval:org.secpod.oval:def:1901755 PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find located at Dict.cc, which can be triggered by passing a crafted pdf file to the pdfunite binary. oval:org.secpod.oval:def:1901762 An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nComps. oval:org.secpod.oval:def:1901761 An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpMod case. oval:org.secpod.oval:def:1902099 An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function Splash::blitTransparent at splash/Splash.cc. oval:org.secpod.oval:def:1902111 An issue was discovered in Poppler 0.74.0. There is a NULL pointer dereference in the function SplashClip::clipAALine at splash/SplashClip.cc. oval:org.secpod.oval:def:1901744 An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PSOutputDev::checkPageSlice at PSOutputDev.cc for nStripes. oval:org.secpod.oval:def:1901743 An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpIdiv case. oval:org.secpod.oval:def:1900414 The function GfxImageColorMap::getGray in GfxState.cc in libpoppler-dev 0.54.0allows remote attackers to cause a denial of service via a crafted PDF document, related to missing color-map validation in Image OutputDev.cc. oval:org.secpod.oval:def:1900071 An issue was discovered in libpoppler-dev 0.71.0. There is a memory leak inGfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftolibcairo2-dev. oval:org.secpod.oval:def:1902095 In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths. oval:org.secpod.oval:def:708366 poppler: PDF rendering library Several security issues were fixed in poppler. oval:org.secpod.oval:def:95001 poppler: PDF rendering library Several security issues were fixed in poppler. oval:org.secpod.oval:def:96467 poppler: PDF rendering library Several security issues were fixed in poppler. oval:org.secpod.oval:def:96490 poppler: PDF rendering library Several security issues were fixed in poppler. oval:org.secpod.oval:def:708343 poppler: PDF rendering library poppler could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:92532 poppler: PDF rendering library poppler could be made to crash if it opened a specially crafted file. |