Search CVE reports
171 – 180 of 184 results
CVE-2009-0166
Medium prioritySome fixes available 35 of 78
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory.
14 affected packages
cups, cupsys, evince, gpdf, ipe...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cups | — | Not affected | Not affected | Not affected | Not affected |
| cupsys | — | Not in release | Not in release | Not in release | Not in release |
| evince | — | Not affected | Not affected | Not affected | Not affected |
| gpdf | — | Not in release | Not in release | Not in release | Not in release |
| ipe | — | Not affected | Not affected | Not affected | Not affected |
| kdegraphics | — | Not in release | Not in release | Not in release | Not in release |
| koffice | — | Not in release | Not in release | Not in release | Not in release |
| libextractor | — | Not affected | Not affected | Not affected | Not affected |
| pdfkit.framework | — | Not in release | Not in release | Not in release | Not in release |
| pdftohtml | — | Not in release | Not in release | Not in release | Not in release |
| poppler | — | Fixed | Fixed | Fixed | Fixed |
| tetex-bin | — | Not in release | Not in release | Not in release | Not in release |
| texlive-bin | — | Not affected | Not affected | Not affected | Not affected |
| xpdf | — | Not affected | Not in release | Not affected | Not affected |
CVE-2009-0165
Low prioritySome fixes available 2 of 37
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X, has unspecified impact, related to "g*allocn."
11 affected packages
gpdf, ipe, kdegraphics, koffice, libextractor...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gpdf | — | Not in release | Not in release | Not in release | Not in release |
| ipe | — | Not affected | Not affected | Not affected | Not affected |
| kdegraphics | — | Not in release | Not in release | Not in release | Not in release |
| koffice | — | Not in release | Not in release | Not in release | Not in release |
| libextractor | — | Not affected | Not affected | Not affected | Not affected |
| pdfkit.framework | — | Not in release | Not in release | Not in release | Not in release |
| pdftohtml | — | Not in release | Not in release | Not in release | Not in release |
| poppler | — | Not affected | Not affected | Not affected | Not affected |
| tetex-bin | — | Not in release | Not in release | Not in release | Not in release |
| texlive-bin | — | Not affected | Not affected | Not affected | Not affected |
| xpdf | — | Not affected | Not in release | Not affected | Not affected |
CVE-2009-0147
Medium prioritySome fixes available 21 of 58
Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to...
14 affected packages
cups, cupsys, evince, gpdf, ipe...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cups | — | — | — | — | Not affected |
| cupsys | — | — | — | — | Not in release |
| evince | — | — | — | — | Not affected |
| gpdf | — | — | — | — | Not in release |
| ipe | — | — | — | — | Not affected |
| kdegraphics | — | — | — | — | Not in release |
| koffice | — | — | — | — | Not in release |
| libextractor | — | — | — | — | Not affected |
| pdfkit.framework | — | — | — | — | Not in release |
| pdftohtml | — | — | — | — | Not in release |
| poppler | — | — | — | — | Fixed |
| tetex-bin | — | — | — | — | Not in release |
| texlive-bin | — | — | — | — | Not affected |
| xpdf | — | — | — | — | Not affected |
CVE-2009-0146
Medium prioritySome fixes available 21 of 51
Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to...
14 affected packages
cups, cupsys, evince, gpdf, ipe...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cups | — | — | — | — | Not affected |
| cupsys | — | — | — | — | Not in release |
| evince | — | — | — | — | Not affected |
| gpdf | — | — | — | — | Not in release |
| ipe | — | — | — | — | Not affected |
| kdegraphics | — | — | — | — | Not in release |
| koffice | — | — | — | — | Not in release |
| libextractor | — | — | — | — | Not affected |
| pdfkit.framework | — | — | — | — | Not in release |
| pdftohtml | — | — | — | — | Not in release |
| poppler | — | — | — | — | Fixed |
| tetex-bin | — | — | — | — | Not in release |
| texlive-bin | — | — | — | — | Not affected |
| xpdf | — | — | — | — | Not affected |
CVE-2009-1284
Low prioritySome fixes available 3 of 5
Buffer overflow in BibTeX 0.99 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a long .bib bibliography file.
1 affected packages
texlive-bin
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| texlive-bin | — | — | — | — | — |
CVE-2008-2950
Low prioritySome fixes available 2 of 13
The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and earlier deletes a pageWidgets object even if it is not initialized by a Page constructor, which allows remote attackers to execute arbitrary code via a crafted PDF document.
11 affected packages
gpdf, ipe, kdegraphics, koffice, libextractor...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gpdf | — | — | — | — | — |
| ipe | — | — | — | — | — |
| kdegraphics | — | — | — | — | — |
| koffice | — | — | — | — | — |
| libextractor | — | — | — | — | — |
| pdfkit.framework | — | — | — | — | — |
| pdftohtml | — | — | — | — | — |
| poppler | — | — | — | — | — |
| tetex-bin | — | — | — | — | — |
| texlive-bin | — | — | — | — | — |
| xpdf | — | — | — | — | — |
CVE-2008-1693
Medium prioritySome fixes available 10 of 26
The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote...
11 affected packages
gpdf, ipe, kdegraphics, koffice, libextractor...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gpdf | — | — | — | — | — |
| ipe | — | — | — | — | — |
| kdegraphics | — | — | — | — | — |
| koffice | — | — | — | — | — |
| libextractor | — | — | — | — | — |
| pdfkit.framework | — | — | — | — | — |
| pdftohtml | — | — | — | — | — |
| poppler | — | — | — | — | — |
| tetex-bin | — | — | — | — | — |
| texlive-bin | — | — | — | — | — |
| xpdf | — | — | — | — | — |
CVE-2007-5937
Medium prioritySome fixes available 4 of 6
Multiple buffer overflows in dvi2xx.c in dviljk in teTeX and TeXlive 2007 and earlier might allow user-assisted attackers to execute arbitrary code via a crafted DVI input file.
2 affected packages
tetex-bin, texlive-bin
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| tetex-bin | — | — | — | — | — |
| texlive-bin | — | — | — | — | — |
CVE-2007-5936
Low prioritySome fixes available 4 of 6
dvips in teTeX and TeXlive 2007 and earlier allows local users to obtain sensitive information and modify certain data by creating certain temporary files before they are processed by dviljk, which can then be read or modified in place.
2 affected packages
tetex-bin, texlive-bin
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| tetex-bin | — | — | — | — | — |
| texlive-bin | — | — | — | — | — |
CVE-2007-5935
Medium prioritySome fixes available 4 of 6
Stack-based buffer overflow in hpc.c in dvips in teTeX and TeXlive 2007 and earlier allows user-assisted attackers to execute arbitrary code via a DVI file with a long href tag.
2 affected packages
tetex-bin, texlive-bin
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| tetex-bin | — | — | — | — | — |
| texlive-bin | — | — | — | — | — |