CVE search results

181 – 190 of 197 results

Detailed view

Sort by:

CVE-2009-0755

Low priority

Some fixes available 2 of 3

The FormWidgetChoice::loadDefaults function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file with an invalid Form Opt entry.

1 affected packages

poppler

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
poppler	—	—	—	—	—

CVE-2008-2950

Low priority

Some fixes available 2 of 13

The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and earlier deletes a pageWidgets object even if it is not initialized by a Page constructor, which allows remote attackers to execute arbitrary code via a crafted PDF document.

11 affected packages

gpdf, ipe, kdegraphics, koffice, libextractor...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
gpdf	—	—	—	—	—
ipe	—	—	—	—	—
kdegraphics	—	—	—	—	—
koffice	—	—	—	—	—
libextractor	—	—	—	—	—
pdfkit.framework	—	—	—	—	—
pdftohtml	—	—	—	—	—
poppler	—	—	—	—	—
tetex-bin	—	—	—	—	—
texlive-bin	—	—	—	—	—
xpdf	—	—	—	—	—

CVE-2008-1693

Medium priority

Some fixes available 10 of 26

The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote...

11 affected packages

gpdf, ipe, kdegraphics, koffice, libextractor...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
gpdf	—	—	—	—	—
ipe	—	—	—	—	—
kdegraphics	—	—	—	—	—
koffice	—	—	—	—	—
libextractor	—	—	—	—	—
pdfkit.framework	—	—	—	—	—
pdftohtml	—	—	—	—	—
poppler	—	—	—	—	—
tetex-bin	—	—	—	—	—
texlive-bin	—	—	—	—	—
xpdf	—	—	—	—	—

CVE-2007-5393

Medium priority

Some fixes available 25 of 36

Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter.

13 affected packages

cups, cupsys, gpdf, ipe, kdegraphics...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
cups	—	—	—	—	—
cupsys	—	—	—	—	—
gpdf	—	—	—	—	—
ipe	—	—	—	—	—
kdegraphics	—	—	—	—	—
koffice	—	—	—	—	—
libextractor	—	—	—	—	—
pdfkit.framework	—	—	—	—	—
pdftohtml	—	—	—	—	—
poppler	—	—	—	—	—
tetex-bin	—	—	—	—	—
texlive-bin	—	—	—	—	—
xpdf	—	—	—	—	—

CVE-2007-5392

Medium priority

Some fixes available 25 of 36

Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow.

13 affected packages

cups, cupsys, gpdf, ipe, kdegraphics...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
cups	—	—	—	—	—
cupsys	—	—	—	—	—
gpdf	—	—	—	—	—
ipe	—	—	—	—	—
kdegraphics	—	—	—	—	—
koffice	—	—	—	—	—
libextractor	—	—	—	—	—
pdfkit.framework	—	—	—	—	—
pdftohtml	—	—	—	—	—
poppler	—	—	—	—	—
tetex-bin	—	—	—	—	—
texlive-bin	—	—	—	—	—
xpdf	—	—	—	—	—

CVE-2007-4352

Medium priority

Some fixes available 25 of 36

Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and...

13 affected packages

cups, cupsys, gpdf, ipe, kdegraphics...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
cups	—	—	—	—	—
cupsys	—	—	—	—	—
gpdf	—	—	—	—	—
ipe	—	—	—	—	—
kdegraphics	—	—	—	—	—
koffice	—	—	—	—	—
libextractor	—	—	—	—	—
pdfkit.framework	—	—	—	—	—
pdftohtml	—	—	—	—	—
poppler	—	—	—	—	—
tetex-bin	—	—	—	—	—
texlive-bin	—	—	—	—	—
xpdf	—	—	—	—	—

CVE-2007-3387

Unknown priority

Some fixes available 21 of 24

Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote...

4 affected packages

kdegraphics, koffice, poppler, xpdf

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
kdegraphics	—	—	—	—	—
koffice	—	—	—	—	—
poppler	—	—	—	—	—
xpdf	—	—	—	—	—

CVE-2007-0104

Unknown priority

Fixed

The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of...

5 affected packages

kdegraphics, koffice, poppler, tetex-bin, xpdf

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
kdegraphics	—	—	—	—	—
koffice	—	—	—	—	—
poppler	—	—	—	—	—
tetex-bin	—	—	—	—	—
xpdf	—	—	—	—	—

CVE-2006-1244

Unknown priority

Some fixes available 4 of 5

Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors,...

6 affected packages

cupsys, gpdf, kdegraphics, koffice, poppler, tetex-bin

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
cupsys	—	—	—	—	—
gpdf	—	—	—	—	—
kdegraphics	—	—	—	—	—
koffice	—	—	—	—	—
poppler	—	—	—	—	—
tetex-bin	—	—	—	—	—

CVE-2006-0301

Unknown priority

Some fixes available 13 of 14

Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly...

6 affected packages

gpdf, kdegraphics, libextractor, pdftohtml, poppler, xpdf

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
gpdf	—	—	—	—	—
kdegraphics	—	—	—	—	—
libextractor	—	—	—	—	—
pdftohtml	—	—	—	—	—
poppler	—	—	—	—	—
xpdf	—	—	—	—	—

Export to JSON

Results by page:

Search CVE reports