Search CVE reports
41 – 45 of 45 results
CVE-2005-0064
Unknown priorityBuffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value.
8 affected packages
cupsys, gpdf, kdegraphics, koffice, libextractor...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cupsys | — | — | — | — | — |
| gpdf | — | — | — | — | — |
| kdegraphics | — | — | — | — | — |
| koffice | — | — | — | — | — |
| libextractor | — | — | — | — | — |
| pdftohtml | — | — | — | — | — |
| tetex-bin | — | — | — | — | — |
| xpdf | — | — | — | — | — |
CVE-2005-0206
Unknown priorityThe patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
3 affected packages
cupsys, tetex-bin, xpdf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cupsys | — | — | — | — | — |
| tetex-bin | — | — | — | — | — |
| xpdf | — | — | — | — | — |
CVE-2004-0888
Unknown priorityMultiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code,...
6 affected packages
cupsys, gpdf, kdegraphics, koffice, pdftohtml, tetex-bin
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cupsys | — | — | — | — | — |
| gpdf | — | — | — | — | — |
| kdegraphics | — | — | — | — | — |
| koffice | — | — | — | — | — |
| pdftohtml | — | — | — | — | — |
| tetex-bin | — | — | — | — | — |
CVE-2004-1125
Unknown priorityBuffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service...
7 affected packages
cupsys, gpdf, kdegraphics, koffice, pdftohtml...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cupsys | — | — | — | — | — |
| gpdf | — | — | — | — | — |
| kdegraphics | — | — | — | — | — |
| koffice | — | — | — | — | — |
| pdftohtml | — | — | — | — | — |
| tetex-bin | — | — | — | — | — |
| xpdf | — | — | — | — | — |
CVE-2004-1336
Unknown priorityThe xdvizilla script in tetex-bin 2.0.2 creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack.
1 affected package
tetex-bin
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| tetex-bin | — | — | — | — | — |