pkg:Debian/xpdf
90 total CVEsHIGH2MEDIUM26
✅ Check your installed version
All known vulnerabilities
- HIGH7.8CVE-2018-11033The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in xpdf before 4.00 allows remote attackers to cause a denial of servic…from 0
- HIGH7.8CVE-2018-8100The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer overflow…from 0
- MEDIUM6.5CVE-2010-4653An integer overflow condition in poppler before 0.16.3 can occur when parsing CharCodes for fonts.from 0, < 3.02-9
- MEDIUM5.5CVE-2010-0207In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial of service (application crash) in xpdf-ba…from 0
- MEDIUM5.5CVE-2010-0206xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream obj…from 0
- MEDIUM5.5CVE-2018-18459The function DCTStream::getBlock in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference)…from 0
- MEDIUM5.5CVE-2018-18458The function DCTStream::decodeImage in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereferenc…from 0
- MEDIUM5.5CVE-2018-18457The function DCTStream::readScan in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference)…from 0
- MEDIUM5.5CVE-2018-18456The function Object::isName() in Object.h (called from Gfx::opSetFillColorN) in Xpdf 4.00 allows remote attackers to cause a denial of serv…from 0
- MEDIUM5.5CVE-2018-18455The GfxImageColorMap class in GfxState.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) v…from 0
- MEDIUM5.5CVE-2018-18454CCITTFaxStream::readRow() in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via…from 0
- MEDIUM5.5CVE-2018-16369XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (stack consumption) via a crafted pdf file, relate…from 0
- MEDIUM5.5CVE-2018-16368SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer ove…from 0
- MEDIUM5.5CVE-2018-8107The JPXStream::close function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and ap…from 0
- MEDIUM5.5CVE-2018-8106The JPXStream::readTilePartData function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-…from 0
- MEDIUM5.5CVE-2018-8105The JPXStream::fillReadBuf function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read…from 0
- MEDIUM5.5CVE-2018-8104The BufStream::lookChar function in Stream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and ap…from 0
- MEDIUM5.5CVE-2018-8103The JBIG2Stream::readGenericBitmap function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer…from 0
- MEDIUM5.5CVE-2018-8102The JBIG2MMRDecoder::getBlackCode function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launch denial of service (buffer over-read an…from 0
- MEDIUM5.5CVE-2018-8101The JPXStream::inverseTransformLevel function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer…from 0
- MEDIUM5.5CVE-2018-7455An out-of-bounds read in JPXStream::readTilePart in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific p…from 0
- MEDIUM5.5CVE-2018-7454A NULL pointer dereference in XFAForm::scanFields in XFAForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pd…from 0
- MEDIUM5.5CVE-2018-7453Infinite recursion in AcroForm::scanField in AcroForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file…from 0
- MEDIUM5.5CVE-2018-7452A NULL pointer dereference in JPXStream::fillReadBuf in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specif…from 0
- from 0
- from 0
- MEDIUM5.5CVE-2018-7173A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an attacker to cause denial of service via a specific file due to inappr…from 0
- MEDIUM5.3CVE-2011-2902zxpdf in xpdf before 3.02-19 as packaged in Debian unstable and 3.02-12+squeeze1 as packaged in Debian squeeze deletes temporary files inse…from 0, < 3.02-19
- —CVE-2013-4472The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 and earlier, when running on a system other than Unix, allows local us…from 0
- —CVE-2011-1554Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a…from 0, < 3.02-9
- —CVE-2011-1553Use-after-free vulnerability in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers…from 0, < 3.02-9
- —CVE-2011-1552t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, reads from invalid memory locations, which allows remot…from 0, < 3.02-9
- —CVE-2011-0764t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, uses an invalid pointer in conjunction with a dereferen…from 0, < 3.02-9
- —CVE-2010-3704The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up t…from 0, < 3.02-9
- —CVE-2010-3703The PostScriptFunction::PostScriptFunction function in poppler/Function.cc in the PDF parser in poppler 0.8.7 and possibly other versions u…from 0, < 3.02-9
- from 0, < 3.02-1.4+lenny3
- from 0, < 3.02-9
- —CVE-2009-4035The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and v…from 0, < 3.01-1
- —CVE-2009-3609Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, k…from 0, < 3.02-2
- —CVE-2009-3608Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPd…from 0, < 3.02-2
- —CVE-2009-3606Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allo…from 0, < 3.02-2
- —CVE-2009-3604The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does…from 0, < 3.02-2
- —CVE-2009-3603Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attacke…from 0, < 3.02-2
- from 0, < 3.02-1.4+lenny2
- from 0, < 3.02-2
- —CVE-2009-0165Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X, has uns…from 0, < 3.02-1.4+lenny1
- —CVE-2009-1183The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attacker…from 0, < 3.02-1.4+lenny1
- —CVE-2009-1182Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other pr…from 0, < 3.02-1.4+lenny1
- —CVE-2009-1181The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to…from 0, < 3.02-1.4+lenny1
- —CVE-2009-1180The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to…from 0, < 3.02-1.4+lenny1
- —CVE-2009-1179Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows…from 0, < 3.02-1.4+lenny1
- —CVE-2009-0800Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and othe…from 0, < 3.02-1.4+lenny1
- —CVE-2009-0799The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to…from 0, < 3.02-1.4+lenny1
- —CVE-2009-0195Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execute arbitra…from 0, < 3.02-1.4+lenny1
- —CVE-2009-0166The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of serv…from 0, < 3.02-1.4+lenny1
- —CVE-2009-0147Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attack…from 0, < 3.02-1.4+lenny1
- from 0, < 3.02-1.4+lenny1
- from 0, < 3.01-9.1+etch6
- from 0, < 3.01-9.1+etch3
- from 0, < 3.02
- —CVE-2007-5392Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a c…from 0, < 3.02-1.3
- from 0, < 3.01-9.1+etch2
- from 0, < 3.02-1.3
- from 0, < 3.02-1.3
- from 0, < 3.01-9etch1
- from 0, < 3.02-1.1
- —CVE-2007-0104The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and othe…from 0, < 3.02
- from 0, < 3.00-13.5
- from 0, < 3.01-6
- —CVE-2005-3626Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial…from 0, < 3.01-4
- —CVE-2005-3625Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial…from 0, < 3.01-4
- —CVE-2005-3628Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, popp…from 0, < 3.01-4
- —CVE-2005-3627Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to m…from 0, < 3.01-4
- —CVE-2005-3624The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others al…from 0, < 3.01-4
- from 0, < 3.01-3
- from 0, < 1.00-3.8
- from 0, < 3.01-3
- —CVE-2005-3193Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier…from 0, < 3.01-3
- from 0, < 3.00-15
- from 0, < 3.00-13.6
- from 0, < 3.00-13
- from 0, < 1.00-3.4
- from 0, < 1.00-3.2
- from 0, < 3.00-9
- —CVE-2004-0889Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of ser…from 0, < 3.00-10
- from 0, < 3.00-11
- from 0, < 1.00-3.3
- —CVE-2003-0434Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metac…from 0, < 2.02pl1-1
- from 0, < 2.01-2
- from 0, < 1.00-3.1