Search CVE reports
201 – 205 of 205 results
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode...
6 affected packages
cupsys, gpdf, kdegraphics, koffice, poppler, tetex-bin
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| cupsys | — | — | — | — |
| gpdf | — | — | — | — |
| kdegraphics | — | — | — | — |
| koffice | — | — | — | — |
| poppler | — | — | — | — |
| tetex-bin | — | — | — | — |
Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows...
6 affected packages
cupsys, gpdf, kdegraphics, koffice, poppler, tetex-bin
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| cupsys | — | — | — | — |
| gpdf | — | — | — | — |
| kdegraphics | — | — | — | — |
| koffice | — | — | — | — |
| poppler | — | — | — | — |
| tetex-bin | — | — | — | — |
Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a)...
9 affected packages
cupsys, gpdf, kdegraphics, koffice, libextractor...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| cupsys | — | — | — | — |
| gpdf | — | — | — | — |
| kdegraphics | — | — | — | — |
| koffice | — | — | — | — |
| libextractor | — | — | — | — |
| pdftohtml | — | — | — | — |
| poppler | — | — | — | — |
| tetex-bin | — | — | — | — |
| xpdf | — | — | — | — |
Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and...
7 affected packages
cupsys, kdegraphics, koffice, pdftohtml, poppler...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| cupsys | — | — | — | — |
| kdegraphics | — | — | — | — |
| koffice | — | — | — | — |
| pdftohtml | — | — | — | — |
| poppler | — | — | — | — |
| tetex-bin | — | — | — | — |
| xpdf | — | — | — | — |
Some fixes available 22 of 23
xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temporary file...
6 affected packages
cups, cupsys, gpdf, kdegraphics, poppler, xpdf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| cups | — | — | — | — |
| cupsys | — | — | — | — |
| gpdf | — | — | — | — |
| kdegraphics | — | — | — | — |
| poppler | — | — | — | — |
| xpdf | — | — | — | — |