Xpdfreader Glyphandcog Xpdfreader

Do you want an email whenever new security vulnerabilities are reported in Glyphandcog Xpdfreader?

By the Year

In 2024 there have been 0 vulnerabilities in Glyphandcog Xpdfreader . Xpdfreader did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2024 0 0.00
2023 0 0.00
2022 3 7.70
2021 0 0.00
2020 0 0.00
2019 27 6.53
2018 0 0.00

It may take a day or so for new Xpdfreader vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Glyphandcog Xpdfreader Security Vulnerabilities

xpdfreader 4.03 is vulnerable to Buffer Overflow.

CVE-2021-40226 7.5 - High - November 10, 2022

xpdfreader 4.03 is vulnerable to Buffer Overflow.

Memory Corruption

Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc.

CVE-2022-24107 7.8 - High - August 30, 2022

Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc.

Integer Overflow or Wraparound

In Xpdf prior to 4.04, the DCT (JPEG) decoder was incorrectly

CVE-2022-24106 7.8 - High - August 30, 2022

In Xpdf prior to 4.04, the DCT (JPEG) decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc.

Integer Overflow or Wraparound

Catalog.cc in Xpdf 4.02 has a NULL pointer dereference

CVE-2019-17064 5.5 - Medium - October 01, 2019

Catalog.cc in Xpdf 4.02 has a NULL pointer dereference because Catalog.pageLabels is initialized too late in the Catalog constructor.

NULL Pointer Dereference

In Xpdf 4.01.01

CVE-2019-16115 7.8 - High - September 08, 2019

In Xpdf 4.01.01, a stack-based buffer under-read could be triggered in IdentityFunction::transform in Function.cc, used by GfxAxialShading::getColor. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It allows an attacker to use a crafted PDF file to cause Denial of Service or possibly unspecified other impact.

Out-of-bounds Read

Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc.

CVE-2019-16088 5.5 - Medium - September 06, 2019

Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc.

Stack Exhaustion

Xpdf 2.00 allows a SIGSEGV in XRef::constructXRef in XRef.cc

CVE-2019-15860 5.5 - Medium - September 03, 2019

Xpdf 2.00 allows a SIGSEGV in XRef::constructXRef in XRef.cc. NOTE: 2.00 is a version from November 2002.

NULL Pointer Dereference

An issue was discovered in Xpdf 4.01.01

CVE-2019-14294 5.5 - Medium - July 27, 2019

An issue was discovered in Xpdf 4.01.01. There is a use-after-free in the function JPXStream::fillReadBuf at JPXStream.cc, due to an out of bounds read.

Out-of-bounds Read

An issue was discovered in Xpdf 4.01.01

CVE-2019-14293 5.5 - Medium - July 27, 2019

An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 2.

Out-of-bounds Read

An issue was discovered in Xpdf 4.01.01

CVE-2019-14292 5.5 - Medium - July 27, 2019

An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 1.

Out-of-bounds Read

An issue was discovered in Xpdf 4.01.01

CVE-2019-14291 5.5 - Medium - July 27, 2019

An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 3.

Out-of-bounds Read

An issue was discovered in Xpdf 4.01.01

CVE-2019-14290 5.5 - Medium - July 27, 2019

An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 2.

Out-of-bounds Read

An issue was discovered in Xpdf 4.01.01

CVE-2019-14289 5.5 - Medium - July 27, 2019

An issue was discovered in Xpdf 4.01.01. There is an integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "multiple bytes per line" case.

Integer Overflow or Wraparound

An issue was discovered in Xpdf 4.01.01

CVE-2019-14288 7.8 - High - July 27, 2019

An issue was discovered in Xpdf 4.01.01. There is an Integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "one byte per line" case.

Integer Overflow or Wraparound

In Xpdf 4.01.01, there is a use-after-free vulnerability in the function JBIG2Stream::close() located at JBIG2Stream.cc

CVE-2019-13289 7.8 - High - July 04, 2019

In Xpdf 4.01.01, there is a use-after-free vulnerability in the function JBIG2Stream::close() located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool.

Dangling pointer

In Xpdf 4.01.01, there is a heap-based buffer over-read in the function DCTStream::readScan() located at Stream.cc

CVE-2019-13291 5.5 - Medium - July 04, 2019

In Xpdf 4.01.01, there is a heap-based buffer over-read in the function DCTStream::readScan() located at Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allow an attacker to cause Information Disclosure.

Out-of-bounds Read

In Xpdf 4.01.01, the Parser::getObj() function in Parser.cc may cause infinite recursion via a crafted file

CVE-2019-13288 5.5 - Medium - July 04, 2019

In Xpdf 4.01.01, the Parser::getObj() function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. This is similar to CVE-2018-16646.

Stack Exhaustion

In Xpdf 4.01.01, there is an out-of-bounds read vulnerability in the function SplashXPath::strokeAdjust() located at splash/SplashXPath.cc

CVE-2019-13287 5.5 - Medium - July 04, 2019

In Xpdf 4.01.01, there is an out-of-bounds read vulnerability in the function SplashXPath::strokeAdjust() located at splash/SplashXPath.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure. This is related to CVE-2018-16368.

Out-of-bounds Read

In Xpdf 4.01.01, there is a heap-based buffer over-read in the function JBIG2Stream::readTextRegionSeg() located at JBIG2Stream.cc

CVE-2019-13286 5.5 - Medium - July 04, 2019

In Xpdf 4.01.01, there is a heap-based buffer over-read in the function JBIG2Stream::readTextRegionSeg() located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure.

Out-of-bounds Read

In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in strncpy from FoFiType1::parse in fofi/FoFiType1.cc

CVE-2019-13283 7.8 - High - July 04, 2019

In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in strncpy from FoFiType1::parse in fofi/FoFiType1.cc because it does not ensure the source string has a valid length before making a fixed-length copy. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an attacker to use a crafted pdf file to cause Denial of Service or an information leak, or possibly have unspecified other impact.

Out-of-bounds Read

In Xpdf 4.01.01

CVE-2019-13282 7.8 - High - July 04, 2019

In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in SampledFunction::transform in Function.cc when using a large index for samples. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an attacker to use a crafted pdf file to cause Denial of Service or an information leak, or possibly have unspecified other impact.

Out-of-bounds Read

In Xpdf 4.01.01, a heap-based buffer overflow could be triggered in DCTStream::decodeImage() in Stream.cc when writing to frameBuf memory

CVE-2019-13281 7.8 - High - July 04, 2019

In Xpdf 4.01.01, a heap-based buffer overflow could be triggered in DCTStream::decodeImage() in Stream.cc when writing to frameBuf memory. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an attacker to use a crafted pdf file to cause Denial of Service, an information leak, or possibly unspecified other impact.

Memory Corruption

In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in FoFiType1C::convertToType0 in fofi/FoFiType1C.cc when it is trying to access the second privateDicts array element

CVE-2019-12958 5.5 - Medium - June 25, 2019

In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in FoFiType1C::convertToType0 in fofi/FoFiType1C.cc when it is trying to access the second privateDicts array element, because the privateDicts array has only one element allocated.

Out-of-bounds Read

In Xpdf 4.01.01

CVE-2019-12957 7.8 - High - June 25, 2019

In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToType1 in fofi/FoFiType1C.cc when the index number is larger than the charset array bounds. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It allows an attacker to use a crafted pdf file to cause Denial of Service or an information leak, or possibly have unspecified other impact.

Out-of-bounds Read

There is an out-of-bounds read vulnerability in the function FlateStream::getChar() located at Stream.cc in Xpdf 4.01.01

CVE-2019-12515 7.1 - High - June 02, 2019

There is an out-of-bounds read vulnerability in the function FlateStream::getChar() located at Stream.cc in Xpdf 4.01.01. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure or a denial of service.

Out-of-bounds Read

A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01

CVE-2019-12493 7.1 - High - May 31, 2019

A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSpace and GfxDeviceNColorSpace mishandle tint transform functions. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data.

Out-of-bounds Read

A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01

CVE-2019-12360 7.1 - High - May 27, 2019

A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by sending crafted TrueType data in a PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data into dump content.

Out-of-bounds Read

There is an Invalid memory access in gAtomicIncrement() located at GMutex.h in Xpdf 4.01

CVE-2019-9588 7.8 - High - March 06, 2019

There is an Invalid memory access in gAtomicIncrement() located at GMutex.h in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.

Buffer Overflow

There is a NULL pointer dereference vulnerability in PSOutputDev::setupResources() located in PSOutputDev.cc in Xpdf 4.01

CVE-2019-9589 7.8 - High - March 06, 2019

There is a NULL pointer dereference vulnerability in PSOutputDev::setupResources() located in PSOutputDev.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.

NULL Pointer Dereference

There is a stack consumption issue in md5Round1() located in Decrypt.cc in Xpdf 4.01

CVE-2019-9587 7.8 - High - March 06, 2019

There is a stack consumption issue in md5Round1() located in Decrypt.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdfimages binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. This is related to Catalog::countPageTree.

Resource Exhaustion

Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers to execute arbitrary code via a crafted PDF document

CVE-2009-3603 - October 21, 2009

Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1188.

Numeric Errors

Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products

CVE-2009-0800 - April 23, 2009

Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.

Improper Input Validation

The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products

CVE-2009-1183 - April 23, 2009

The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file.

Resource Management Errors

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file

CVE-2009-1181 - April 23, 2009

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a NULL pointer dereference.

Resource Management Errors

Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products

CVE-2009-1179 - April 23, 2009

Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file.

Numeric Errors

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Apple Cups or by Glyphandcog? Click the Watch button to subscribe.

Glyphandcog
Vendor

subscribe