Xpdfreader: Security Vulnerabilities
The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator.
CVSS Score
7.8
EPSS Score
0.004
Published
2020-01-09
xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream objects.
CVSS Score
5.5
EPSS Score
0.004
Published
2019-10-30
In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial of service (application crash) in xpdf-based PDF viewers.
CVSS Score
5.5
EPSS Score
0.004
Published
2019-10-30
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpIdiv case.
CVSS Score
5.5
EPSS Score
0.005
Published
2019-03-25
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PSOutputDev::checkPageSlice at PSOutputDev.cc for nStripes.
CVSS Score
5.5
EPSS Score
0.002
Published
2019-03-25
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for x Bresenham parameters.
CVSS Score
5.5
EPSS Score
0.002
Published
2019-03-25
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nComps.
CVSS Score
5.5
EPSS Score
0.002
Published
2019-03-25
An issue was discovered in Xpdf 4.01.01. There is a NULL pointer dereference in the function Gfx::opSetExtGState in Gfx.cc.
CVSS Score
5.5
EPSS Score
0.002
Published
2019-03-25
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpMod case.
CVSS Score
5.5
EPSS Score
0.002
Published
2019-03-25
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for y Bresenham parameters.
CVSS Score
5.5
EPSS Score
0.002
Published
2019-03-25