Shodan
Vulnerabilities
Vulnerable Software
Xpdfreader:  Security Vulnerabilities
CVE-2018-8105
The JPXStream::fillReadBuf function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.
CVSS Score
5.5
EPSS Score
0.001
Published
2018-03-14
CVE-2018-8106
The JPXStream::readTilePartData function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.
CVSS Score
5.5
EPSS Score
0.001
Published
2018-03-14
CVE-2018-8107
The JPXStream::close function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.
CVSS Score
5.5
EPSS Score
0.001
Published
2018-03-14
CVE-2018-7452
A NULL pointer dereference in JPXStream::fillReadBuf in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml.
CVSS Score
5.5
EPSS Score
0.001
Published
2018-02-24
CVE-2018-7453
Infinite recursion in AcroForm::scanField in AcroForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file due to lack of loop checking, as demonstrated by pdftohtml.
CVSS Score
5.5
EPSS Score
0.002
Published
2018-02-24
CVE-2018-7454
A NULL pointer dereference in XFAForm::scanFields in XFAForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml.
CVSS Score
5.5
EPSS Score
0.001
Published
2018-02-24
CVE-2018-7455
An out-of-bounds read in JPXStream::readTilePart in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml.
CVSS Score
5.5
EPSS Score
0.001
Published
2018-02-24
CVE-2018-7173
A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an attacker to cause denial of service via a specific file due to inappropriate decoding.
CVSS Score
5.5
EPSS Score
0.001
Published
2018-02-15
CVE-2018-7174
An issue was discovered in xpdf 4.00. An infinite loop in XRef::Xref allows an attacker to cause denial of service because loop detection exists only for tables, not streams.
CVSS Score
5.5
EPSS Score
0.002
Published
2018-02-15
CVE-2018-7175
An issue was discovered in xpdf 4.00. A NULL pointer dereference in readCodestream allows an attacker to cause denial of service via a JPX image with zero components.
CVSS Score
5.5
EPSS Score
0.002
Published
2018-02-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved