VYPR

Gpdf

by GNOME Foundation

CVEs (5)

  • CVE-2004-0888Jan 27, 2005
    risk 0.01cvss epss 0.09

    Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by…

  • CVE-2009-4035Dec 21, 2009
    risk 0.00cvss epss 0.04

    The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers to execute arbitrary code via…

  • CVE-2006-1244Mar 15, 2006
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2)…

  • CVE-2005-0206Apr 27, 2005
    risk 0.00cvss epss 0.03

    The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.

  • CVE-2004-0889Jan 27, 2005
    risk 0.00cvss epss 0.06

    Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.