Xpdfreader
by Xpdf
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-9589 | Hig | 0.51 | 7.8 | 0.01 | Mar 6, 2019 | There is a NULL pointer dereference vulnerability in PSOutputDev::setupResources() located in PSOutputDev.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault)… | ||
| CVE-2021-40226 | Hig | 0.49 | 7.5 | 0.01 | Nov 10, 2022 | xpdfreader 4.03 is vulnerable to Buffer Overflow. | ||
| CVE-2018-18650 | Med | 0.36 | 5.5 | 0.01 | Oct 25, 2018 | An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows attackers to launch a denial of service (Integer Overflow) via a crafted /Size value in a pdf file, as demonstrated by pdftohtml. This is mainly caused by the program attempting a malloc operation for a… |
- risk 0.51cvss 7.8epss 0.01
There is a NULL pointer dereference vulnerability in PSOutputDev::setupResources() located in PSOutputDev.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault)…
- risk 0.49cvss 7.5epss 0.01
xpdfreader 4.03 is vulnerable to Buffer Overflow.
- risk 0.36cvss 5.5epss 0.01
An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows attackers to launch a denial of service (Integer Overflow) via a crafted /Size value in a pdf file, as demonstrated by pdftohtml. This is mainly caused by the program attempting a malloc operation for a…