Search CVE reports
31 – 40 of 45 results
Buffer overflow in the intT1_EnvGetCompletePath function in lib/t1lib/t1env.c in t1lib 5.1.1 allows context-dependent attackers to execute arbitrary code via a long FileName parameter. NOTE: this issue was originally reported to...
3 affected packages
t1lib, tetex-bin, texlive-bin
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| t1lib | — | — | — | — |
| tetex-bin | — | — | — | — |
| texlive-bin | — | — | — | — |
Buffer overflow in the open_sty function in mkind.c for makeindex 2.14 in teTeX might allow user-assisted remote attackers to overwrite files and possibly execute arbitrary code via a long filename. NOTE: other overflows exist...
1 affected package
tetex-bin
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| tetex-bin | — | — | — | — |
The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of...
5 affected packages
kdegraphics, koffice, poppler, tetex-bin, xpdf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| kdegraphics | — | — | — | — |
| koffice | — | — | — | — |
| poppler | — | — | — | — |
| tetex-bin | — | — | — | — |
| xpdf | — | — | — | — |
Some fixes available 4 of 5
Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors,...
6 affected packages
cupsys, gpdf, kdegraphics, koffice, poppler, tetex-bin
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| cupsys | — | — | — | — |
| gpdf | — | — | — | — |
| kdegraphics | — | — | — | — |
| koffice | — | — | — | — |
| poppler | — | — | — | — |
| tetex-bin | — | — | — | — |
Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via a DCTDecode stream with (1) a large...
6 affected packages
cupsys, gpdf, kdegraphics, koffice, poppler, tetex-bin
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| cupsys | — | — | — | — |
| gpdf | — | — | — | — |
| kdegraphics | — | — | — | — |
| koffice | — | — | — | — |
| poppler | — | — | — | — |
| tetex-bin | — | — | — | — |
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1)...
6 affected packages
cupsys, gpdf, kdegraphics, koffice, poppler, tetex-bin
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| cupsys | — | — | — | — |
| gpdf | — | — | — | — |
| kdegraphics | — | — | — | — |
| koffice | — | — | — | — |
| poppler | — | — | — | — |
| tetex-bin | — | — | — | — |
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode...
6 affected packages
cupsys, gpdf, kdegraphics, koffice, poppler, tetex-bin
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| cupsys | — | — | — | — |
| gpdf | — | — | — | — |
| kdegraphics | — | — | — | — |
| koffice | — | — | — | — |
| poppler | — | — | — | — |
| tetex-bin | — | — | — | — |
Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows...
6 affected packages
cupsys, gpdf, kdegraphics, koffice, poppler, tetex-bin
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| cupsys | — | — | — | — |
| gpdf | — | — | — | — |
| kdegraphics | — | — | — | — |
| koffice | — | — | — | — |
| poppler | — | — | — | — |
| tetex-bin | — | — | — | — |
Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a)...
9 affected packages
cupsys, gpdf, kdegraphics, koffice, libextractor...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| cupsys | — | — | — | — |
| gpdf | — | — | — | — |
| kdegraphics | — | — | — | — |
| koffice | — | — | — | — |
| libextractor | — | — | — | — |
| pdftohtml | — | — | — | — |
| poppler | — | — | — | — |
| tetex-bin | — | — | — | — |
| xpdf | — | — | — | — |
Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and...
7 affected packages
cupsys, kdegraphics, koffice, pdftohtml, poppler...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| cupsys | — | — | — | — |
| kdegraphics | — | — | — | — |
| koffice | — | — | — | — |
| pdftohtml | — | — | — | — |
| poppler | — | — | — | — |
| tetex-bin | — | — | — | — |
| xpdf | — | — | — | — |