Search CVE reports
41 – 45 of 45 results
Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value.
8 affected packages
cupsys, gpdf, kdegraphics, koffice, libextractor...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| cupsys | — | — | — | — |
| gpdf | — | — | — | — |
| kdegraphics | — | — | — | — |
| koffice | — | — | — | — |
| libextractor | — | — | — | — |
| pdftohtml | — | — | — | — |
| tetex-bin | — | — | — | — |
| xpdf | — | — | — | — |
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
3 affected packages
cupsys, tetex-bin, xpdf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| cupsys | — | — | — | — |
| tetex-bin | — | — | — | — |
| xpdf | — | — | — | — |
Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code,...
6 affected packages
cupsys, gpdf, kdegraphics, koffice, pdftohtml, tetex-bin
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| cupsys | — | — | — | — |
| gpdf | — | — | — | — |
| kdegraphics | — | — | — | — |
| koffice | — | — | — | — |
| pdftohtml | — | — | — | — |
| tetex-bin | — | — | — | — |
Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service...
7 affected packages
gpdf, kdegraphics, koffice, tetex-bin, xpdf...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gpdf | — | — | — | — |
| kdegraphics | — | — | — | — |
| koffice | — | — | — | — |
| tetex-bin | — | — | — | — |
| xpdf | — | — | — | — |
| cupsys | — | — | — | — |
| pdftohtml | — | — | — | — |
The xdvizilla script in tetex-bin 2.0.2 creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack.
1 affected package
tetex-bin
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| tetex-bin | — | — | — | — |