Download
| Alert*
oval:org.secpod.oval:def:2103893
PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted pdf file to the pdfunite binary. oval:org.secpod.oval:def:2103901 A reachable Object::dictLookup assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to the lack of a check for the dict data type, as demonstrated by use of the FileSpec class (in FileSpec.cc) in pdfdetach. oval:org.secpod.oval:def:66760 Poppler is a Portable Document Format rendering library, used by applications such as Evince. Security Fix: * poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc * poppler: heap-based buffer overflow in function ImageStream::getLine in Stream.cc * poppler: heap-based buffer over-rea ... oval:org.secpod.oval:def:89045847 This update for poppler fixes the following issues: - CVE-2017-18267: Fixed an infinite recursion that would allow remote attackers to cause a denial of service . - CVE-2018-13988: Added an improper implementation check which otherwise could allow buffer overflows, memory corruption, and denial of s ... oval:org.secpod.oval:def:1601043 XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service via a crafted PDF document, when XRefEntry::setFlag in XRef.h is called from Parser::makeStream in Parser.cc.In Poppler 0.68.0, the Parser::getObj function in ... oval:org.secpod.oval:def:116027 poppler is a PDF rendering library. oval:org.secpod.oval:def:116120 MinGW Windows Poppler library. oval:org.secpod.oval:def:116116 MinGW Windows Poppler library. oval:org.secpod.oval:def:116197 poppler is a PDF rendering library. oval:org.secpod.oval:def:2004755 In Poppler 0.73.0, a heap-based buffer over-read allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo. oval:org.secpod.oval:def:51217 poppler: PDF rendering library Several security issues were fixed in poppler. oval:org.secpod.oval:def:704492 poppler: PDF rendering library Several security issues were fixed in poppler. oval:org.secpod.oval:def:89046318 This update for poppler fixes the following issues: - CVE-2020-27778: Fixed a buffer overflow in pdftohtml . - CVE-2019-14494: Fixed a divide-by-zero error in pdftoppm . - CVE-2019-9959: Fixed an integer overflow in pdftocairo . - CVE-2019-10871: Fixed an invalid memory access in pdftops . - CVE-201 ... oval:org.secpod.oval:def:205288 Poppler is a Portable Document Format rendering library, used by applications such as Evince or Okular. Security Fix: * poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc * poppler: heap-based buffer overflow in function ImageStream::getLine in Stream.cc * poppler: infinite recursi ... oval:org.secpod.oval:def:1504089 evince [3.28.2-8] - Do not free EvDocumentInfo in ev_window_save_print_settings, - it is freed in EvDocuments destructor - Resolves: #1541358 [3.28.2-7] - Do not store page-scaling for documents with enforced - page-scaling - Resolves: #1541358 [3.28.2-6] - Use PrintScaling preference stored in PDFs ... oval:org.secpod.oval:def:503299 Poppler is a Portable Document Format rendering library, used by applications such as Evince or Okular. Security Fix: * poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc * poppler: heap-based buffer overflow in function ImageStream::getLine in Stream.cc * poppler: infinite recursi ... oval:org.secpod.oval:def:205250 Poppler is a Portable Document Format rendering library, used by applications such as Evince or Okular. Security Fix: * poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc * poppler: heap-based buffer overflow in function ImageStream::getLine in Stream.cc * poppler: infinite recursi ... oval:org.secpod.oval:def:503336 Poppler is a Portable Document Format rendering library, used by applications such as Evince. Security Fix: * poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc * poppler: heap-based buffer overflow in function ImageStream::getLine in Stream.cc * poppler: heap-based buffer over-rea ... oval:org.secpod.oval:def:205317 Poppler is a Portable Document Format rendering library, used by applications such as Evince or Okular. Security Fix: * poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc * poppler: heap-based buffer overflow in function ImageStream::getLine in Stream.cc * poppler: infinite recursi ... oval:org.secpod.oval:def:1502651 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1700243 In Poppler 0.68.0, the Parser::getObj function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack.An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by p ... oval:org.secpod.oval:def:89049132 This update for poppler fixes the following issues: * CVE-2022-27337: Fixed a logic error in the Hints::Hints function which can cause denial of service . * CVE-2018-21009: Fixed integer overflow in Parser:makeStream in Parser.cc . * CVE-2019-12293: Fixed heap-based buffer over-read in JPXStream:ini ... oval:org.secpod.oval:def:3301926 Security update for poppler |