Gentoo Linux Security Advisory 201310-3 - Multiple vulnerabilities have been found in Poppler, some of which may allow execution of arbitrary code. Versions less than 0.22.2-r1 are affected.
16eefcedc1f920563836019127836503bea995cfd0361da741d9651c6c38a920Mandriva Linux Security Advisory 2011-175 - Multiple security vulnerabilities has been discovered and corrected in poppler. An out-of-bounds reading flaw in the JBIG2 decoder allows remote attackers to cause a denial of service via a crafted PDF file. Multiple input validation flaws in the JBIG2 decoder allows remote attackers to execute arbitrary code via a crafted PDF file. An integer overflow in the JBIG2 decoder allows remote attackers to execute arbitrary code via a crafted PDF file. Multiple other vulnerabilities have been addressed as well. The updated packages have been patched to correct these issues.
277a0876547aa48a2da60db5935554f4108da58a7024458c326a8a0ae4c37a2eUbuntu Security Notice 973-1 - Will Dormann, Alin Rad Pop, Braden Thomas, and Drew Yao discovered that the Xpdf used in KOffice contained multiple security issues in its JBIG2 decoder. It was discovered that the Xpdf used in KOffice contained multiple security issues when parsing malformed PDF documents.
937f71ec4cafbb7568afd14d2eedfec7def4d329266ee50640da8a30d1c51a1aDebian Linux Security Advisory 2050-1 - Several local vulnerabilities have been discovered in KPDF, a PDF viewer for KDE, which allow the execution of arbitrary code or denial of service if a user is tricked into opening a crafted PDF document.
8644bd02ce6a14e6ad5b57a5ac9357645edd45cf845f315851d8662a0585d241Mandriva Linux Security Advisory 2010-086 - Multiple vulnerabilities has been found and corrected in kpdf (kdegraphics). Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that triggers a NULL pointer dereference or buffer over-read. The updated packages have been patched to correct these issues.
176ce851ea5226fd5466f63f85a1de7bc3edc6ecd276970bc8cbdb5ae0388691Debian Linux Security Advisory 2028-1 - Several vulnerabilities have been identified in xpdf, a suite of tools for viewing and converting Portable Document Format (PDF) files.
6844de5c8708330205f555a5bd87175685c6a4097b829e30b8a856f02481856bMandriva Linux Security Advisory 2010-055 - Denial of service, buffer overflows, integer overflows and other issues have been addressed in Poppler.
c1f39ccb7ae4691e51e96d2b4dda262462f9738eabe92c6b916c22a54e98557dMandriva Linux Security Advisory 2009-336 - Security vulnerabilities have been discovered and fixed in pdf processing code embedded in koffice package. This update fixes these vulnerabilities. Packages for 2008.0 are being provided due to extended support for Corporate products.
a2ef2d5e30130afa9fad89e1222ba735868ee5d7ca2b28bab7a104774565a186Mandriva Linux Security Advisory 2009-334 - Multiple poppler vulnerabilities have been addressed though Mandriva failed to note them. Check the CVEs for additional information.
030273d5d33a240b7b1fd29191f45d4461d598cf3adb0356f63b653f5b433171Mandriva Linux Security Advisory 2009-282 - Multiple integer overflow, code execution, and denial of service issues have been addressed in cups. This update corrects the problems. Packages for 2008.0 are being provided due to extended support for Corporate products.
2ed7fd3e64b4d52cac44cf24c4a2e78258c45c2068922e4925cc949de7e1b07aMandriva Linux Security Advisory 2009-287 - Multiple vulnerabilities have been found and corrected in xpdf.
b7df1aa36ed4c7cf25a57942409eb64263e9e0ae6b9559c1f0ed8dd9d8b1cfadUbuntu Security Notice 850-3 - USN-850-1 fixed vulnerabilities in poppler. This update provides the corresponding updates for Ubuntu 9.10. Original advisory details: It was discovered that poppler contained multiple security issues when parsing malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.
63c3ccfbae71b61e42605e0cd81a7cff6e1cf05926b86d413a70fe812affcec3Mandriva Linux Security Advisory 2009-287 - Integer overflows and memory allocation issues that could result in a denial of service or code execution via xpdf have been resolved.
80c75bcffe938ef51c3cc7bd64b8ca3f8e8d9e264e1804fcd8c23a453cc6e0ffUbuntu Security Notice 850-1 - It was discovered that poppler contained multiple security issues when parsing malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.
2f82b6f88a4cf4427aa354e47da6d119543a06f31b58f73dfeef3c7d9b2a663bMandriva Linux Security Advisory 2009-283 - cups suffers from denial of service, integer overflow, and buffer overflow vulnerabilities. This update corrects the problems.
6a986cbe02b428640424c30a7a68682178e6cab0da2aafa9fc12a51bfb358d7eMandriva Linux Security Advisory 2009-282 - Multiple integer, heap, and buffer overflows exist in cups. This update corrects the problems.
894087aa72d5132ae4eaa82907f81fb6b4b5b4bc92b2685ec5a5b710fa25d155Mandriva Linux Security Advisory 2009-281 - cups suffers from multiple integer overflow and denial of service vulnerabilities. This update corrects the problems.
70b330e06ed183e1d579b9f88c26bf0a69cb7fdc044fab15f618e408b8f63a91Mandriva Linux Security Advisory 2009-280 - Two integer overflow flaws were found in the CUPS pdftops filter. An attacker could create a malicious PDF file that would cause pdftops to crash or, potentially, execute arbitrary code as the lp user if the file was printed. This update corrects the problem.
340a237471e7625221e421b0f726f2f9dc4339d5532c1a3acb4b585031e32328
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed