Gentoo Linux Security Advisory GLSA 200710-20 - Maurycy Prodeus discovered an integer overflow vulnerability possibly leading to a stack-based buffer overflow in the XPDF code which PDFKit is based on. ImageKits also contains a copy of PDFKit. Versions less than or equal to 0.9_pre062906 are affected.
937ee0eb780bc0c3f024e5e6473e766ef1e4a89d102d75d7eaacb7670ba23876Gentoo Linux Security Advisory GLSA 200710-08 - KPDF includes code from xpdf that is vulnerable to an integer overflow in the StreamPredictor::StreamPredictor() function. Versions less than 1.6.3-r1 are affected.
381a2e4a9e88cc3c225d25d30e09d7aaf76971ddcb097b4f5de944157ede3b22Gentoo Linux Security Advisory GLSA 200709-17 - Mark Richters discovered a buffer overflow in the open_sty() function in file mkind.c. Other vulnerabilities have also been discovered in the same file but might not be exploitable. Tetex also includes vulnerable code from GD library (GLSA 200708-05), and from Xpdf. Versions less than 3.0_p1-r4 are affected.
ed78c59922461445cd909f77db27128732f72ccca3c1e1af03789734f2ac7444Gentoo Linux Security Advisory GLSA 200709-12 - Poppler and Xpdf are vulnerable to an integer overflow in the StreamPredictor::StreamPredictor function, and a stack overflow in the StreamPredictor::getNextLine function. The original vulnerability was discovered by Maurycy Prodeus. Note: Gentoo's version of Xpdf is patched to use the Poppler library, so the update to Poppler will also fix Xpdf. Versions less than 0.5.4-r2 are affected.
80f2606293732b921ba29576656b474b32143b7b5042cb15416ed2d5c74a76f8Debian Security Advisory 1357-1 - It was discovered that an integer overflow in the xpdf PDF viewer may lead to the execution of arbitrary code if a malformed PDF file is opened. koffice includes a copy of the xpdf code and required an update as well.
3e145bf618f6b02bb84eb231519eaee326c36030f92ceb8c5cfa6de6456b57a6Mandriva Linux Security Advisory - Maurycy Prodeus found an integer overflow vulnerability in the way various PDF viewers processed PDF files. An attacker could create a malicious PDF file that could cause cups to crash and possibly execute arbitrary code open a user opening the file.
615d492ff4a583c9964f4b3e57e745c7d62cad09d70886783f898e2b61f73d55Mandriva Linux Security Advisory - Maurycy Prodeus found an integer overflow vulnerability in the way various PDF viewers processed PDF files. An attacker could create a malicious PDF file that could cause tetex to crash and possibly execute arbitrary code open a user opening the file. In addition, tetex contains an embedded copy of the GD library which suffers from a number of bugs which potentially lead to denial of service and possibly other issues.
4b9691f84f1ab3a6e1240a51aa912ed2ec78100d92ca0a1bb83a43b08e97b10aMandriva Linux Security Advisory - Maurycy Prodeus found an integer overflow vulnerability in the way various PDF viewers processed PDF files. An attacker could create a malicious PDF file that could cause kpdf to crash and possibly execute arbitrary code open a user opening the file.
45a686b43c58e9dd3b89efec59673bc7779044afde8243ea96708d15a6f25b09Mandriva Linux Security Advisory - Maurycy Prodeus found an integer overflow vulnerability in the way various PDF viewers processed PDF files. An attacker could create a malicious PDF file that could cause koffice to crash and possibly execute arbitrary code open a user opening the file.
89d31e8182e9110ed0b5a04a58b70de50193fa8afed54c84c98aff2c0e8b3f6dMandriva Linux Security Advisory - Maurycy Prodeus found an integer overflow vulnerability in the way various PDF viewers processed PDF files. An attacker could create a malicious PDF file that could cause poppler to crash and possibly execute arbitrary code open a user opening the file.
7ac3803dd793faea3c085a5bd36bfd70351c682d1b345becac7799141ead7518Mandriva Linux Security Advisory - Maurycy Prodeus found an integer overflow vulnerability in the way various PDF viewers processed PDF files. An attacker could create a malicious PDF file that could cause pdftohtml to crash and possibly execute arbitrary code open a user opening the file.
58a29c3af4033da7e0bcbffbdceacf7600198ac02ee96905b827cc287ad0e49eMandriva Linux Security Advisory - Maurycy Prodeus found an integer overflow vulnerability in the way various PDF viewers processed PDF files. An attacker could create a malicious PDF file that could cause gpdf to crash and possibly execute arbitrary code open a user opening the file.
7f8b8a6a5e040aad22f4e2967746ee029c47e30054f0c4efbbab0288f4ea3235Mandriva Linux Security Advisory - Maurycy Prodeus found an integer overflow vulnerability in the way various PDF viewers processed PDF files. An attacker could create a malicious PDF file that could cause xpdf to crash and possibly execute arbitrary code open a user opening the file.
fc9fc6646997c0c6485ca7ef48a4fd998d92c53bf43df22389168f933b7f3c3fDebian Security Advisory 1355-1 - It was discovered that an integer overflow in the xpdf PDF viewer may lead to the execution of arbitrary code if a malformed PDF file is opened. kpdf includes a copy of the xpdf code and required an update as well.
64fde088e461a084a0c14efcb91f7e48bf3d39642b9e4e461373b6423f115f5fDebian Security Advisory 1354-1 - It was discovered that an integer overflow in xpdf PDF viewer may lead to the execution of arbitrary code if a malformed PDF file is opened. gpdf includes a copy of the xpdf code and requires an update as well.
3daca8416a55bf348517eda7e2278e198b208695a041b1ddd0a800984015249cUbuntu Security Notice 496-2 - USN-496-1 fixed a vulnerability in koffice. This update provides the corresponding updates for poppler, the library used for PDF handling in Gnome. Derek Noonburg discovered an integer overflow in the Xpdf function StreamPredictor::StreamPredictor(). By importing a specially crafted PDF file into KWord, this could be exploited to run arbitrary code with the user's privileges.
b48ad1fd14ab595468a419a8f32c81e18286aa18e1e3e8dc109c6cd072d501c2Debian Security Advisory 1352-1 - It was discovered that an integer overflow in the xpdf PDF viewer may lead to the execution of arbitrary code if a malformed PDF file is opened. pdfkit.framework includes a copy of the xpdf code and required an update as well.
9ca9636a117ba33125cacb14b9d31ddc094e35adfb6f27dca5eb2629053db177Debian Security Advisory 1350-1 - It was discovered that an integer overflow in the xpdf PDF viewer may lead to the execution of arbitrary code if a malformed PDF file is opened. tetex-bin includes a copy of the xpdf code and required an update as well.
fffb21c8991279690441a2515c661592680f44480edf89a3d6e3cabe1d0849b2Debian Security Advisory 1349-1 - It was discovered that an integer overflow in the xpdf PDF viewer may lead to the execution of arbitrary code if a malformed PDF file is opened. libextractor includes a copy of the xpdf code and required an update as well.
a1b3246eafc60040081f3d8c0ba1f846370ca79519efc89287e6ded95b7b3642Debian Security Advisory 1348-1 - It was discovered that an integer overflow in the xpdf PDF viewer may lead to the execution of arbitrary code if a malformed PDF file is opened.
49e3a70039e6fad984c2f24899acf376b072798479b58d6d44d8f1c198922ac7Debian Security Advisory 1347-1 - It was discovered that an integer overflow in the xpdf PDF viewer may lead to the execution of arbitrary code if a malformed PDF file is opened.
5e07dd252fbab464131cc77702e9533be9f3101c692721eda821a42aee34eaa7Ubuntu Security Notice 496-1 - Derek Noonburg discovered an integer overflow in the Xpdf function StreamPredictor::StreamPredictor(). By importing a specially crafted PDF file into KWord, this could be exploited to run arbitrary code with the user's privileges.
54058bc668d98e99c59650536e2aa3ed485ea4369952bd5e9daf67aa42c494f9
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed