Search CVE reports
61 – 70 of 77 results
CVE-2005-3624
Unknown priorityThe CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode...
6 affected packages
cupsys, gpdf, kdegraphics, koffice, poppler, tetex-bin
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cupsys | — | — | — | — | — |
| gpdf | — | — | — | — | — |
| kdegraphics | — | — | — | — | — |
| koffice | — | — | — | — | — |
| poppler | — | — | — | — | — |
| tetex-bin | — | — | — | — | — |
CVE-2005-3192
Unknown priorityHeap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows...
6 affected packages
cupsys, gpdf, kdegraphics, koffice, poppler, tetex-bin
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cupsys | — | — | — | — | — |
| gpdf | — | — | — | — | — |
| kdegraphics | — | — | — | — | — |
| koffice | — | — | — | — | — |
| poppler | — | — | — | — | — |
| tetex-bin | — | — | — | — | — |
CVE-2005-3191
Unknown priorityMultiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a)...
9 affected packages
cupsys, gpdf, kdegraphics, koffice, libextractor...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cupsys | — | — | — | — | — |
| gpdf | — | — | — | — | — |
| kdegraphics | — | — | — | — | — |
| koffice | — | — | — | — | — |
| libextractor | — | — | — | — | — |
| pdftohtml | — | — | — | — | — |
| poppler | — | — | — | — | — |
| tetex-bin | — | — | — | — | — |
| xpdf | — | — | — | — | — |
CVE-2005-3193
Unknown priorityHeap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and...
7 affected packages
cupsys, kdegraphics, koffice, pdftohtml, poppler...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cupsys | — | — | — | — | — |
| kdegraphics | — | — | — | — | — |
| koffice | — | — | — | — | — |
| pdftohtml | — | — | — | — | — |
| poppler | — | — | — | — | — |
| tetex-bin | — | — | — | — | — |
| xpdf | — | — | — | — | — |
CVE-2005-2874
Unknown priorityThe is_path_absolute function in scheduler/client.c for the daemon in CUPS before 1.1.23 allows remote attackers to cause a denial of service (CPU consumption by tight loop) via a "..\.." URL in an HTTP request.
1 affected packages
cupsys
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cupsys | — | — | — | — | — |
CVE-2005-2097
Low prioritySome fixes available 22 of 23
xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temporary file...
6 affected packages
cups, cupsys, gpdf, kdegraphics, poppler, xpdf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cups | — | — | — | — | — |
| cupsys | — | — | — | — | — |
| gpdf | — | — | — | — | — |
| kdegraphics | — | — | — | — | — |
| poppler | — | — | — | — | — |
| xpdf | — | — | — | — | — |
CVE-2005-0064
Unknown priorityBuffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value.
8 affected packages
cupsys, gpdf, kdegraphics, koffice, libextractor...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cupsys | — | — | — | — | — |
| gpdf | — | — | — | — | — |
| kdegraphics | — | — | — | — | — |
| koffice | — | — | — | — | — |
| libextractor | — | — | — | — | — |
| pdftohtml | — | — | — | — | — |
| tetex-bin | — | — | — | — | — |
| xpdf | — | — | — | — | — |
CVE-2005-0206
Unknown priorityThe patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
3 affected packages
cupsys, tetex-bin, xpdf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cupsys | — | — | — | — | — |
| tetex-bin | — | — | — | — | — |
| xpdf | — | — | — | — | — |
CVE-2004-0923
Unknown priorityCUPS 1.1.20 and earlier records authentication information for a device URI in the error_log file, which allows local users to obtain user names and passwords.
2 affected packages
cupsys, samba
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cupsys | — | — | — | — | — |
| samba | — | — | — | — | — |
CVE-2004-0888
Unknown priorityMultiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code,...
6 affected packages
cupsys, gpdf, kdegraphics, koffice, pdftohtml, tetex-bin
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cupsys | — | — | — | — | — |
| gpdf | — | — | — | — | — |
| kdegraphics | — | — | — | — | — |
| koffice | — | — | — | — | — |
| pdftohtml | — | — | — | — | — |
| tetex-bin | — | — | — | — | — |