Search CVE reports

161 – 170 of 187 results

Detailed view

Sort by:

CVE-2009-3604

Medium priority

Some fixes available 38 of 105

The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service...

11 affected packages

ipe, texlive-bin, xpdf, koffice, poppler...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ipe	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
texlive-bin	Not affected	Not affected	Not affected	Not affected
xpdf	Not affected	Not affected	Not in release	Not affected
koffice	Not in release	Not in release	Not in release	Not in release
poppler	Fixed	Fixed	Fixed	Fixed
tetex-bin	Not in release	Not in release	Not in release	Not in release
kdegraphics	Not in release	Not in release	Not in release	Not in release
gpdf	Not in release	Not in release	Not in release	Not in release
pdftohtml	Not in release	Not in release	Not in release	Not in release
libextractor	Not affected	Not affected	Not affected	Not affected
pdfkit.framework	Not in release	Not in release	Not in release	Not in release

CVE-2009-3603

Medium priority

Some fixes available 38 of 105

Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer...

11 affected packages

ipe, texlive-bin, xpdf, koffice, poppler...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ipe	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
texlive-bin	Not affected	Not affected	Not affected	Not affected
xpdf	Not affected	Not affected	Not in release	Not affected
koffice	Not in release	Not in release	Not in release	Not in release
poppler	Fixed	Fixed	Fixed	Fixed
tetex-bin	Not in release	Not in release	Not in release	Not in release
kdegraphics	Not in release	Not in release	Not in release	Not in release
gpdf	Not in release	Not in release	Not in release	Not in release
pdftohtml	Not in release	Not in release	Not in release	Not in release
libextractor	Not affected	Not affected	Not affected	Not affected
pdfkit.framework	Not in release	Not in release	Not in release	Not in release

CVE-2009-3560

Medium priority

Some fixes available 81 of 503

The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed...

41 affected packages

coin3, libxmltok, audacity, matanza, ayttm...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
coin3	Not affected	Not affected	Not affected	Vulnerable
libxmltok	Not affected	Not affected	Not affected	Not affected
audacity	Not affected	Not affected	Not affected	Not affected
matanza	Ignored	Ignored	Ignored	Ignored
ayttm	Not in release	Not in release	Not in release	Not in release
cableswig	Not in release	Not in release	Not in release	Not in release
cadaver	Not affected	Not affected	Not affected	Not affected
cmake	Not affected	Not affected	Not affected	Not affected
ghostscript	Not affected	Not affected	Not affected	Not affected
insighttoolkit	Not in release	Not in release	Not in release	Not in release
paraview	Not affected	Not affected	Not affected	Not affected
simgear	Not affected	Not affected	Not affected	Not affected
sitecopy	Not in release	Not affected	Not affected	Not affected
smart	Not in release	Not in release	Not in release	Not affected
swish-e	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
tdom	Not affected	Not affected	Not affected	Not affected
texlive-bin	Not affected	Not affected	Not affected	Not affected
tla	Not affected	Not affected	Not affected	Not affected
wbxml2	Not affected	Not affected	Not affected	Not affected
wxwidgets2.8	Not in release	Not in release	Not in release	Not in release
xotcl	Not affected	Not affected	Not affected	Not affected
expat	Fixed	Fixed	Fixed	Fixed
apache2	Not affected	Not affected	Not affected	Not affected
apr-util	Not affected	Not affected	Not affected	Not affected
python2.6	Not in release	Not in release	Not in release	Not in release
python2.5	Not in release	Not in release	Not in release	Not in release
celementtree	Not in release	Not in release	Not in release	Not in release
python2.4	Not in release	Not in release	Not in release	Not in release
python-xml	Not in release	Not in release	Not in release	Not in release
xmlrpc-c	Fixed	Fixed	Fixed	Fixed
wxwidgets2.6	Not in release	Not in release	Not in release	Not in release
vnc4	Not in release	Not in release	Not in release	Not affected
w3c-libwww	Not in release	Not in release	Not in release	Not in release
poco	Not affected	Not affected	Not affected	Not affected
xulrunner	Not in release	Not in release	Not in release	Not in release
libparagui1.1	Not in release	Not in release	Not in release	Not in release
kompozer	Not in release	Not in release	Not in release	Not in release
wxwindows2.4	Not in release	Not in release	Not in release	Not in release
gdcm	Not affected	Not affected	Not affected	Not affected
grmonitor	Not in release	Not in release	Not in release	Not in release
vtk	Not in release	Not in release	Not in release	Not in release

CVE-2009-1284

Low priority

Some fixes available 3 of 5

Buffer overflow in BibTeX 0.99 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a long .bib bibliography file.

1 affected package

texlive-bin

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
texlive-bin	—	—	—	—

CVE-2009-1188

Medium priority

Some fixes available 34 of 74

Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to...

14 affected packages

cups, evince, texlive-bin, xpdf, koffice...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
cups	—	Not affected	Not affected	Not affected
evince	—	Not affected	Not affected	Not affected
texlive-bin	—	Not affected	Not affected	Not affected
xpdf	—	Not affected	Not in release	Not affected
koffice	—	Not in release	Not in release	Not in release
libextractor	—	Not affected	Not affected	Not affected
cupsys	—	Not in release	Not in release	Not in release
gpdf	—	Not in release	Not in release	Not in release
ipe	—	Not affected	Not affected	Not affected
kdegraphics	—	Not in release	Not in release	Not in release
pdfkit.framework	—	Not in release	Not in release	Not in release
pdftohtml	—	Not in release	Not in release	Not in release
poppler	—	Fixed	Fixed	Fixed
tetex-bin	—	Not in release	Not in release	Not in release

CVE-2009-1187

Medium priority

Some fixes available 5 of 19

Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).

14 affected packages

cupsys, cups, evince, gpdf, ipe...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
cupsys	—	—	—	—
cups	—	—	—	—
evince	—	—	—	—
gpdf	—	—	—	—
ipe	—	—	—	—
kdegraphics	—	—	—	—
koffice	—	—	—	—
libextractor	—	—	—	—
pdfkit.framework	—	—	—	—
pdftohtml	—	—	—	—
poppler	—	—	—	—
tetex-bin	—	—	—	—
texlive-bin	—	—	—	—
xpdf	—	—	—	—

CVE-2009-1183

Medium priority

Some fixes available 34 of 76

The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file.

14 affected packages

cups, evince, ipe, texlive-bin, xpdf...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
cups	—	Not affected	Not affected	Not affected
evince	—	Not affected	Not affected	Not affected
ipe	—	Not affected	Not affected	Not affected
texlive-bin	—	Not affected	Not affected	Not affected
xpdf	—	Not affected	Not in release	Not affected
cupsys	—	Not in release	Not in release	Not in release
gpdf	—	Not in release	Not in release	Not in release
kdegraphics	—	Not in release	Not in release	Not in release
koffice	—	Not in release	Not in release	Not in release
libextractor	—	Not affected	Not affected	Not affected
pdfkit.framework	—	Not in release	Not in release	Not in release
pdftohtml	—	Not in release	Not in release	Not in release
poppler	—	Fixed	Fixed	Fixed
tetex-bin	—	Not in release	Not in release	Not in release

CVE-2009-1182

Medium priority

Some fixes available 34 of 76

Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.

14 affected packages

cups, ipe, texlive-bin, xpdf, cupsys...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
cups	—	Not affected	Not affected	Not affected
ipe	—	Not affected	Not affected	Not affected
texlive-bin	—	Not affected	Not affected	Not affected
xpdf	—	Not affected	Not in release	Not affected
cupsys	—	Not in release	Not in release	Not in release
gpdf	—	Not in release	Not in release	Not in release
evince	—	Not affected	Not affected	Not affected
kdegraphics	—	Not in release	Not in release	Not in release
koffice	—	Not in release	Not in release	Not in release
libextractor	—	Not affected	Not affected	Not affected
pdfkit.framework	—	Not in release	Not in release	Not in release
pdftohtml	—	Not in release	Not in release	Not in release
poppler	—	Fixed	Fixed	Fixed
tetex-bin	—	Not in release	Not in release	Not in release

CVE-2009-1181

Medium priority

Some fixes available 35 of 78

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a NULL pointer dereference.

14 affected packages

cups, evince, ipe, texlive-bin, xpdf...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
cups	—	Not affected	Not affected	Not affected
evince	—	Not affected	Not affected	Not affected
ipe	—	Not affected	Not affected	Not affected
texlive-bin	—	Not affected	Not affected	Not affected
xpdf	—	Not affected	Not in release	Not affected
libextractor	—	Not affected	Not affected	Not affected
cupsys	—	Not in release	Not in release	Not in release
gpdf	—	Not in release	Not in release	Not in release
kdegraphics	—	Not in release	Not in release	Not in release
koffice	—	Not in release	Not in release	Not in release
pdfkit.framework	—	Not in release	Not in release	Not in release
pdftohtml	—	Not in release	Not in release	Not in release
poppler	—	Fixed	Fixed	Fixed
tetex-bin	—	Not in release	Not in release	Not in release

CVE-2009-1180

Medium priority

Some fixes available 35 of 78

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data.

14 affected packages

cups, evince, ipe, texlive-bin, xpdf...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
cups	—	Not affected	Not affected	Not affected
evince	—	Not affected	Not affected	Not affected
ipe	—	Not affected	Not affected	Not affected
texlive-bin	—	Not affected	Not affected	Not affected
xpdf	—	Not affected	Not in release	Not affected
koffice	—	Not in release	Not in release	Not in release
gpdf	—	Not in release	Not in release	Not in release
libextractor	—	Not affected	Not affected	Not affected
cupsys	—	Not in release	Not in release	Not in release
kdegraphics	—	Not in release	Not in release	Not in release
pdfkit.framework	—	Not in release	Not in release	Not in release
pdftohtml	—	Not in release	Not in release	Not in release
poppler	—	Fixed	Fixed	Fixed
tetex-bin	—	Not in release	Not in release	Not in release

Export to JSON

Results by page: