Next Page >>
Poppler
Mandriva Linux Security Advisory MDVSA-2010:087
http://www.mandriva.com/security/
_______________________________________________________________________
Package : poppler
Date : April 29, 2010
Affected: Corporate 4.0
_______________________________________________________________________
Problem Description:
which is not properly handled by the (1) _cupsImageReadTIFF function
in the imagetops filter and (2) imagetoraster filter, leading to a
heap-based buffer overflow. (CVE-2009-0163)
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier,
as used in Poppler and other products, when running on Mac OS X,
has unspecified impact, related to g*allocn. (CVE-2009-0165)
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier,
and other products allows remote attackers to cause a denial of service
(crash) via a crafted PDF file that triggers a free of uninitialized
which is not properly handled by the (1) _cupsImageReadTIFF function
in the imagetops filter and (2) imagetoraster filter, leading to a
heap-based buffer overflow. (CVE-2009-0163)
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier,
as used in Poppler and other products, when running on Mac OS X,
has unspecified impact, related to g*allocn. (CVE-2009-0165)
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier,
and other products allows remote attackers to cause a denial of service
(crash) via a crafted PDF file that triggers a free of uninitialized
Mandriva Linux Security Advisory MDVSA-2011:175
http://www.mandriva.com/security/
_______________________________________________________________________
Package : poppler
Date : November 15, 2011
Affected: Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap.
CVE-2009-0165
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as
used in Poppler and other products, when running on Mac OS X, has
unspecified impact, related to "g*allocn."
CVE-2009-0166
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Poppler: Two buffer overflow vulnerabilities
Date: September 19, 2007
Bugs: #188863
ID: 200709-12
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
related to (1) Decrypt.cxx, (2) FoFiTrueType.cxx, (3) gmem.c,
(4) JBIG2Stream.cxx, and (5) PSOutputDev.cxx in pdftops/. NOTE:
the JBIG2Stream.cxx vector may overlap CVE-2009-1179. (CVE-2009-0791)
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier,
Poppler before 0.10.6, and other products allows remote attackers to
cause a denial of service (crash) via a crafted PDF file that triggers
an out-of-bounds read. (CVE-2009-0799)
Multiple input validation flaws in the JBIG2 decoder in Xpdf 3.02pl2
and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and
Mandriva Linux Security Advisory MDVSA-2010:055
http://www.mandriva.com/security/
_______________________________________________________________________
Package : poppler
Date : March 4, 2010
Affected: 2008.0
_______________________________________________________________________
Problem Description:
#2009-016 Poppler, Xpdf integer overflows during heap allocation
Description:
Poppler and Xpdf are two popular open source projects for processing PDF
files. Both projects are vulnerable to an integer overflow during heap
memory allocation when processing a PDF file. In general, this results
in unexpected process termination. If an application using this code is
multi-threaded (or uses a crash signal handler), it may be possible to
execute arbitrary code.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Poppler, KDE: User-assisted execution of arbitrary code
Date: November 18, 2007
Bugs: #196735, #198409
ID: 200711-22
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2008/07/07 #2008-007 libpoppler uninitialized pointer
Description:
The poppler PDF rendering library suffers a memory management bug which leads
to arbitrary code execution.
The vulnerability is present in the Page class constructor/destructor. The
pageWidgets object is not initialized in the Page constructor if specific
Mandriva Linux Security Advisory MDVSA-2010:231
http://www.mandriva.com/security/
_______________________________________________________________________
Package : poppler
Date : November 12, 2010
Affected: 2010.0, 2010.1
_______________________________________________________________________
Problem Description:
Problem Description:
Multiple vulnerabilities has been found and corrected in xpdf:
Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x
before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers
to execute arbitrary code via a crafted PDF document that triggers a
heap-based buffer overflow. NOTE: some of these details are obtained
from third party information. NOTE: this issue reportedly exists
because of an incomplete fix for CVE-2009-1188 (CVE-2009-3603).
Problem Description:
Multiple vulnerabilities has been found and corrected in xpdf:
Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x
before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers
to execute arbitrary code via a crafted PDF document that triggers a
heap-based buffer overflow. NOTE: some of these details are obtained
from third party information. NOTE: this issue reportedly exists
because of an incomplete fix for CVE-2009-1188 (CVE-2009-3603).
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Poppler: User-assisted execution of arbitrary code
Date: July 08, 2008
Bugs: #229931
ID: 200807-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Mandriva Linux Security Advisory MDVSA-2010:230
http://www.mandriva.com/security/
_______________________________________________________________________
Package : poppler
Date : November 12, 2010
Affected: 2009.0, Corporate 4.0, Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
Debian Security Advisory DSA-1480-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
February 05, 2008 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : poppler
Vulnerability : several
Problem type : local(remote)
Debian-specific: no
CVE Id(s) : CVE-2007-4352 CVE-2007-5392 CVE-2007-5393
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Poppler: User-assisted execution of arbitrary code
Date: April 17, 2008
Updated: April 17, 2008
Bugs: #216850
ID: 200804-18:02
Debian Security Advisory DSA 1348-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
August 4th, 2007 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : poppler
Vulnerability : integer overflow
Problem type : local (remote)
Debian-specific: no
CVE ID : CVE-2007-3387
===========================================================
Ubuntu Security Notice USN-850-3 November 02, 2009
poppler vulnerabilities
CVE-2009-3603, CVE-2009-3604, CVE-2009-3607, CVE-2009-3608,
CVE-2009-3609
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 9.10
===========================================================
Ubuntu Security Notice USN-850-2 October 22, 2009
poppler regression
https://launchpad.net/bugs/457985
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
After a standard system upgrade you need to restart KOffice to effect
the necessary changes.
Details follow:
USN-542-1 fixed a vulnerability in poppler. This update provides the
corresponding updates for KWord, part of KOffice.
Original advisory details:
Secunia Research discovered several vulnerabilities in poppler. If a
Debian Security Advisory DSA-2116-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
October 12, 2010 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : poppler
Vulnerability : several
Problem type : local(remote)
Debian-specific: no
CVE Id(s) : CVE-2010-3702 CVE-2010-3704
Debian Bug : 599165
Debian Security Advisory DSA-1941-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
November 25, 2009 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : poppler
Vulnerability : several
Problem type : local(remote)
Debian-specific: no
CVE Id(s) : CVE-2009-0755 CVE-2009-3903 CVE-2009-3904 CVE-2009-3905 CVE-2009-3906 CVE-2009-3907 CVE-2009-3908 CVE-2009-3909 CVE-2009-3938
Mandriva Linux Security Advisory MDVSA-2008:089
http://www.mandriva.com/security/
_______________________________________________________________________
Package : poppler
Date : April 17, 2008
Affected: Corporate 4.0
_______________________________________________________________________
Problem Description:
Debian Security Advisory DSA-1606-1 security@debian.org
http://www.debian.org/security/ Steve Kemp
July 09, 2008 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : poppler
Vulnerability : programming error
Problem type : local
Debian-specific: no
CVE Id(s) : CVE 2008-1693
Debian Bug : 476842
===========================================================
Ubuntu Security Notice USN-542-1 November 14, 2007
poppler vulnerabilities
CVE-2007-4352, CVE-2007-5392, CVE-2007-5393
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 6.10
===========================================================
Ubuntu Security Notice USN-631-1 July 28, 2008
poppler vulnerability
CVE-2008-2950
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 7.10
Ubuntu 8.04 LTS
Mandriva Linux Security Advisory MDKSA-2007:227
http://www.mandriva.com/security/
_______________________________________________________________________
Package : poppler
Date : November 19, 2007
Affected: 2007.1, 2008.0, Corporate 4.0
_______________________________________________________________________
Problem Description:
===========================================================
Ubuntu Security Notice USN-1005-1 October 19, 2010
poppler vulnerabilities
CVE-2010-3702, CVE-2010-3703, CVE-2010-3704
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Next Page>>
|
