Foolabs : Security Vulnerabilities (Denial Of Service)

CVSS Scores Greater Than: 0 1 2 3 4 5 6 7 8 9

Sort Results By : Cve Number Descending Cve Number Ascending CVSS Score Descending Number Of Exploits Descending

Copy Results Download Results Select Table

#	CVE ID	CWE ID	Vulnerability Type(s)	Publish Date	Update Date	Score	Gained Access Level	Access	Complexity	Authentication	Conf.	Integ.	Avail.
1	CVE-2011-1554	189	DoS Overflow	2011-03-31	2012-12-18	4.3	None	Remote	Medium	Not required	None	None	Partial
Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid pointer dereference, a different vulnerability than CVE-2011-0764.
2	CVE-2011-1553	399	DoS	2011-03-31	2012-12-18	4.3	None	Remote	Medium	Not required	None	None	Partial
Use-after-free vulnerability in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory write, a different vulnerability than CVE-2011-0764.
3	CVE-2011-1552	119	DoS Overflow	2011-03-31	2012-12-18	4.3	None	Remote	Medium	Not required	None	None	Partial
t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, reads from invalid memory locations, which allows remote attackers to cause a denial of service (application crash) via a crafted Type 1 font in a PDF document, a different vulnerability than CVE-2011-0764.
4	CVE-2010-3704	20	DoS Exec Code Mem. Corr. Bypass	2010-11-05	2012-11-19	6.8	None	Remote	Medium	Not required	Partial	Partial	Partial
The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption.
5	CVE-2010-3702	20	DoS	2010-11-05	2012-11-19	6.8	None	Remote	Medium	Not required	Partial	Partial	Partial
The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference.
6	CVE-2009-3609	189	DoS Overflow	2009-10-21	2012-01-18	4.3	None	Remote	Medium	Not required	None	None	Partial
Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that triggers a NULL pointer dereference or buffer over-read.
7	CVE-2009-3604	399	DoS Exec Code Overflow	2009-10-21	2012-01-18	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document that triggers a NULL pointer dereference or a heap-based buffer overflow.
8	CVE-2009-1183	399	DoS	2009-04-23	2012-01-18	4.3	None	Remote	Medium	Not required	None	None	Partial
The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file.
9	CVE-2009-1181	399	DoS	2009-04-23	2012-01-18	4.3	None	Remote	Medium	Not required	None	None	Partial
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a NULL pointer dereference.
10	CVE-2009-0799	119	DoS Overflow	2009-04-23	2012-01-18	4.3	None	Remote	Medium	Not required	None	None	Partial
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers an out-of-bounds read.
11	CVE-2009-0166	399	DoS	2009-04-23	2010-08-21	4.3	None	Remote	Medium	Not required	None	None	Partial
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory.
12	CVE-2009-0147	189	DoS Overflow	2009-04-23	2010-12-16	4.3	None	Remote	Medium	Not required	None	None	Partial
Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg, (2) JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap.
13	CVE-2009-0146	119	DoS Overflow	2009-04-23	2010-12-21	4.3	None	Remote	Medium	Not required	None	None	Partial
Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and (2) JBIG2Stream::readSymbolDictSeg.

Total number of vulnerabilities : 13 Page : 1 (This Page)