Multiple PDF parsing library security vulnerabilities - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Multiple PDF parsing library security vulnerabilities
updated since 22.10.2004
Published: 01.02.2006
Source: BUGTRAQ
SecurityVulns ID: 4109
Type: library
Level: 7/10
Description: Multiple vulnerabilities including heap corruption, buffer overflows.

Affected: CUPS : cups 1.1
KDE : KDE 3.2
CLEARSWIFT : MIMEsweeper 5.0
KDE : KDE 3.3
XPDF : xpdf 3.0
GNOME : gpdf 0.112
TETEX : tetex 2.0
TETEX : pTeX 3.1
TETEX : CSTeX 2.0
ADOBE : Acrobat Reader 7.0
LIBEXTRACTOR : libextractor 0.4
POPPLER : poppler 0.4
XPDF : xpdf 3.01
GPDF : GPdf 2.10
PDFTOHTML : pdftohtml 0.36
GNUSTEP : PDFKit Framework 0.8
APPLE : Preview.app 3.0

Original document MOAB, MOAB-06-01-2007: Multiple Vendor PDF Document Catalog Handling Vulnerability (21.01.2007)

KDE, [KDE Security Advisory] kpdf of KDE 3.3.x heap based buffer overflow (10.03.2006)

DEBIAN, [Full-disclosure] [SECURITY] [DSA 961-1] New pdfkit.framework packages fix arbitrary code execution (01.02.2006)

GENTOO, [ GLSA 200601-17 ] Xpdf, Poppler, GPdf, libextractor, pdftohtml: Heap overflows (01.02.2006)

document SECUNIA, [SA18677] Xpdf PDF Splash Image Handling Vulnerability (01.02.2006)

MANDRIVA, MDKSA-2006:005 - Updated xpdf packages fix several vulnerabilities (07.01.2006)

IDEFENSE, iDefense Security Advisory 12.05.05: Multiple Vendor xpdf StreamPredictor Heap Overflow Vulnerability (06.12.2005)

document IDEFENSE, iDefense Security Advisory 12.05.05: Multiple Vendor xpdf DCTStream Progressive Heap Overflow (06.12.2005)

IDEFENSE, iDefense Security Advisory 12.05.05: Multiple Vendor xpdf JPX Stream Reader Heap Overflow Vulnerability (06.12.2005)

IDEFENSE, iDefense Security Advisory 12.05.05: Multiple Vendor xpdf DCTStream Baseline Heap Overflow Vulnerability (06.12.2005)

document UBUNTU, [USN-163-1] xpdf vulnerability (10.08.2005)

GENTOO, [ GLSA 200506-06 ] libextractor: Multiple overflow vulnerabilities (10.06.2005)

GENTOO, [ GLSA 200501-31 ] teTeX, pTeX, CSTeX: Multiple vulnerabilities (26.01.2005)

IDEFENSE, iDEFENSE Security Advisory 01.18.05 - Multiple Unix/Linux Vendor Xpdf makeFileKey2 Stack Overflow (19.01.2005)

document KDE, KDE Security Advisory: kpdf Buffer Overflow Vulnerability (30.12.2004)

IDEFENSE, iDEFENSE Security Advisory 12.21.04: Multiple Vendor xpdf PDF Viewer Buffer Overflow Vulnerability (22.12.2004)

SECUNIA, [SA13411] MIMEsweeper for SMTP PDF File Processing Denial of Service (11.12.2004)

document MANDRAKE, MDKSA-2004:116 - Updated cups packages fix DoS vulnerabilities (22.10.2004)

MANDRAKE, MDKSA-2004:114 - Updated gpdf packages fix DoS vulnerability (22.10.2004)

KDE, [KDE security advisory] Multiple integer overflows in kpdf (22.10.2004)

Discuss: Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod