~/products/debian/libextractor

pipeline liveDigest Docs

Debian Libextractor vulnerabilities

29 known vulnerabilities affecting debian/libextractor.

Total CVEs

29

CISA KEV

0

Public exploits

1

Exploited in wild

0

Severity breakdown

CRITICAL3HIGH6MEDIUM10LOW10

Vulnerabilities

Page 2 of 2

CVE-2005-3625CRITICALCVSS 10.0fixed in cups 1.1.22-7 (bookworm)2005

CVE-2005-3625 [CRITICAL] CVE-2005-3625: cups - Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, l... Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins." Scope: local bookworm: resolved (fixed in 1.1.22-7) bullseye: resolved

CVE-2005-3628HIGHCVSS 7.5fixed in cups 1.1.22-7 (bookworm)2005

CVE-2005-3628 [HIGH] CVE-2005-3628: cups - Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xp... Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via unknown attack vectors. Scope: local bookworm: resolved (fixed in 1.1.22-7) bullseye: resolved (fixed in 1.1.22-7) f

CVE-2005-3627HIGHCVSS 7.5fixed in cups 1.1.22-7 (bookworm)2005

CVE-2005-3627 [HIGH] CVE-2005-3627: cups - Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, t... Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via a DCTDecode stream with (1) a large "number of components" value that is not checked by DCTStream::readBaselineSOF or DCTStream::readProgressiveSOF, (2) a large "Huffman table index

CVE-2005-3626MEDIUMCVSS 5.0fixed in cups 1.1.22-7 (bookworm)2005

CVE-2005-3626 [MEDIUM] CVE-2005-3626: cups - Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, l... Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. Scope: local bookworm: resolved (fixed in 1.1.22-7) bullseye: resolved (fixed in 1.1.22-7) forky: resolved (fixed in 1.1.22-7) sid: resolved (fix

CVE-2005-3624MEDIUMCVSS 5.0fixed in cups 1.1.22-7 (bookworm)2005

CVE-2005-3624 [MEDIUM] CVE-2005-3624: cups - The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, p... The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. Scope: local bookworm: resolved (fixed in 1.1.22-7) bullseye: resolved (fixed in 1

CVE-2005-3192LOWCVSS 7.5fixed in cups 1.1.23-13 (bookworm)2005

CVE-2005-3192 [HIGH] CVE-2005-3192: cups - Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used... Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitrary code via a PDF file with an out-of-range numComps (number of components) field. Scope: local bookworm: resolved (fixed i

CVE-2005-2097LOWCVSS 2.1fixed in cups 1.1.22-7 (bookworm)2005

CVE-2005-2097 [LOW] CVE-2005-2097: cups - xpdf and kpdf do not properly validate the "loca" table in PDF files, which allo... xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temporary file to be created when xpdf attempts to reconstruct the information. Scope: local bookworm: resolved (fixed in 1.1.22-7) bullseye: resolved (fixed

CVE-2005-3193LOWCVSS 5.1fixed in cups 1.1.23-13 (bookworm)2005

CVE-2005-3193 [MEDIUM] CVE-2005-3193: cups - Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX ... Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and (5) libextractor allows user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF f

CVE-2005-3191LOWCVSS 5.1fixed in cups 1.1.23-13 (bookworm)2005

CVE-2005-3191 [MEDIUM] CVE-2005-3191: cups - Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF an... Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KDE kpdf, (d) pdftohtml, (e) KOffice KWord, (f) CUPS, and (g) libextractor allow user-assisted attackers to cause a denial

← Previous2 / 2