Xpdfreader Xpdf vulnerabilities

CVE-2018-18455 [MEDIUM] CWE-125 CVE-2018-18455: The GfxImageColorMap class in GfxState.cc in Xpdf 4.00 allows remote attackers to cause a denial of The GfxImageColorMap class in GfxState.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.

CVE-2018-18457 [MEDIUM] CWE-476 CVE-2018-18457: The function DCTStream::readScan in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial The function DCTStream::readScan in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm.

CVE-2018-16369 [MEDIUM] CVE-2018-16369: XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (stack cons XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (stack consumption) via a crafted pdf file, related to AcroForm::scanField, as demonstrated by pdftohtml. NOTE: this might overlap CVE-2018-7453.

CVE-2018-16368 [MEDIUM] CWE-125 CVE-2018-16368: SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00 allows remote attackers to cause a d SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.

CVE-2018-11033 [HIGH] CWE-119 CVE-2018-11033: The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in xpdf before 4.00 allows remot The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in xpdf before 4.00 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JPEG data.

CVE-2018-8100 [HIGH] CWE-787 CVE-2018-8100: The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a specific pdf file, as demonstrated by pdftohtml.

CVE-2018-8101 [MEDIUM] CWE-125 CVE-2018-8101: The JPXStream::inverseTransformLevel function in JPXStream.cc in xpdf 4.00 allows attackers to launc The JPXStream::inverseTransformLevel function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.

CVE-2018-8102 [MEDIUM] CWE-125 CVE-2018-8102: The JBIG2MMRDecoder::getBlackCode function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launch The JBIG2MMRDecoder::getBlackCode function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launch denial of service (buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.

CVE-2018-8107 [MEDIUM] CWE-125 CVE-2018-8107: The JPXStream::close function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of serv The JPXStream::close function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.

CVE-2018-8104 [MEDIUM] CWE-125 CVE-2018-8104: The BufStream::lookChar function in Stream.cc in xpdf 4.00 allows attackers to launch denial of serv The BufStream::lookChar function in Stream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.

CVE-2018-8105 [MEDIUM] CWE-125 CVE-2018-8105: The JPXStream::fillReadBuf function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial o The JPXStream::fillReadBuf function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.

CVE-2018-8106 [MEDIUM] CWE-125 CVE-2018-8106: The JPXStream::readTilePartData function in JPXStream.cc in xpdf 4.00 allows attackers to launch den The JPXStream::readTilePartData function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.

CVE-2018-8103 [MEDIUM] CWE-125 CVE-2018-8103: The JBIG2Stream::readGenericBitmap function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launc The JBIG2Stream::readGenericBitmap function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.

CVE-2018-7453 [MEDIUM] CWE-835 CVE-2018-7453: Infinite recursion in AcroForm::scanField in AcroForm.cc in xpdf 4.00 allows attackers to launch den Infinite recursion in AcroForm::scanField in AcroForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file due to lack of loop checking, as demonstrated by pdftohtml.

CVE-2018-7454 [MEDIUM] CWE-476 CVE-2018-7454: A NULL pointer dereference in XFAForm::scanFields in XFAForm.cc in xpdf 4.00 allows attackers to lau A NULL pointer dereference in XFAForm::scanFields in XFAForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml.

CVE-2018-7452 [MEDIUM] CWE-476 CVE-2018-7452: A NULL pointer dereference in JPXStream::fillReadBuf in JPXStream.cc in xpdf 4.00 allows attackers t A NULL pointer dereference in JPXStream::fillReadBuf in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml.

CVE-2018-7455 [MEDIUM] CWE-125 CVE-2018-7455: An out-of-bounds read in JPXStream::readTilePart in JPXStream.cc in xpdf 4.00 allows attackers to la An out-of-bounds read in JPXStream::readTilePart in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml.

CVE-2018-7173 [MEDIUM] CWE-172 CVE-2018-7173: A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an attacker to cause denial of se A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an attacker to cause denial of service via a specific file due to inappropriate decoding.

CVE-2018-7174 [MEDIUM] CWE-835 CVE-2018-7174: An issue was discovered in xpdf 4.00. An infinite loop in XRef::Xref allows an attacker to cause den An issue was discovered in xpdf 4.00. An infinite loop in XRef::Xref allows an attacker to cause denial of service because loop detection exists only for tables, not streams.

CVE-2018-7175 [MEDIUM] CWE-476 CVE-2018-7175: An issue was discovered in xpdf 4.00. A NULL pointer dereference in readCodestream allows an attacke An issue was discovered in xpdf 4.00. A NULL pointer dereference in readCodestream allows an attacker to cause denial of service via a JPX image with zero components.