Xpdf Xpdf : OVAL Definitions - Class: Vulnerability

Filter: Compliance Inventory Patch Vulnerability All Family: All Windows Unix IOS Pixos
Title Definition Id Class Family
Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler... oval:org.mitre.oval:def:9979 Vulnerability unix
Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-b... oval:org.mitre.oval:def:11781 Vulnerability unix
Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xpdf, as used in products such as gpdf, kp... oval:org.mitre.oval:def:10287 Vulnerability unix
Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-b... oval:org.mitre.oval:def:10830 Vulnerability unix
Certain patches for kpdf do not include all relevant patches from xpdf that were associated with CVE-2005-3627, which al... oval:org.mitre.oval:def:11441 Vulnerability unix
Code Execution Vulnerability in XPDF PDF Viewer oval:org.mitre.oval:def:664 Vulnerability unix
CVE-2004-0888 oval:org.opensuse.security:def:20040888 Vulnerability unix
CVE-2004-0889 oval:org.opensuse.security:def:20040889 Vulnerability unix
CVE-2004-1125 oval:org.opensuse.security:def:20041125 Vulnerability unix
CVE-2005-0064 oval:org.opensuse.security:def:20050064 Vulnerability unix
CVE-2005-3191 oval:org.opensuse.security:def:20053191 Vulnerability unix
CVE-2005-3192 oval:org.opensuse.security:def:20053192 Vulnerability unix
CVE-2007-0104 oval:org.opensuse.security:def:20070104 Vulnerability unix
CVE-2007-3387 oval:org.opensuse.security:def:20073387 Vulnerability unix
CVE-2007-4352 oval:org.opensuse.security:def:20074352 Vulnerability unix
CVE-2007-5392 oval:org.opensuse.security:def:20075392 Vulnerability unix
CVE-2007-5393 oval:org.opensuse.security:def:20075393 Vulnerability unix
CVE-2009-4035 oval:org.opensuse.security:def:20094035 Vulnerability unix
Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpd... oval:org.mitre.oval:def:10850 Vulnerability unix
Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attack... oval:org.mitre.oval:def:9839 Vulnerability unix
Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) te... oval:org.mitre.oval:def:10914 Vulnerability unix
Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xp... oval:org.mitre.oval:def:11440 Vulnerability unix
Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2... oval:org.mitre.oval:def:11149 Vulnerability unix
Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arb... oval:org.mitre.oval:def:10036 Vulnerability unix
Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functio... oval:org.mitre.oval:def:9760 Vulnerability unix
Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphic... oval:org.mitre.oval:def:9714 Vulnerability unix
Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, al... oval:org.mitre.oval:def:10200 Vulnerability unix
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextra... oval:org.mitre.oval:def:9437 Vulnerability unix
The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly ot... oval:org.mitre.oval:def:10996 Vulnerability unix
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architecture... oval:org.mitre.oval:def:11107 Vulnerability unix
Total number of results : 33
Page : 1 (This Page) 2

OVAL Definitions By Referenced Objects

How does it work?   User agreement and privacy statement   About & Contact
CVE is a registred trademark of the MITRE Corporation and the authoritive source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritive source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritive source of OVAL content is MITRE's OVAL web site.
Warning: This site and all data are provided as is. It is not guaranteed that all information is accurate and complete. Use any information provided on this site at your own risk. By using this site you accept that you know that these data are provided as is and not guaranteed to be accurate, correct or complete. All trademarks appearing on this site are the property of their respective owners in the US or other countries. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss. PLEASE SEE nvd.nist.gov and oval.mitre.org for more details about OVAL language and definitions.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor/web site owner/maintainer be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Use of OVAL and all related data is subject to terms of use defined by Mitre at http://oval.mitre.org/oval/about/termsofuse.html