Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Xpdf
(Xpdf)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 26 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2005-01-27 | CVE-2004-0889 | Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888. | Debian_linux, Cups, Linux, Gpdf, Kde, Koffice, Kpdf, Pdftohtml, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux_advanced_workstation, Suse_linux, Tetex, Ubuntu_linux, Xpdf | N/A | ||
| 2005-01-27 | CVE-2004-0888 | Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889. | Debian_linux, Cups, Linux, Gpdf, Kde, Koffice, Kpdf, Pdftohtml, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux_advanced_workstation, Suse_linux, Tetex, Ubuntu_linux, Xpdf | N/A | ||
| 2003-07-24 | CVE-2003-0434 | Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink. | Acrobat, Mandrake_linux, Mandrake_linux_corporate_server, Enterprise_linux, Linux, Linux_advanced_workstation, Xpdf | N/A | ||
| 2003-01-02 | CVE-2002-1384 | Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf. | Cups, Xpdf | N/A | ||
| 2000-10-20 | CVE-2000-0728 | xpdf PDF viewer client earlier than 0.91 allows local users to overwrite arbitrary files via a symlink attack. | Xpdf | N/A | ||
| 2000-10-20 | CVE-2000-0727 | xpdf PDF viewer client earlier than 0.91 does not properly launch a web browser for embedded URL's, which allows an attacker to execute arbitrary commands via a URL that contains shell metacharacters. | Xpdf | N/A |