Vulnerabilities (CVE)

Filtered by vendor Xpdf Subscribe
Total 26 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2004-0889 11 Debian, Easy Software Products, Gentoo and 8 more 16 Debian Linux, Cups, Linux and 13 more 2024-11-20 10.0 HIGH N/A
Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.
CVE-2004-0888 11 Debian, Easy Software Products, Gentoo and 8 more 16 Debian Linux, Cups, Linux and 13 more 2024-11-20 10.0 HIGH N/A
Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889.
CVE-2003-0434 4 Adobe, Mandrakesoft, Redhat and 1 more 7 Acrobat, Mandrake Linux, Mandrake Linux Corporate Server and 4 more 2024-11-20 7.5 HIGH N/A
Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.
CVE-2002-1384 2 Easy Software Products, Xpdf 2 Cups, Xpdf 2024-11-20 7.2 HIGH N/A
Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf.
CVE-2000-0728 1 Xpdf 1 Xpdf 2024-11-20 7.2 HIGH N/A
xpdf PDF viewer client earlier than 0.91 allows local users to overwrite arbitrary files via a symlink attack.
CVE-2000-0727 1 Xpdf 1 Xpdf 2024-11-20 7.6 HIGH N/A
xpdf PDF viewer client earlier than 0.91 does not properly launch a web browser for embedded URL's, which allows an attacker to execute arbitrary commands via a URL that contains shell metacharacters.