Search CVE reports
121 – 130 of 135 results
CVE-2005-3191
Unknown priorityMultiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a)...
9 affected packages
cupsys, gpdf, kdegraphics, koffice, libextractor...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cupsys | — | — | — | — | — |
| gpdf | — | — | — | — | — |
| kdegraphics | — | — | — | — | — |
| koffice | — | — | — | — | — |
| libextractor | — | — | — | — | — |
| pdftohtml | — | — | — | — | — |
| poppler | — | — | — | — | — |
| tetex-bin | — | — | — | — | — |
| xpdf | — | — | — | — | — |
CVE-2005-3193
Unknown priorityHeap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and...
7 affected packages
cupsys, kdegraphics, koffice, pdftohtml, poppler...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cupsys | — | — | — | — | — |
| kdegraphics | — | — | — | — | — |
| koffice | — | — | — | — | — |
| pdftohtml | — | — | — | — | — |
| poppler | — | — | — | — | — |
| tetex-bin | — | — | — | — | — |
| xpdf | — | — | — | — | — |
CVE-2005-2874
Unknown priorityThe is_path_absolute function in scheduler/client.c for the daemon in CUPS before 1.1.23 allows remote attackers to cause a denial of service (CPU consumption by tight loop) via a "..\.." URL in an HTTP request.
1 affected package
cupsys
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cupsys | — | — | — | — | — |
CVE-2005-2097
Low prioritySome fixes available 22 of 23
xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temporary file...
6 affected packages
cups, cupsys, gpdf, kdegraphics, poppler, xpdf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cups | — | — | — | — | — |
| cupsys | — | — | — | — | — |
| gpdf | — | — | — | — | — |
| kdegraphics | — | — | — | — | — |
| poppler | — | — | — | — | — |
| xpdf | — | — | — | — | — |
CVE-2005-0064
Unknown priorityBuffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value.
8 affected packages
cupsys, gpdf, kdegraphics, koffice, libextractor...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cupsys | — | — | — | — | — |
| gpdf | — | — | — | — | — |
| kdegraphics | — | — | — | — | — |
| koffice | — | — | — | — | — |
| libextractor | — | — | — | — | — |
| pdftohtml | — | — | — | — | — |
| tetex-bin | — | — | — | — | — |
| xpdf | — | — | — | — | — |
CVE-2005-0206
Unknown priorityThe patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
3 affected packages
cupsys, tetex-bin, xpdf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cupsys | — | — | — | — | — |
| tetex-bin | — | — | — | — | — |
| xpdf | — | — | — | — | — |
CVE-2004-0923
Unknown priorityCUPS 1.1.20 and earlier records authentication information for a device URI in the error_log file, which allows local users to obtain user names and passwords.
2 affected packages
cupsys, samba
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cupsys | — | — | — | — | — |
| samba | — | — | — | — | — |
CVE-2004-0888
Unknown priorityMultiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code,...
6 affected packages
cupsys, gpdf, kdegraphics, koffice, pdftohtml, tetex-bin
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cupsys | — | — | — | — | — |
| gpdf | — | — | — | — | — |
| kdegraphics | — | — | — | — | — |
| koffice | — | — | — | — | — |
| pdftohtml | — | — | — | — | — |
| tetex-bin | — | — | — | — | — |
CVE-2004-1270
Unknown prioritylppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users...
1 affected package
cupsys
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cupsys | — | — | — | — | — |
CVE-2004-1269
Unknown prioritylppasswd in CUPS 1.1.22 does not remove the passwd.new file if it encounters a file-size resource limit while writing to passwd.new, which causes subsequent invocations of lppasswd to fail.
1 affected package
cupsys
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cupsys | — | — | — | — | — |