Описание
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| poppler | fixed | 0.4.3-2 | package | |
| kdegraphics | fixed | 4:3.5.0-3 | package | |
| xpdf | fixed | 3.01-4 | package | |
| gpdf | fixed | 2.10.0-2 | package | |
| koffice | fixed | 1:1.4.2-6 | package | |
| libextractor | fixed | 0.5.9-1 | package | |
| pdfkit.framework | fixed | 0.8-4 | package | |
| pdftohtml | fixed | 0.36-12 | package | |
| cupsys | fixed | 1.1.22-7 | package | |
| cups | fixed | 1.1.22-7 | package | |
| tetex-bin | fixed | 3.0-12 | package |
Примечания
cupsys switched to an external PDF implementation in 1.1.22-7.
tetex-bin switched to poppler in 3.0-12.
EPSS
Связанные уязвимости
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
Уязвимости операционной системы Gentoo Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS