CVE-2018-16368

Опубликовано: 03 сент. 2018

Источник: debian

EPSS Низкий

Описание

SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
xpdf	unfixed			package

Примечания

Crash in GUI/CLI tool, no security impact

EPSS

Процентиль: 60%

0.00402

Низкий

Связанные уязвимости

CVE-2018-16368

CVSS3: 5.5

ubuntu

больше 7 лет назад

SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.

CVE-2018-16368

CVSS3: 5.5

nvd

больше 7 лет назад

SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.

GHSA-3457-q8h8-jg99

CVSS3: 5.5

github

больше 3 лет назад

SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.

EPSS

Процентиль: 60%

0.00402

Низкий