Описание
A NULL pointer dereference in JPXStream::fillReadBuf in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml.
Ссылки
- ExploitIssue TrackingVendor Advisory
- ExploitIssue TrackingVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:xpdfreader:xpdf:4.00:*:*:*:*:*:*:*
EPSS
Процентиль: 34%
0.00137
Низкий
5.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-476
Связанные уязвимости
CVSS3: 5.5
ubuntu
почти 8 лет назад
A NULL pointer dereference in JPXStream::fillReadBuf in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml.
CVSS3: 5.5
debian
почти 8 лет назад
A NULL pointer dereference in JPXStream::fillReadBuf in JPXStream.cc i ...
CVSS3: 5.5
github
больше 3 лет назад
A NULL pointer dereference in JPXStream::fillReadBuf in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml.
EPSS
Процентиль: 34%
0.00137
Низкий
5.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-476