Описание
In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToType1 in fofi/FoFiType1C.cc when the index number is larger than the charset array bounds. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It allows an attacker to use a crafted pdf file to cause Denial of Service or an information leak, or possibly have unspecified other impact.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | code not present |
| cosmic | ignored | end of life |
| devel | not-affected | code not present |
| disco | not-affected | code not present |
| eoan | not-affected | code not present |
| esm-apps/bionic | not-affected | code not present |
| esm-apps/focal | not-affected | code not present |
| esm-apps/jammy | not-affected | code not present |
| esm-apps/xenial | not-affected | code not present |
| esm-infra-legacy/trusty | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | code not present |
| cosmic | ignored | end of life |
| devel | not-affected | code not present |
| disco | not-affected | code not present |
| eoan | not-affected | code not present |
| esm-apps/bionic | not-affected | code not present |
| esm-apps/focal | not-affected | code not present |
| esm-apps/jammy | not-affected | code not present |
| esm-apps/xenial | not-affected | code not present |
| esm-infra-legacy/trusty | not-affected | code not present |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | 0.62.0-2ubuntu2.8 |
| cosmic | not-affected | 0.68.0-0ubuntu1.6 |
| devel | not-affected | 0.76.1-0ubuntu3 |
| disco | not-affected | 0.74.0-0ubuntu1.1 |
| eoan | not-affected | 0.76.1-0ubuntu3 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | not-affected | 0.62.0-2ubuntu2.8 |
| esm-infra/focal | not-affected | 0.76.1-0ubuntu3 |
| esm-infra/xenial | not-affected | 0.41.0-0ubuntu1.13 |
| focal | not-affected | 0.76.1-0ubuntu3 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | code not present |
| cosmic | ignored | end of life |
| devel | not-affected | code not present |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-apps/bionic | not-affected | code not present |
| esm-apps/jammy | not-affected | code not present |
| esm-apps/xenial | not-affected | code not present |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE |
Показывать по
EPSS
6.8 Medium
CVSS2
7.8 High
CVSS3
Связанные уязвимости
In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToType1 in fofi/FoFiType1C.cc when the index number is larger than the charset array bounds. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It allows an attacker to use a crafted pdf file to cause Denial of Service or an information leak, or possibly have unspecified other impact.
In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C:: ...
In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToType1 in fofi/FoFiType1C.cc when the index number is larger than the charset array bounds. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It allows an attacker to use a crafted pdf file to cause Denial of Service or an information leak, or possibly have unspecified other impact.
EPSS
6.8 Medium
CVSS2
7.8 High
CVSS3