Summary: | app-text/xpdf: multiple vulnerabilities ("fixed in xpdf-5") | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | CONFIRMED --- | ||
Severity: | minor | CC: | bircoph |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B3 [upstream] | ||
Package list: | Runtime testing required: | --- |
Description
John Helmert III
2022-07-05 04:03:33 UTC
CVE-2022-38334 (https://forum.xpdfreader.com/viewtopic.php?f=3&t=42314&p=43872): XPDF v4.04 was discovered to contain a stack overflow via the function Catalog::countPageTree() at Catalog.cc. Smells a lot like a duplicate, but very hard to tell with xpdf. CVE-2022-41842 (http://www.xpdfreader.com/download.html): https://forum.xpdfreader.com/viewtopic.php?f=1&t=42340&p=43928&hilit=gfseek#p43928 An issue was discovered in Xpdf 4.04. There is a crash in gfseek(_IO_FILE*, long, int) in goo/gfile.cc. CVE-2022-41844 (http://www.xpdfreader.com/download.html): https://forum.xpdfreader.com/viewtopic.php?f=1&t=42340&p=43928&hilit=gfseek#p43928 https://forum.xpdfreader.com/viewtopic.php?f=3&t=42308&p=43844&hilit=XRef%3A%3Afetch#p43844 An issue was discovered in Xpdf 4.04. There is a crash in XRef::fetch(int, int, Object*, int) in xpdf/XRef.cc, a different vulnerability than CVE-2018-16369 and CVE-2019-16088. Most of these smell like duplicates, really. "All three of those are loops in the PDF object structure. I'm working on a more robust loop detector for Xpdf 5." CVE-2022-43071 (https://forum.xpdfreader.com/viewtopic.php?f=3&t=42349&p=43959#p43959): A stack overflow in the Catalog::readPageLabelTree2(Object*) function of XPDF v4.04 allows attackers to cause a Denial of Service (DoS) via a crafted PDF file. CVE-2022-43295 (https://forum.xpdfreader.com/viewtopic.php?t=42360): XPDF v4.04 was discovered to contain a stack overflow via the function FileStream::copy() at xpdf/Stream.cc:795. As always, "I'm working on a more robust loop detector for Xpdf 5." CVE-2022-27655 (https://launchpad.support.sap.com/#/notes/3143437): When a user opens a manipulated Universal 3D (.u3d, 3difr.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application. CVE-2022-45586 (https://forum.xpdfreader.com/viewtopic.php?t=42361): Stack overflow vulnerability in function Dict::find in xpdf/Dict.cc in xpdf 4.04, allows local attackers to cause a denial of service. CVE-2022-45587 (https://forum.xpdfreader.com/viewtopic.php?t=42361): Stack overflow vulnerability in function gmalloc in goo/gmem.cc in xpdf 4.04, allows local attackers to cause a denial of service. CVE-2021-36493 (https://forum.xpdfreader.com/viewtopic.php?f=3&t=42160): Buffer Overflow vulnerability in pdfimages in xpdf 4.03 allows attackers to crash the application via crafted command. As is tradition, "I'm working on a more robust loop detector for Xpdf 5." CVE-2023-31554 (https://forum.xpdfreader.com/viewtopic.php?t=42421): xpdf pdfimages v4.04 was discovered to contain a stack overflow in the component Catalog::readPageLabelTree2(Object*). This vulnerability allows attackers to cause a Denial of Service (DoS). CVE-2023-31557 (https://forum.xpdfreader.com/viewtopic.php?t=42422&sid=acb8ed31bbd74223e3c4d0fb2552c748): xpdf pdfimages v4.04 was discovered to contain a stack overflow in the component Catalog::readEmbeddedFileTree(Object*). This vulnerability allows attackers to cause a Denial of Service (DoS). As usual, loop checker will be fixed in xpdf 5. CVE-2023-2663 (https://forum.xpdfreader.com/viewtopic.php?t=42421): In Xpdf 4.04 (and earlier), a PDF object loop in the page label tree leads to infinite recursion and a stack overflow. CVE-2023-2664 (https://forum.xpdfreader.com/viewtopic.php?t=42422): In Xpdf 4.04 (and earlier), a PDF object loop in the embedded file tree leads to infinite recursion and a stack overflow. |