Denial of Service : Xpdf <= 4.01.01 Multiple Vulnerabilities

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.113413

Categoría: Denial of Service

Título: Xpdf <= 4.01.01 Multiple Vulnerabilities

Resumen: Xpdf is prone to multiple vulnerabilities.

Descripción: Summary:
Xpdf is prone to multiple vulnerabilities.

Vulnerability Insight:
The following vulnerabilities exist:

- FPE in the function PostScriptFunction::exec at Function.cc for the psOpIdiv case

- FPE in the function PSOutputDev::checkPageSlice at PSOutputDev.cc for nStripes

- FPE in the function Splash::scaleImageYuXu at Splash.cc for x Bresenham parameters

- FPE in the function ImageStream::ImageStream at Stream.cc for nComps

- NULL pointer dereference in the function Gfx::opSetExtGState in Gfx.cc

- FPE in the function PostScriptFunction::exec at Function.cc for the psOpMod case

- FPE in the function Splash::scaleImageYuXu at Splash.cc for y Bresenham parameters

- FPE in the function ImageStream::ImageStream at Stream.cc for nBits

- FPE in the function PostScriptFunction::exec in Function.cc for the psOpRoll case

- A buffer over-read could be triggered in FOFIType1C::convertToType1 in fofi/FoFiType1C.cc when
the index number is larger than the charset array bounds. It can, for example, be triggered by
sending a crafted PDF document to the pdftops tool. It allows an attacker to use a crafted PDF file
to cause a Denial of Service or an information leak, or possibly have unspecified other impact.

- A heap-based buffer over-read could be triggered in FoFiType1C::convertToType0 in fofi/FoFiType1C.cc when
it is trying to access the second privateDicts array element, because the array has only one element allowed.

- integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the 'one byte per line' case

- integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the 'multiple bytes per line' case

- out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 2

- out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 3

- out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 1

- out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 2

- use-after-free in the function JPXStream::fillReadBuf at JPXStream.cc due to an out of bounds read

Vulnerability Impact:
Successful exploitation would allow an attacker to crash the application
or access sensitive information.

Affected Software/OS:
Xpdf through version 4.01.01.

Solution:
Update to version 4.02 or later.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2019-10018
https://forum.xpdfreader.com/viewtopic.php?f=3&t=41276
https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html
https://usn.ubuntu.com/4042-1/
Common Vulnerability Exposure (CVE) ID: CVE-2019-10019
https://forum.xpdfreader.com/viewtopic.php?f=3&t=41275
Common Vulnerability Exposure (CVE) ID: CVE-2019-10020
https://forum.xpdfreader.com/viewtopic.php?f=3&t=41274
Common Vulnerability Exposure (CVE) ID: CVE-2019-10021
Common Vulnerability Exposure (CVE) ID: CVE-2019-10022
https://forum.xpdfreader.com/viewtopic.php?f=3&t=41273
Common Vulnerability Exposure (CVE) ID: CVE-2019-10023
Common Vulnerability Exposure (CVE) ID: CVE-2019-10024
Common Vulnerability Exposure (CVE) ID: CVE-2019-10025
Common Vulnerability Exposure (CVE) ID: CVE-2019-10026
Common Vulnerability Exposure (CVE) ID: CVE-2019-12957
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNIJWRYTCLGV35WGIHYTMMOPEEOOTIPT/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DJJD7X3ES7ZHJUY2R3DAVCJPV23R64VK/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FWEWFUVITPA3Y6F4A5SJSROKYT7PRH7Q/
https://forum.xpdfreader.com/viewtopic.php?f=3&t=41813
Common Vulnerability Exposure (CVE) ID: CVE-2019-12958
https://forum.xpdfreader.com/viewtopic.php?f=3&t=41815
Common Vulnerability Exposure (CVE) ID: CVE-2019-14288
https://forum.xpdfreader.com/viewtopic.php?f=3&t=41851
https://github.com/TeamSeri0us/pocs/tree/master/xpdf/4.01.01
Common Vulnerability Exposure (CVE) ID: CVE-2019-14289
Common Vulnerability Exposure (CVE) ID: CVE-2019-14290
Common Vulnerability Exposure (CVE) ID: CVE-2019-14291
Common Vulnerability Exposure (CVE) ID: CVE-2019-14292
Common Vulnerability Exposure (CVE) ID: CVE-2019-14293
Common Vulnerability Exposure (CVE) ID: CVE-2019-14294

Copyright Copyright (C) 2019 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.113413
Categoría:	Denial of Service
Título:	Xpdf <= 4.01.01 Multiple Vulnerabilities
Resumen:	Xpdf is prone to multiple vulnerabilities.
Descripción:	Summary: Xpdf is prone to multiple vulnerabilities. Vulnerability Insight: The following vulnerabilities exist: - FPE in the function PostScriptFunction::exec at Function.cc for the psOpIdiv case - FPE in the function PSOutputDev::checkPageSlice at PSOutputDev.cc for nStripes - FPE in the function Splash::scaleImageYuXu at Splash.cc for x Bresenham parameters - FPE in the function ImageStream::ImageStream at Stream.cc for nComps - NULL pointer dereference in the function Gfx::opSetExtGState in Gfx.cc - FPE in the function PostScriptFunction::exec at Function.cc for the psOpMod case - FPE in the function Splash::scaleImageYuXu at Splash.cc for y Bresenham parameters - FPE in the function ImageStream::ImageStream at Stream.cc for nBits - FPE in the function PostScriptFunction::exec in Function.cc for the psOpRoll case - A buffer over-read could be triggered in FOFIType1C::convertToType1 in fofi/FoFiType1C.cc when the index number is larger than the charset array bounds. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It allows an attacker to use a crafted PDF file to cause a Denial of Service or an information leak, or possibly have unspecified other impact. - A heap-based buffer over-read could be triggered in FoFiType1C::convertToType0 in fofi/FoFiType1C.cc when it is trying to access the second privateDicts array element, because the array has only one element allowed. - integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the 'one byte per line' case - integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the 'multiple bytes per line' case - out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 2 - out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 3 - out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 1 - out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 2 - use-after-free in the function JPXStream::fillReadBuf at JPXStream.cc due to an out of bounds read Vulnerability Impact: Successful exploitation would allow an attacker to crash the application or access sensitive information. Affected Software/OS: Xpdf through version 4.01.01. Solution: Update to version 4.02 or later. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-10018 https://forum.xpdfreader.com/viewtopic.php?f=3&t=41276 https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html https://usn.ubuntu.com/4042-1/ Common Vulnerability Exposure (CVE) ID: CVE-2019-10019 https://forum.xpdfreader.com/viewtopic.php?f=3&t=41275 Common Vulnerability Exposure (CVE) ID: CVE-2019-10020 https://forum.xpdfreader.com/viewtopic.php?f=3&t=41274 Common Vulnerability Exposure (CVE) ID: CVE-2019-10021 Common Vulnerability Exposure (CVE) ID: CVE-2019-10022 https://forum.xpdfreader.com/viewtopic.php?f=3&t=41273 Common Vulnerability Exposure (CVE) ID: CVE-2019-10023 Common Vulnerability Exposure (CVE) ID: CVE-2019-10024 Common Vulnerability Exposure (CVE) ID: CVE-2019-10025 Common Vulnerability Exposure (CVE) ID: CVE-2019-10026 Common Vulnerability Exposure (CVE) ID: CVE-2019-12957 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNIJWRYTCLGV35WGIHYTMMOPEEOOTIPT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DJJD7X3ES7ZHJUY2R3DAVCJPV23R64VK/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FWEWFUVITPA3Y6F4A5SJSROKYT7PRH7Q/ https://forum.xpdfreader.com/viewtopic.php?f=3&t=41813 Common Vulnerability Exposure (CVE) ID: CVE-2019-12958 https://forum.xpdfreader.com/viewtopic.php?f=3&t=41815 Common Vulnerability Exposure (CVE) ID: CVE-2019-14288 https://forum.xpdfreader.com/viewtopic.php?f=3&t=41851 https://github.com/TeamSeri0us/pocs/tree/master/xpdf/4.01.01 Common Vulnerability Exposure (CVE) ID: CVE-2019-14289 Common Vulnerability Exposure (CVE) ID: CVE-2019-14290 Common Vulnerability Exposure (CVE) ID: CVE-2019-14291 Common Vulnerability Exposure (CVE) ID: CVE-2019-14292 Common Vulnerability Exposure (CVE) ID: CVE-2019-14293 Common Vulnerability Exposure (CVE) ID: CVE-2019-14294
Copyright	Copyright (C) 2019 Greenbone Networks GmbH