FreshPorts - VuXML
This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-11-19 19:12:13 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68
These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
0e43a14d-3f3f-11dc-a79a-0016179b2dd5 | xpdf -- stack based buffer overflow
The KDE Team reports:
kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains
a vulnerability that can cause a stack based buffer overflow
via a PDF file that exploits an integer overflow in
StreamPredictor::StreamPredictor(). Remotely supplied
pdf files can be used to disrupt the kpdf viewer on
the client machine and possibly execute arbitrary code.
Discovery 2007-07-30 Entry 2007-07-31 Modified 2009-04-29 xpdf
< 3.02_2
kdegraphics
< 3.5.7_1
cups-base
< 1.2.11_3
gpdf
> 0
pdftohtml
< 0.39_3
poppler
< 0.5.9_4
25124
CVE-2007-3387
http://www.kde.org/info/security/advisory-20070730-1.txt
|
2747fc39-915b-11dc-9239-001c2514716c | xpdf -- multiple remote Stream.CC vulnerabilities
Secunia Research reports:
Secunia Research has discovered some vulnerabilities in Xpdf,
which can be exploited by malicious people to compromise a user's
system.
- An array indexing error within the
"DCTStream::readProgressiveDataUnit()" method in xpdf/Stream.cc
can be exploited to corrupt memory via a specially crafted PDF
file.
- An integer overflow error within the "DCTStream::reset()"
method in xpdf/Stream.cc can be exploited to cause a heap-based
buffer overflow via a specially crafted PDF file.
- A boundary error within the "CCITTFaxStream::lookChar()" method
in xpdf/Stream.cc can be exploited to cause a heap-based buffer
overflow by tricking a user into opening a PDF file containing a
specially crafted "CCITTFaxDecode" filter.
Successful exploitation may allow execution of arbitrary code.
Discovery 2007-11-07 Entry 2007-11-12 Modified 2007-11-14 cups-base
< 1.3.3_2
gpdf
> 0
kdegraphics
< 3.5.8_1
koffice
< 1.6.3_3,2
poppler
< 0.6
xpdf
< 3.02_5
26367
CVE-2007-4352
CVE-2007-5392
CVE-2007-5393
|