Known Vulnerabilities for products from Xpdf
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Xpdf".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2009-4035 json | The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other l... | 9.3 - HIGH | 2009-12-21 | 2017-09-19 |
| CVE-2007-5393 json | Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers t... | 9.3 - HIGH | 2007-11-08 | 2017-09-29 |
| CVE-2007-5392 json | Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrar... | 9.3 - HIGH | 2007-11-08 | 2017-09-29 |
| CVE-2007-4352 json | Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teT... | 7.6 - HIGH | 2007-11-08 | 2017-09-29 |
| CVE-2007-0104 json | The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0... | 6.8 - MEDIUM | 2007-01-09 | 2018-10-16 |
| CVE-2006-1244 json | Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework,... | Not Provided | 2006-03-15 | 2025-04-03 |
| CVE-2006-0746 json | Certain patches for kpdf do not include all relevant patches from xpdf that were associated with CVE-2005-3627, which allows ... | Not Provided | 2006-03-09 | 2025-04-03 |
| CVE-2006-0301 json | Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4... | Not Provided | 2006-01-30 | 2025-04-03 |
| CVE-2005-3628 json | Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xpdf, as used in products such as gpdf, kpdf, p... | Not Provided | 2005-12-31 | 2025-04-03 |
| CVE-2005-3627 json | Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows ... | Not Provided | 2005-12-31 | 2025-04-03 |
| CVE-2005-3626 json | Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to ... | Not Provided | 2005-12-31 | 2025-04-03 |
| CVE-2005-3625 json | Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to ... | Not Provided | 2005-12-31 | 2025-04-03 |
| CVE-2005-3624 json | The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor,... | Not Provided | 2005-12-31 | 2025-04-03 |
| CVE-2005-3193 json | Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.... | Not Provided | 2005-12-07 | 2025-04-03 |
| CVE-2005-3192 json | Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, ... | Not Provided | 2005-12-08 | 2025-04-03 |
| CVE-2005-3191 json | Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in... | Not Provided | 2005-12-07 | 2025-04-03 |
| CVE-2005-2097 json | xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (... | Not Provided | 2005-08-16 | 2025-04-03 |
| CVE-2005-0206 json | The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on ... | Not Provided | 2005-04-27 | 2025-04-03 |
| CVE-2005-0064 json | Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to exec... | Not Provided | 2005-05-02 | 2025-04-03 |
| CVE-2004-1125 json | Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin an... | Not Provided | 2005-01-10 | 2025-04-03 |