There is an invalid memory access in the TextLine class in in Xpdf 4.0.4 because the text extractor mishandles characters at large y coordinates. It allows an attacker to cause Denial of Service or possibly have unspecified other impact. It can be triggered by sending a crafted PDF file to (for example) the pdfimages binary. There is a use-after-free issue in JBIG2Stream::close() located in in Xpdf 4.04. It can be triggered by sending a crafted HTML file to the w3m binary. There is an out-of-bounds write in checkType located in etc.c in w3m 0.5.3. This issue is different from CVE-2018-20230. There is a heap-based buffer overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact. There is a heap-based buffer overflow at the function read_string in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact.Īn issue was discovered in PSPP 1.6.2. A Server-Side Request Forgery issue in Canto Cumulus through 11.1.3 allows attackers to enumerate the internal network, overload network resources, and possibly have unspecified other impact via the server parameter to the /cwc/login login form.Īn issue was discovered in PSPP 1.6.2.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |