MEDIUM🇬🇧 English

CVE-2018-7173

CVSS 5.5v3.0pub. 2018-02-15upd. 2024-11-21

A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an attacker to cause denial of service via a specific file due to inappropriate decoding.

oryginał EN
CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  • Xpdfreader Xpdf

    APP
    Xpdfreader
    4.00
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
DoS
CWE
Referencje

Powiązane podatności

CVE-2021-30860HIGH7.8⚠ KEVten sam produkt

An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-...

CVE-2021-36493HIGH7.5ten sam produkt

Buffer Overflow vulnerability in pdfimages in xpdf 4.03 allows attackers to crash the application via crafted ...

CVE-2022-38222HIGH7.8ten sam produkt

There is a use-after-free issue in JBIG2Stream::close() located in JBIG2Stream.cc in Xpdf 4.04. It can be trig...

CVE-2022-38928HIGH7.8ten sam produkt

XPDF 4.04 is vulnerable to Null Pointer Dereference in FoFiType1C.cc:2393.

CVE-2022-38171HIGH7.8ten sam produkt

Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg()...