Multiple vulnerabilities in xpdf
| Risk | High |
| Patch available | NO |
| Number of vulnerabilities | 25 |
| CVE-ID | CVE-2018-18650 CVE-2018-18651 CVE-2018-18454 CVE-2018-18455 CVE-2018-18456 CVE-2018-18457 CVE-2018-18458 CVE-2018-18459 CVE-2018-16368 CVE-2018-16369 CVE-2018-11033 CVE-2018-8100 CVE-2018-8101 CVE-2018-8102 CVE-2018-8103 CVE-2018-8104 CVE-2018-8105 CVE-2018-8106 CVE-2018-8107 CVE-2018-7452 CVE-2018-7453 CVE-2018-7454 CVE-2018-7455 CVE-2018-7174 CVE-2018-7175 |
| CWE-ID | CWE-20 CWE-125 CWE-121 CWE-476 CWE-119 CWE-122 CWE-835 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
xpdf Client/Desktop applications / Office applications |
| Vendor | Glyph & Cog |
Security Bulletin
This security bulletin contains information about 25 vulnerabilities.
1) Input validation error
EUVDB-ID: #VU36482
Risk: Medium
CVSSv3.1: 5.1 [AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2018-18650
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows attackers to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can launch a denial of service (Integer Overflow) via a crafted /Size value in a pdf file, as demonstrated by pdftohtml.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsxpdf: 4.00
External linkshttp://exchange.xforce.ibmcloud.com/vulnerabilities/152006
http://forum.xpdfreader.com/viewtopic.php?f=3&t=41219&p=41747#p41747
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Input validation error
EUVDB-ID: #VU36483
Risk: Medium
CVSSv3.1: 5.1 [AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2018-18651
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows attackers to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can launch a denial of service (hang caused by large loop) via a specific pdf file, as demonstrated by pdftohtml.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsxpdf: 4.00
External linkshttp://exchange.xforce.ibmcloud.com/vulnerabilities/152005
http://forum.xpdfreader.com/viewtopic.php?f=3&t=41219&p=41747#p41747
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Out-of-bounds read
EUVDB-ID: #VU36489
Risk: Medium
CVSSv3.1: 5.1 [AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2018-18454
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in CCITTFaxStream::readRow() in Stream.cc in Xpdf 4.00. A remote attacker can perform a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsxpdf: 4.00
External linkshttp://forum.xpdfreader.com/viewtopic.php?f=3&t=41217
http://github.com/TeamSeri0us/pocs/tree/master/xpdf/2018_10_16/pdftoppm
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Out-of-bounds read
EUVDB-ID: #VU36490
Risk: Medium
CVSSv3.1: 5.1 [AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2018-18455
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in The GfxImageColorMap class in GfxState.cc in Xpdf 4.00. A remote attacker can perform a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsxpdf: 4.00
External linkshttp://forum.xpdfreader.com/viewtopic.php?f=3&t=41217
http://github.com/TeamSeri0us/pocs/tree/master/xpdf/2018_10_16/pdftoppm
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Stack-based buffer overflow
EUVDB-ID: #VU36491
Risk: Medium
CVSSv3.1: 5.1 [AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2018-18456
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing a crafted pdf file, as demonstrated by pdftoppm. A remote unauthenticated attacker can trigger stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsxpdf: 4.00
External linkshttp://forum.xpdfreader.com/viewtopic.php?f=3&t=41217
http://github.com/TeamSeri0us/pocs/tree/master/xpdf/2018_10_16/pdftoppm
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) NULL pointer dereference
EUVDB-ID: #VU36492
Risk: Medium
CVSSv3.1: 5.1 [AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2018-18457
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error. A remote attacker can trigger denial of service conditions via a crafted pdf file, as demonstrated by pdftoppm.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsxpdf: 4.00
External linkshttp://forum.xpdfreader.com/viewtopic.php?f=3&t=41217
http://github.com/TeamSeri0us/pocs/tree/master/xpdf/2018_10_16/pdftoppm
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) NULL pointer dereference
EUVDB-ID: #VU36493
Risk: Medium
CVSSv3.1: 5.1 [AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2018-18458
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error. A remote attacker can trigger denial of service conditions via a crafted pdf file, as demonstrated by pdftoppm.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsxpdf: 4.00
External linkshttp://forum.xpdfreader.com/viewtopic.php?f=3&t=41217
http://github.com/TeamSeri0us/pocs/tree/master/xpdf/2018_10_16/pdftoppm
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) NULL pointer dereference
EUVDB-ID: #VU36494
Risk: Medium
CVSSv3.1: 5.1 [AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2018-18459
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error. A remote attacker can trigger denial of service conditions via a crafted pdf file, as demonstrated by pdftoppm.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsxpdf: 4.00
External linkshttp://forum.xpdfreader.com/viewtopic.php?f=3&t=41217
http://github.com/TeamSeri0us/pocs/tree/master/xpdf/2018_10_16/pdftoppm
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Out-of-bounds read
EUVDB-ID: #VU36737
Risk: Medium
CVSSv3.1: 5.1 [AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2018-16368
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00. A remote attacker can perform a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsxpdf: 4.00
External linkshttp://github.com/TeamSeri0us/pocs/tree/master/xpdf
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Input validation error
EUVDB-ID: #VU36738
Risk: Medium
CVSSv3.1: 5.1 [AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2018-16369
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows remote attackers to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can cause a denial of service (stack consumption) via a crafted pdf file, related to AcroForm::scanField, as demonstrated by pdftohtml.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsxpdf: 4.00
External linkshttp://github.com/TeamSeri0us/pocs/tree/master/xpdf
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Buffer overflow
EUVDB-ID: #VU37135
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-11033
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in xpdf before 4.00 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JPEG data.
MitigationInstall update from vendor's website.
Vulnerable software versionsxpdf: 4.00
External linkshttp://forum.xpdfreader.com/viewtopic.php?f=3&t=40842
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Heap-based buffer overflow
EUVDB-ID: #VU37432
Risk: Medium
CVSSv3.1: 7.1 [AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2018-8100
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00. A remote attacker can use a specific pdf file to trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsxpdf: 4.00
External linkshttp://forum.xpdfreader.com/viewtopic.php?f=3&t=652
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Out-of-bounds read
EUVDB-ID: #VU37433
Risk: Medium
CVSSv3.1: 5.1 [AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2018-8101
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform denial of service (DoS) attack.
The vulnerability exists due to a boundary condition when processing a specific pdf file, as demonstrated by pdftohtml within the The JPXStream::inverseTransformLevel function in JPXStream.cc. A remote attacker can create a specially crafted file, pass it to the application, trigger out-of-bounds read error and crash the affected application.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsxpdf: 4.00
External linkshttp://forum.xpdfreader.com/viewtopic.php?f=3&t=652
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Out-of-bounds read
EUVDB-ID: #VU37434
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-8102
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The JBIG2MMRDecoder::getBlackCode function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launch denial of service (buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.
MitigationInstall update from vendor's website.
Vulnerable software versionsxpdf: 4.00
External linkshttp://forum.xpdfreader.com/viewtopic.php?f=3&t=652
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Out-of-bounds read
EUVDB-ID: #VU37435
Risk: Medium
CVSSv3.1: 5.1 [AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2018-8103
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform denial of service (DoS) attack.
The vulnerability exists due to a boundary condition when processing a specific pdf file, as demonstrated by pdftohtml within the The JBIG2Stream::readGenericBitmap function in JBIG2Stream.cc. A remote attacker can create a specially crafted file, pass it to the application, trigger out-of-bounds read error and crash the affected application.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsxpdf: 4.00
External linkshttp://forum.xpdfreader.com/viewtopic.php?f=3&t=652
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Out-of-bounds read
EUVDB-ID: #VU37436
Risk: Medium
CVSSv3.1: 5.1 [AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2018-8104
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform denial of service (DoS) attack.
The vulnerability exists due to a boundary condition when processing a specific pdf file, as demonstrated by pdftohtml within the The BufStream::lookChar function in Stream.cc. A remote attacker can create a specially crafted file, pass it to the application, trigger out-of-bounds read error and crash the affected application.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsxpdf: 4.00
External linkshttp://forum.xpdfreader.com/viewtopic.php?f=3&t=652
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Out-of-bounds read
EUVDB-ID: #VU37437
Risk: Medium
CVSSv3.1: 5.1 [AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2018-8105
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform denial of service (DoS) attack.
The vulnerability exists due to a boundary condition when processing a specific pdf file, as demonstrated by pdftohtml within the The JPXStream::fillReadBuf function in JPXStream.cc. A remote attacker can create a specially crafted file, pass it to the application, trigger out-of-bounds read error and crash the affected application.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsxpdf: 4.00
External linkshttp://forum.xpdfreader.com/viewtopic.php?f=3&t=652
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Out-of-bounds read
EUVDB-ID: #VU37438
Risk: Medium
CVSSv3.1: 5.1 [AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2018-8106
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform denial of service (DoS) attack.
The vulnerability exists due to a boundary condition when processing a specific pdf file, as demonstrated by pdftohtml within the The JPXStream::readTilePartData function in JPXStream.cc. A remote attacker can create a specially crafted file, pass it to the application, trigger out-of-bounds read error and crash the affected application.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsxpdf: 4.00
External linkshttp://forum.xpdfreader.com/viewtopic.php?f=3&t=652
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Out-of-bounds read
EUVDB-ID: #VU37439
Risk: Medium
CVSSv3.1: 5.1 [AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2018-8107
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform denial of service (DoS) attack.
The vulnerability exists due to a boundary condition when processing a specific pdf file, as demonstrated by pdftohtml within the The JPXStream::close function in JPXStream.cc. A remote attacker can create a specially crafted file, pass it to the application, trigger out-of-bounds read error and crash the affected application.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsxpdf: 4.00
External linkshttp://forum.xpdfreader.com/viewtopic.php?f=3&t=652
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) NULL pointer dereference
EUVDB-ID: #VU37485
Risk: Medium
CVSSv3.1: 5.1 [AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2018-7452
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error. A remote attacker can trigger denial of service conditions via a specific pdf file, as demonstrated by pdftohtml.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsxpdf: 4.00
External linkshttp://forum.xpdfreader.com/viewtopic.php?f=3&t=613
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Infinite loop
EUVDB-ID: #VU37486
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-7453
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
Infinite recursion in AcroForm::scanField in AcroForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file due to lack of loop checking, as demonstrated by pdftohtml.
MitigationInstall update from vendor's website.
Vulnerable software versionsxpdf: 4.00
External linkshttp://forum.xpdfreader.com/viewtopic.php?p=814#p814
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) NULL pointer dereference
EUVDB-ID: #VU37487
Risk: Medium
CVSSv3.1: 5.1 [AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2018-7454
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error. A remote attacker can trigger denial of service conditions via a specific pdf file, as demonstrated by pdftohtml.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsxpdf: 4.00
External linkshttp://forum.xpdfreader.com/viewtopic.php?f=3&t=613
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Out-of-bounds read
EUVDB-ID: #VU37488
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-7455
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
An out-of-bounds read in JPXStream::readTilePart in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml.
MitigationInstall update from vendor's website.
Vulnerable software versionsxpdf: 4.00
External linkshttp://forum.xpdfreader.com/viewtopic.php?f=3&t=654&p=819#p819
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Infinite loop
EUVDB-ID: #VU37523
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-7174
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
An issue was discovered in xpdf 4.00. An infinite loop in XRef::Xref allows an attacker to cause denial of service because loop detection exists only for tables, not streams.
MitigationInstall update from vendor's website.
Vulnerable software versionsxpdf: 4.00
External linkshttp://forum.xpdfreader.com/viewtopic.php?f=3&t=605
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) NULL pointer dereference
EUVDB-ID: #VU37524
Risk: Medium
CVSSv3.1: 5.1 [AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2018-7175
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error. A remote attacker can trigger denial of service conditions via a JPX image with zero components.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsxpdf: 4.00
External linkshttp://forum.xpdfreader.com/viewtopic.php?f=3&t=613
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
