podofo

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description A C++ library to work with the PDF file format
Version 0.9.5-2 [community]

Open

Group Affected Fixed Severity Status Ticket
AVG-216 0.9.5-2 High Vulnerable
Issue Group Severity Remote Type Description
CVE-2017-7994 AVG-216 High Yes Denial of service
The function TextExtractor::ExtractText in TextExtractor.cpp:77 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer...
CVE-2017-7383 AVG-216 High Yes Denial of service
The PdfFontFactory.cpp:195:62 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via...
CVE-2017-7382 AVG-216 High Yes Denial of service
The PdfFontFactory.cpp:200:88 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via...
CVE-2017-7381 AVG-216 High Yes Denial of service
The doc/PdfPage.cpp:609:23 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a...
CVE-2017-7380 AVG-216 High Yes Denial of service
The doc/PdfPage.cpp:614:20 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a...
CVE-2017-7379 AVG-216 High Yes Denial of service
The PoDoFo::PdfSimpleEncoding::ConvertToEncoding function in PdfEncoding.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service...
CVE-2017-7378 AVG-216 High Yes Denial of service
The PoDoFo::PdfPainter::ExpandTabs function in PdfPainter.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-based buffer...
CVE-2017-6842 AVG-216 Medium Yes Denial of service
The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer...
CVE-2017-6841 AVG-216 Medium Yes Denial of service
The GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement function in graphicsstack.h in PoDoFo 0.9.5 allows remote attackers to cause a denial of...
CVE-2017-6840 AVG-216 Medium Yes Denial of service
The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (invalid read) via a...