📦

xpdf

Vendor: xpdfreader

Actively Exploited 1 CISA KEV List

PoC / Exploits 2 Code Available

Total RCEs 17 Remote Access

Total CVEs 83 Total Indexed

Avg. EPSS 1.48% Exploit Prob.

Latest CVE CVE-2024-7868 Aug 15

Security Vulnerability Index

Page 9 / 9

7.5 CVSS

CVE-2010-3702

The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference.

EPSS: 7.63%

Severity: HIGH

Nov 05, 2010

6.8 CVSS

CVE-2007-3387

RCE

Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function.

EPSS: 25.21%

Severity: MEDIUM

Jul 30, 2007

Displaying 2 of 83 Total Entries

5 6 7 8 9

Total 9 Sections