This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:foolabs:xpdf
Detail
VendorFoolabsFirst view 2009-04-09
ProductXpdfLast view 2011-03-31
VersionTypeApplication
Edition 
Language 
Update 

Activity : Overall

COMMON PLATFORM ENUMERATION : Repartition per Version

CPE NameAffected CVE
cpe:/a:foolabs:xpdf:3.02pl54
cpe:/a:foolabs:xpdf:3.02pl46
cpe:/a:foolabs:xpdf:3.02pl311
cpe:/a:foolabs:xpdf:3.02pl211
cpe:/a:foolabs:xpdf:3.02pl111
Hide | Show 35 More...
CPE NameAffected CVE
cpe:/a:foolabs:xpdf:3.0224
cpe:/a:foolabs:xpdf:3.0122
cpe:/a:foolabs:xpdf:3.0024
cpe:/a:foolabs:xpdf:3.0.18
cpe:/a:foolabs:xpdf:2.0320
cpe:/a:foolabs:xpdf:2.0220
cpe:/a:foolabs:xpdf:2.0120
cpe:/a:foolabs:xpdf:2.0020
cpe:/a:foolabs:xpdf:1.0119
cpe:/a:foolabs:xpdf:1.00a19
cpe:/a:foolabs:xpdf:1.0019
cpe:/a:foolabs:xpdf:0.93c19
cpe:/a:foolabs:xpdf:0.93b19
cpe:/a:foolabs:xpdf:0.93a19
cpe:/a:foolabs:xpdf:0.9319
cpe:/a:foolabs:xpdf:0.92e19
cpe:/a:foolabs:xpdf:0.92d19
cpe:/a:foolabs:xpdf:0.92c19
cpe:/a:foolabs:xpdf:0.92b19
cpe:/a:foolabs:xpdf:0.92a19
cpe:/a:foolabs:xpdf:0.9218
cpe:/a:foolabs:xpdf:0.91c19
cpe:/a:foolabs:xpdf:0.91b19
cpe:/a:foolabs:xpdf:0.91a19
cpe:/a:foolabs:xpdf:0.9119
cpe:/a:foolabs:xpdf:0.9019
cpe:/a:foolabs:xpdf:0.8019
cpe:/a:foolabs:xpdf:0.7a19
cpe:/a:foolabs:xpdf:0.719
cpe:/a:foolabs:xpdf:0.619
cpe:/a:foolabs:xpdf:0.5a19
cpe:/a:foolabs:xpdf:0.519
cpe:/a:foolabs:xpdf:0.419
cpe:/a:foolabs:xpdf:0.319
cpe:/a:foolabs:xpdf:0.219

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
4.3 2011-03-31 CVE-2011-1554 Network Medium None Requ...
4.3 2011-03-31 CVE-2011-1553 Network Medium None Requ...
4.3 2011-03-31 CVE-2011-1552 Network Medium None Requ...
6.8 2011-03-31 CVE-2011-0764 Network Medium None Requ...
6.8 2010-11-05 CVE-2010-3704 Network Medium None Requ...
Hide | Show 19 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
6.8 2010-11-05 CVE-2010-3702 Network Medium None Requ...
4.3 2009-10-21 CVE-2009-3609 Network Medium None Requ...
9.3 2009-10-21 CVE-2009-3608 Network Medium None Requ...
9.3 2009-10-21 CVE-2009-3606 Network Medium None Requ...
9.3 2009-10-21 CVE-2009-3604 Network Medium None Requ...
9.3 2009-10-21 CVE-2009-3603 Network Medium None Requ...
4.3 2009-04-23 CVE-2009-1183 Network Medium None Requ...
7.5 2009-04-23 CVE-2009-1182 Network Low None Requ...
4.3 2009-04-23 CVE-2009-1181 Network Medium None Requ...
6.8 2009-04-23 CVE-2009-1180 Network Medium None Requ...
6.8 2009-04-23 CVE-2009-1179 Network Medium None Requ...
6.8 2009-04-23 CVE-2009-0800 Network Medium None Requ...
4.3 2009-04-23 CVE-2009-0799 Network Medium None Requ...
6.8 2009-04-23 CVE-2009-0195 Network Medium None Requ...
4.3 2009-04-23 CVE-2009-0166 Network Medium None Requ...
10 2009-04-23 CVE-2009-0165 Network Low None Requ...
4.3 2009-04-23 CVE-2009-0147 Network Medium None Requ...
4.3 2009-04-23 CVE-2009-0146 Network Medium None Requ...
6.9 2009-04-09 CVE-2009-1144 Local Medium None Requ...

CWE : Common Weakness Enumeration

%idName
33% (8)CWE-189Numeric Errors
25% (6)CWE-399Resource Management Errors
20% (5)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
16% (4)CWE-20Improper Input Validation
4% (1)CWE-94Failure to Control Generation of Code ('Code Injection')

Oval Markup Language : Definitions

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:9632Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, C...
oval:org.mitre.oval:def:9941Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, ...
oval:org.mitre.oval:def:9778The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and ot...
oval:org.mitre.oval:def:13355USN-973-1 -- koffice vulnerabilities
oval:org.mitre.oval:def:10076Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and proba...
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:10204The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Popple...
oval:org.mitre.oval:def:11323Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and ea...
oval:org.mitre.oval:def:11892Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9...
oval:org.mitre.oval:def:9926The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Popple...
oval:org.mitre.oval:def:9683The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Popple...
oval:org.mitre.oval:def:10735Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlie...
oval:org.mitre.oval:def:7864DSA-1793 kdegraphics -- multiple vulnerabilities
oval:org.mitre.oval:def:7718DSA-1790 xpdf -- multiple vulnerabilities
oval:org.mitre.oval:def:13235DSA-1793-1 kdegraphics -- multiple
oval:org.mitre.oval:def:13119DSA-1790-1 xpdf -- multiple
oval:org.mitre.oval:def:10769The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Po...
oval:org.mitre.oval:def:22616ELSA-2009:0431: kdegraphics security update (Important)
oval:org.mitre.oval:def:21858ELSA-2009:0429: cups security update (Important)
oval:org.mitre.oval:def:9671Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x befor...
oval:org.mitre.oval:def:10969The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl...
oval:org.mitre.oval:def:7836Multiple Security Vulnerabilities in the Solaris GNOME PDF Rendering Librarie...
oval:org.mitre.oval:def:11289Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.0...
oval:org.mitre.oval:def:21897ELSA-2009:0480: poppler security update (Important)
oval:org.mitre.oval:def:9536Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpd...
oval:org.mitre.oval:def:8134Multiple Security Vulnerabilities in the Solaris GNOME PDF Rendering Librarie...

Open Source Vulnerability Database (OSVDB)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
74528t1lib PDF Type 1 Font Handling Invalid Memory Write Use-after-free DoS
74527t1lib PDF Type 1 Font Handling Invalid Memory Location DoS
74526t1lib PDF Type 1 Font Handling Off-by-one Overflow DoS
72302t1lib PDF Type 1 Font Handling Invalid Pointer Code Execution
69064Poppler Gfx::getPos PDF Handling Uninitialized Pointer Dereference DoS
Hide | Show 20 More...
idDescription
69062Poppler fofi/FoFiType1.cc FoFiType1::parse Function Memory Corruption
59184Poppler XRef.cc ObjectStream::ObjectStream Function PDF Handling Overflow
59183Xpdf XRef.cc ObjectStream::ObjectStream Function PDF Handling Overflow
59182Poppler PSOutputDev::doImageL1Sep Function PDF Handling Overflow
59181Xpdf PSOutputDev::doImageL1Sep Function PDF Handling Overflow
59180Poppler Stream.cc ImageStream::ImageStream Function PDF Handling Overflow
59179Xpdf Stream.cc ImageStream::ImageStream Function PDF Handling Overflow
59178Poppler SplashBitmap::SplashBitmap Function PDF Handling Overflow
59177Xpdf SplashBitmap::SplashBitmap Function PDF Handling Overflow
59176Poppler Splash.cc Splash::drawImage Function PDF Handling Arbitrary Code Exec...
59175Xpdf Splash.cc Splash::drawImage Function PDF Handling Arbitrary Code Execution
54497Xpdf on Apple Mac OS X JBIG2 Decoder Unspecified Overflow
54496Xpdf JBIG2 Decoder PDF File Handling Multiple Function Overflows
54495CUPS JBIG2 Decoder PDF File Handling Multiple Function Overflows
54491Xpdf Crafted PDF File JBIG2 Symbol Dictionary Segments Handling Overflow
54490CUPS Crafted PDF File JBIG2 Symbol Dictionary Segments Handling Overflow
54489Xpdf JBIG2 Decoder PDF File Handling Unitialized Memory Free DoS
54488CUPS JBIG2 Decoder PDF File Handling Unitialized Memory Free DoS
54487Poppler JBIG2 Decoder PDF File Handling Out-of-bounds Read DoS
54486Xpdf JBIG2 Decoder PDF File Handling Out-of-bounds Read DoS

OpenVAS Exploits

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-09-10Name : Slackware Advisory SSA:2012-228-01 t1lib
File : nvt/esoft_slk_ssa_2012_228_01.nasl
2012-08-24Name : RedHat Update for tetex RHSA-2012:1201-01
File : nvt/gb_RHSA-2012_1201-01_tetex.nasl
2012-08-24Name : CentOS Update for tetex CESA-2012:1201 centos5
File : nvt/gb_CESA-2012_1201_tetex_centos5.nasl
2012-07-30Name : CentOS Update for t1lib CESA-2012:0062 centos6
File : nvt/gb_CESA-2012_0062_t1lib_centos6.nasl
2012-07-30Name : CentOS Update for kpathsea CESA-2012:0137 centos6
File : nvt/gb_CESA-2012_0137_kpathsea_centos6.nasl
Hide | Show 20 More...
idDescription
2012-07-09Name : RedHat Update for t1lib RHSA-2012:0062-01
File : nvt/gb_RHSA-2012_0062-01_t1lib.nasl
2012-07-09Name : RedHat Update for texlive RHSA-2012:0137-01
File : nvt/gb_RHSA-2012_0137-01_texlive.nasl
2012-03-19Name : Fedora Update for t1lib FEDORA-2012-0289
File : nvt/gb_fedora_2012_0289_t1lib_fc16.nasl
2012-02-11Name : Debian Security Advisory DSA 2388-1 (t1lib)
File : nvt/deb_2388_1.nasl
2012-02-01Name : Fedora Update for t1lib FEDORA-2012-0266
File : nvt/gb_fedora_2012_0266_t1lib_fc15.nasl
2012-01-20Name : Ubuntu Update for t1lib USN-1335-1
File : nvt/gb_ubuntu_USN_1335_1.nasl
2012-01-13Name : Mandriva Update for t1lib MDVSA-2012:004 (t1lib)
File : nvt/gb_mandriva_MDVSA_2012_004.nasl
2012-01-09Name : Mandriva Update for t1lib MDVSA-2012:002 (t1lib)
File : nvt/gb_mandriva_MDVSA_2012_002.nasl
2011-12-23Name : Ubuntu Update for t1lib USN-1316-1
File : nvt/gb_ubuntu_USN_1316_1.nasl
2011-11-18Name : Mandriva Update for poppler MDVSA-2011:175 (poppler)
File : nvt/gb_mandriva_MDVSA_2011_175.nasl
2011-08-09Name : CentOS Update for cups CESA-2009:0429 centos4 i386
File : nvt/gb_CESA-2009_0429_cups_centos4_i386.nasl
2011-08-09Name : CentOS Update for cups CESA-2009:0429 centos5 i386
File : nvt/gb_CESA-2009_0429_cups_centos5_i386.nasl
2011-08-09Name : CentOS Update for xpdf CESA-2009:0430 centos3 i386
File : nvt/gb_CESA-2009_0430_xpdf_centos3_i386.nasl
2011-08-09Name : CentOS Update for xpdf CESA-2009:0430 centos4 i386
File : nvt/gb_CESA-2009_0430_xpdf_centos4_i386.nasl
2011-08-09Name : CentOS Update for kdegraphics CESA-2009:0431 centos4 i386
File : nvt/gb_CESA-2009_0431_kdegraphics_centos4_i386.nasl
2011-08-09Name : CentOS Update for kdegraphics CESA-2009:0431 centos5 i386
File : nvt/gb_CESA-2009_0431_kdegraphics_centos5_i386.nasl
2011-08-09Name : CentOS Update for gpdf CESA-2009:0458 centos4 i386
File : nvt/gb_CESA-2009_0458_gpdf_centos4_i386.nasl
2011-08-09Name : CentOS Update for tetex CESA-2010:0400 centos5 i386
File : nvt/gb_CESA-2010_0400_tetex_centos5_i386.nasl
2011-08-09Name : CentOS Update for poppler CESA-2009:0480 centos5 i386
File : nvt/gb_CESA-2009_0480_poppler_centos5_i386.nasl
2011-08-09Name : CentOS Update for poppler CESA-2010:0749 centos5 i386
File : nvt/gb_CESA-2010_0749_poppler_centos5_i386.nasl

Snort® IPS/IDS

DateDescription
2014-01-10xpdf ObjectStream integer overflow
RuleID : 24266 - Type : FILE-PDF - Revision : 3
2014-01-10CUPS and Xpdf JBIG2 symbol dictionary buffer overflow attempt
RuleID : 17641 - Type : FILE-PDF - Revision : 4
2014-01-10Xpdf Splash DrawImage integer overflow attempt
RuleID : 16355 - Type : FILE-PDF - Revision : 9
2014-01-10XPDF ObjectStream integer overflow
RuleID : 16335 - Type : FILE-PDF - Revision : 8

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-249.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_libpoppler-devel-101016.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_OpenOffice_org-110330.nasl - Type : ACT_GATHER_INFO
2014-02-18Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201402-17.nasl - Type : ACT_GATHER_INFO
2013-10-07Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201310-03.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2013-09-04Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2012-40.nasl - Type : ACT_GATHER_INFO
2013-09-04Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2012-48.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0399.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0400.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0401.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-1201.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-0429.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2009-0430.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-0431.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2009-0458.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0749.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2010-0750.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2010-0751.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2010-0752.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-0480.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0753.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0754.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0755.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0859.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-0062.nasl - Type : ACT_GATHER_INFO