漏洞标题
N/A
漏洞描述信息
"某些xpdf版本在3.00之后,用于各种产品,包括(a) pdfkit.framework,(b) gpdf,(c) pdftohtml,和(d) libextractor的未指定漏洞具有未知影响和用户协助攻击 vectors,可能涉及(1) gmem.c,(2) SplashXPathScanner.cc,(3) JBIG2Stream.cc,(4) JPXStream.cc,和/或(5) Stream.cc的错误。 说明:此描述基于Debian建议DSA 979,这是基于在其他漏洞,如CVE-2006-0301和CVE-2005-3624 through CVE-2005-3628被修复后所作的更改。 这些 newer fixes 似乎与安全相关,尽管无法确定它们是否修复特定问题,还是具有防御性质。
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed. Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
XPDF多个未明漏洞
漏洞描述信息
在xpdf 3.00后的某个版本中存在不明漏洞,当使用在包括(a) pdfkit.framework,(b) gpdf,(c) pdftohtml,和(d) libextractor的不同产品中时,会产生不明影响和用户协助式攻击向量,可能在(1) gmem.c,(2) SplashXPathScanner.cc,(3) JBIG2Stream.cc,(4) JPXStream.cc,和/或(5) Stream.cc中会出现相关错误。
CVSS信息
N/A
漏洞类别
授权问题