FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  321237
Date:      2013-06-19
Time:      11:08:02Z
Committer: cs

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
8581189c-bd5f-11de-8709-0017a4cccfc6	Xpdf -- Multiple Vulnerabilities SecurityFocus reports: Some vulnerabilities have been reported in Xpdf, which can be exploited by malicious people to potentially compromise a user's system. 1) Multiple integer overflows in "SplashBitmap::SplashBitmap()" can be exploited to cause heap-based buffer overflows. 2) An integer overflow error in "ObjectStream::ObjectStream()" can be exploited to cause a heap-based buffer overflow. 3) Multiple integer overflows in "Splash::drawImage()" can be exploited to cause heap-based buffer overflows. 4) An integer overflow error in "PSOutputDev::doImageL1Sep()" can be exploited to cause a heap-based buffer overflow when converting a PDF document to a PS file. Successful exploitation of the vulnerabilities may allow execution of arbitrary code by tricking a user into opening a specially crafted PDF file. Discovery 2009-10-14 Entry 2009-10-20 xpdf lt 3.02_11 http://www.securityfocus.com/archive/1/507261 http://secunia.com/advisories/37053/
2747fc39-915b-11dc-9239-001c2514716c	xpdf -- multiple remote Stream.CC vulnerabilities Secunia Research reports: Secunia Research has discovered some vulnerabilities in Xpdf, which can be exploited by malicious people to compromise a user's system. An array indexing error within the "DCTStream::readProgressiveDataUnit()" method in xpdf/Stream.cc can be exploited to corrupt memory via a specially crafted PDF file. An integer overflow error within the "DCTStream::reset()" method in xpdf/Stream.cc can be exploited to cause a heap-based buffer overflow via a specially crafted PDF file. A boundary error within the "CCITTFaxStream::lookChar()" method in xpdf/Stream.cc can be exploited to cause a heap-based buffer overflow by tricking a user into opening a PDF file containing a specially crafted "CCITTFaxDecode" filter. Successful exploitation may allow execution of arbitrary code. Discovery 2007-11-07 Entry 2007-11-12 Modified 2007-11-14 cups-base lt 1.3.3_2 gpdf gt 0 kdegraphics lt 3.5.8_1 koffice lt 1.6.3_3,2 poppler lt 0.6 xpdf lt 3.02_5 26367 CVE-2007-4352 CVE-2007-5392 CVE-2007-5393
8581189c-bd5f-11de-8709-0017a4cccfc6	Xpdf -- Multiple Vulnerabilities SecurityFocus reports: Some vulnerabilities have been reported in Xpdf, which can be exploited by malicious people to potentially compromise a user's system. 1) Multiple integer overflows in "SplashBitmap::SplashBitmap()" can be exploited to cause heap-based buffer overflows. 2) An integer overflow error in "ObjectStream::ObjectStream()" can be exploited to cause a heap-based buffer overflow. 3) Multiple integer overflows in "Splash::drawImage()" can be exploited to cause heap-based buffer overflows. 4) An integer overflow error in "PSOutputDev::doImageL1Sep()" can be exploited to cause a heap-based buffer overflow when converting a PDF document to a PS file. Successful exploitation of the vulnerabilities may allow execution of arbitrary code by tricking a user into opening a specially crafted PDF file. Discovery 2009-10-14 Entry 2009-10-20 xpdf lt 3.02_11 http://www.securityfocus.com/archive/1/507261 http://secunia.com/advisories/37053/
a21037d5-2c38-11de-ab3b-0017a4cccfc6	xpdf -- multiple vulnerabilities Secunia reports: Some vulnerabilities have been reported in Xpdf, which can be exploited by malicious people to potentially compromise a user's system. A boundary error exists when decoding JBIG2 symbol dictionary segments. This can be exploited to cause a heap-based buffer overflow and potentially execute arbitrary code. Multiple integer overflows in the JBIG2 decoder can be exploited to potentially execute arbitrary code. Multiple boundary errors in the JBIG2 decoder can be exploited to cause buffer overflows and potentially execute arbitrary code. Multiple errors in the JBIG2 decoder can be exploited can be exploited to free arbitrary memory and potentially execute arbitrary code. Multiple unspecified input validation errors in the JBIG2 decoder can be exploited to potentially execute arbitrary code. Discovery 2009-04-16 Entry 2009-04-18 Modified 2009-04-18 xpdf lt 3.02_11 CVE-2009-0146 CVE-2009-0147 CVE-2009-0166 CVE-2009-0799 CVE-2009-0800 CVE-2009-1179 CVE-2009-1180 CVE-2009-1181 CVE-2009-1182 CVE-2009-1183 http://secunia.com/advisories/34291 http://www.vupen.com/english/advisories/2009/1065
2747fc39-915b-11dc-9239-001c2514716c	xpdf -- multiple remote Stream.CC vulnerabilities Secunia Research reports: Secunia Research has discovered some vulnerabilities in Xpdf, which can be exploited by malicious people to compromise a user's system. An array indexing error within the "DCTStream::readProgressiveDataUnit()" method in xpdf/Stream.cc can be exploited to corrupt memory via a specially crafted PDF file. An integer overflow error within the "DCTStream::reset()" method in xpdf/Stream.cc can be exploited to cause a heap-based buffer overflow via a specially crafted PDF file. A boundary error within the "CCITTFaxStream::lookChar()" method in xpdf/Stream.cc can be exploited to cause a heap-based buffer overflow by tricking a user into opening a PDF file containing a specially crafted "CCITTFaxDecode" filter. Successful exploitation may allow execution of arbitrary code. Discovery 2007-11-07 Entry 2007-11-12 Modified 2007-11-14 cups-base lt 1.3.3_2 gpdf gt 0 kdegraphics lt 3.5.8_1 koffice lt 1.6.3_3,2 poppler lt 0.6 xpdf lt 3.02_5 26367 CVE-2007-4352 CVE-2007-5392 CVE-2007-5393
a21037d5-2c38-11de-ab3b-0017a4cccfc6	xpdf -- multiple vulnerabilities Secunia reports: Some vulnerabilities have been reported in Xpdf, which can be exploited by malicious people to potentially compromise a user's system. A boundary error exists when decoding JBIG2 symbol dictionary segments. This can be exploited to cause a heap-based buffer overflow and potentially execute arbitrary code. Multiple integer overflows in the JBIG2 decoder can be exploited to potentially execute arbitrary code. Multiple boundary errors in the JBIG2 decoder can be exploited to cause buffer overflows and potentially execute arbitrary code. Multiple errors in the JBIG2 decoder can be exploited can be exploited to free arbitrary memory and potentially execute arbitrary code. Multiple unspecified input validation errors in the JBIG2 decoder can be exploited to potentially execute arbitrary code. Discovery 2009-04-16 Entry 2009-04-18 Modified 2009-04-18 xpdf lt 3.02_11 CVE-2009-0146 CVE-2009-0147 CVE-2009-0166 CVE-2009-0799 CVE-2009-0800 CVE-2009-1179 CVE-2009-1180 CVE-2009-1181 CVE-2009-1182 CVE-2009-1183 http://secunia.com/advisories/34291 http://www.vupen.com/english/advisories/2009/1065