FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  318342
Date:      2013-05-16
Time:      22:46:38Z
Committer: delphij

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
e3e266e9-5473-11d9-a9e7-0001020eed82	xpdf -- buffer overflow vulnerability An iDEFENSE Security Advisory reports: Remote exploitation of a buffer overflow vulnerability in the xpdf PDF viewer, as included in multiple Linux distributions, could allow attackers to execute arbitrary code as the user viewing a PDF file. The offending code can be found in the Gfx::doImage() function in the source file xpdf/Gfx.cc. Discovery 2004-11-23 Entry 2004-12-23 Modified 2005-01-13 xpdf lt 3.00_5 kdegraphics lt 3.3.2_1 gpdf le 2.8.1 teTeX-base le 2.0.2_6 cups-base le 1.1.22.0 koffice le 1.3.5,1 pdftohtml lt 0.36_1 CVE-2004-1125 http://www.idefense.com/application/poi/display?id=172&type=vulnerabilities
0e43a14d-3f3f-11dc-a79a-0016179b2dd5	xpdf -- stack based buffer overflow The KDE Team reports: kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains a vulnerability that can cause a stack based buffer overflow via a PDF file that exploits an integer overflow in StreamPredictor::StreamPredictor(). Remotely supplied pdf files can be used to disrupt the kpdf viewer on the client machine and possibly execute arbitrary code. Discovery 2007-07-30 Entry 2007-07-31 Modified 2009-04-29 xpdf lt 3.02_2 kdegraphics lt 3.5.7_1 cups-base lt 1.2.11_3 gpdf gt 0 pdftohtml lt 0.39_3 poppler lt 0.5.9_4 25124 CVE-2007-3387 http://www.kde.org/info/security/advisory-20070730-1.txt
e3e266e9-5473-11d9-a9e7-0001020eed82	xpdf -- buffer overflow vulnerability An iDEFENSE Security Advisory reports: Remote exploitation of a buffer overflow vulnerability in the xpdf PDF viewer, as included in multiple Linux distributions, could allow attackers to execute arbitrary code as the user viewing a PDF file. The offending code can be found in the Gfx::doImage() function in the source file xpdf/Gfx.cc. Discovery 2004-11-23 Entry 2004-12-23 Modified 2005-01-13 xpdf lt 3.00_5 kdegraphics lt 3.3.2_1 gpdf le 2.8.1 teTeX-base le 2.0.2_6 cups-base le 1.1.22.0 koffice le 1.3.5,1 pdftohtml lt 0.36_1 CVE-2004-1125 http://www.idefense.com/application/poi/display?id=172&type=vulnerabilities
f755545e-6fcd-11d9-abec-00061bd2d56f	xpdf -- makeFileKey2() buffer overflow vulnerability An iDEFENSE Security Advisory reports: Remote exploitation of a buffer overflow vulnerability in the xpdf PDF viewer included in multiple Unix and Linux distributions could allow for arbitrary code execution as the user viewing a PDF file. The vulnerability specifically exists due to insufficient bounds checking while processing a PDF file that provides malicious values in the /Encrypt /Length tag. The offending code can be found in the `Decrypt::makeFileKey2` function in the source file xpdf/Decrypt.cc. Discovery 2005-01-06 Entry 2005-01-26 Modified 2005-02-03 xpdf lt 3.00_6 kdegraphics lt 3.3.2_2 gpdf lt 2.8.3 teTeX-base lt 2.0.2_9 cups-base lt 1.1.23.0_3 koffice lt 1.3.5_2,1 pdftohtml lt 0.36_2 CVE-2005-0064 http://marc.theaimsgroup.com/?l=bugtraq&m=110608898221554 http://www.koffice.org/security/advisory-20050120-1.txt
f755545e-6fcd-11d9-abec-00061bd2d56f	xpdf -- makeFileKey2() buffer overflow vulnerability An iDEFENSE Security Advisory reports: Remote exploitation of a buffer overflow vulnerability in the xpdf PDF viewer included in multiple Unix and Linux distributions could allow for arbitrary code execution as the user viewing a PDF file. The vulnerability specifically exists due to insufficient bounds checking while processing a PDF file that provides malicious values in the /Encrypt /Length tag. The offending code can be found in the `Decrypt::makeFileKey2` function in the source file xpdf/Decrypt.cc. Discovery 2005-01-06 Entry 2005-01-26 Modified 2005-02-03 xpdf lt 3.00_6 kdegraphics lt 3.3.2_2 gpdf lt 2.8.3 teTeX-base lt 2.0.2_9 cups-base lt 1.1.23.0_3 koffice lt 1.3.5_2,1 pdftohtml lt 0.36_2 CVE-2005-0064 http://marc.theaimsgroup.com/?l=bugtraq&m=110608898221554 http://www.koffice.org/security/advisory-20050120-1.txt
0e43a14d-3f3f-11dc-a79a-0016179b2dd5	xpdf -- stack based buffer overflow The KDE Team reports: kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains a vulnerability that can cause a stack based buffer overflow via a PDF file that exploits an integer overflow in StreamPredictor::StreamPredictor(). Remotely supplied pdf files can be used to disrupt the kpdf viewer on the client machine and possibly execute arbitrary code. Discovery 2007-07-30 Entry 2007-07-31 Modified 2009-04-29 xpdf lt 3.02_2 kdegraphics lt 3.5.7_1 cups-base lt 1.2.11_3 gpdf gt 0 pdftohtml lt 0.39_3 poppler lt 0.5.9_4 25124 CVE-2007-3387 http://www.kde.org/info/security/advisory-20070730-1.txt