Lucene search
HistoryAug 30, 2022 - 4:15 a.m.
CVE-2022-24106
xpdf
dct
decoder
vulnerability
stream.cc
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
29.7%
In Xpdf prior to 4.04, the DCT (JPEG) decoder was incorrectly allowing the ‘interleaved’ flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc.
Affected configurations
Node
glyphandcogxpdfreaderRange<4.04
Related
debiancve
debiancve
CVE-2022-24106
2022-08-30 04:15:10
veracode
veracode
Integer Overflow
2023-10-09 12:49:01
ubuntucve
ubuntucve
CVE-2022-24106
2022-08-30 00:00:00
osv
osv
CVE-2022-24106
2022-08-30 04:15:10
prion
prion
Integer overflow
2022-08-30 04:15:00
cve
cve
CVE-2022-24106
2022-08-30 04:15:10
alpinelinux
alpinelinux
CVE-2022-24106
2022-08-30 04:15:10
cvelist
cvelist
CVE-2022-24106
2022-04-18 00:00:00
mageia
mageia
Updated xpdf packages fix security vulnerability
2022-09-07 08:27:53
openvas
openvas
Mageia: Security Advisory (MGASA-2022-0320)
2022-09-07 00:00:00
gentoo
gentoo
Xpdf: Multiple Vulnerabilities
2024-05-07 00:00:00
nessus
nessus
GLSA-202405-18 : Xpdf: Multiple Vulnerabilities
2024-05-07 00:00:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
29.7%
Related for NVD:CVE-2022-24106