logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2020-25725

Description

In Xpdf 4.02, SplashOutputDev::endType3Char(GfxState *state) SplashOutputDev.cc:3079 is trying to use the freed `t3GlyphStack->cache`, which causes an `heap-use-after-free` problem. The codes of a previous fix for nested Type 3 characters wasn't correctly handling the case where a Type 3 char referred to another char in the same Type 3 font.


Affected Package


OS OS Version Package Name Package Version
Debian 12 xpdf 3.04+git20220601-1
Debian 11 xpdf 3.04+git20210103-3
Debian 10 xpdf 3.04-13
Debian 999 xpdf 3.04+git20220601-1
Debian 9 xpdf 3.04-4

Related