xpdf -- buffer overflow vulnerability

2004-11-23T00:00:00
ID E3E266E9-5473-11D9-A9E7-0001020EED82
Type freebsd
Reporter FreeBSD
Modified 2005-01-13T00:00:00

Description

An iDEFENSE Security Advisory reports:

Remote exploitation of a buffer overflow vulnerability in the xpdf PDF viewer, as included in multiple Linux distributions, could allow attackers to execute arbitrary code as the user viewing a PDF file. The offending code can be found in the Gfx::doImage() function in the source file xpdf/Gfx.cc.