xpdf -- makeFileKey2() buffer overflow vulnerability

ID F755545E-6FCD-11D9-ABEC-00061BD2D56F
Type freebsd
Reporter FreeBSD
Modified 2005-02-03T00:00:00


An iDEFENSE Security Advisory reports:

Remote exploitation of a buffer overflow vulnerability in the xpdf PDF viewer included in multiple Unix and Linux distributions could allow for arbitrary code execution as the user viewing a PDF file. The vulnerability specifically exists due to insufficient bounds checking while processing a PDF file that provides malicious values in the /Encrypt /Length tag. The offending code can be found in the Decrypt::makeFileKey2 function in the source file xpdf/Decrypt.cc.