CVE-2009-4035

The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers to execute arbitrary code via a PDF file with a...

Xpdf, GPdf: New integer overflows

Background Xpdf is an open source viewer for Portable Document Format PDF files. GPdf is a Gnome-based PDF viewer that includes some Xpdf code. Description A new integer overflow issue was discovered in Xpdf's Gfx::doImage function. Impact An attacker could entice an user to open a...