xpdf, tetex-bin vulnerabilities

ID USN-48-1
Type ubuntu
Reporter Ubuntu
Modified 2004-12-23T00:00:00


A potential buffer overflow has been found in the xpdf viewer. An insufficient input validation could be exploited by an attacker providing a specially crafted PDF file which, when processed by xpdf, could result in abnormal program termination or the execution of attacker supplied program code with the user’s privileges.

The tetex-bin package contains the affected xpdf code to generate PDF output and process included PDF files, thus is vulnerable as well.