Note:
This project will be discontinued after December 13, 2021. [more]
2018-09-02
XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (stack consumption) via a crafted pdf file, related to AcroForm::scanField, as demonstrated by pdftohtml. NOTE: this might overlap CVE-2018-7453.
| Products | Xpdf |
| Type | Resource Management Errors (CWE-399) |
| First patch | - None (likely due to unavailable code) |
| Links | https://github.com/TeamSeri0us/pocs/tree/master/xpdf |