Heap-based buffer overflow in the JPXStream::readCodestream function
in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and
earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE
kpdf, (4) CUPS, and (5) libextractor allows user-assisted attackers
to cause a denial of service (heap corruption) and possibly execute
arbitrary code via a crafted PDF file with large size values that
cause insufficient memory to be allocated.
|