Heap-based buffer overflow in Splash.cc in xpdf, as used in other
products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4)
pdfkit.framework, and others, allows attackers to cause a denial of
service and possibly execute arbitrary code via crafted splash images
that produce certain values that exceed the width or height of the
associated bitmap.
|