First published: Thu Nov 08 2007(Updated: )
Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file.
Credit: PSIRT-CNA@flexerasoftware.com
Affected Software | Affected Version | How to fix |
---|---|---|
Xpdf Xpdf | =3.0.1_pl1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.