CVE-2023-2663: Stack overflow in Xpdf 4.04 due to object loop in PDF page label tree
First published: Thu May 11 2023(Updated: )
In Xpdf 4.04 (and earlier), a PDF object loop in the page label tree leads to infinite recursion and a stack overflow.
Credit: xpdf@xpdfreader.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Xpdfreader Xpdf | <=4.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for the Xpdf stack overflow vulnerability?
The vulnerability ID for the Xpdf stack overflow vulnerability is CVE-2023-2663.
What is the severity rating of CVE-2023-2663?
The severity rating of CVE-2023-2663 is 5.5 out of 10.
How does the Xpdf stack overflow vulnerability affect the software?
The Xpdf stack overflow vulnerability affects Xpdf version 4.04 and earlier.
How can I fix CVE-2023-2663?
To fix CVE-2023-2663, it is recommended to update Xpdf to a version later than 4.04.
Where can I find more information about CVE-2023-2663?
You can find more information about CVE-2023-2663 on the Xpdfreader forum: https://forum.xpdfreader.com/viewtopic.php?t=42421
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/weakness
- agent/references
- agent/title
- agent/description
- agent/tags
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- vendor/xpdfreader
- canonical/xpdfreader xpdf
- version/xpdfreader xpdf/4.04