DOMPDF prior to 0.6.2 allows remote code execution, a related issue to CVE-2014-2383.
dompdf project dompdf