The function Object::isName() in Object.h (called from Gfx::opSetFillColorN) in Xpdf 4.00 allows remote malicious users to cause a denial of service (stack-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xpdfreader xpdf 4.00 |