There is an invalid memory access in the TextLine class in TextOutputDev.cc in Xpdf 4.0.4 because the text extractor mishandles characters at large y coordinates. It can be triggered by (for example) sending a crafted pdf file to the pdftotext binary, which allows a remote malicious user to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xpdfreader xpdf 4.0.4 |