A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an attacker to cause denial of service via a specific file due to inappropriate decoding.
CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HXpdfreader Xpdf
APPXpdfreader4.00
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
DoS
CWE
Related vulnerabilities
CVE-2021-30860HIGH7.8⚠ KEVten sam produkt
An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-...
CVE-2021-36493HIGH7.5ten sam produkt
Buffer Overflow vulnerability in pdfimages in xpdf 4.03 allows attackers to crash the application via crafted ...
CVE-2022-38222HIGH7.8ten sam produkt
There is a use-after-free issue in JBIG2Stream::close() located in JBIG2Stream.cc in Xpdf 4.04. It can be trig...
CVE-2022-38928HIGH7.8ten sam produkt
XPDF 4.04 is vulnerable to Null Pointer Dereference in FoFiType1C.cc:2393.
CVE-2022-38171HIGH7.8ten sam produkt
Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg()...