VYPR
Unrated severityNVD Advisory· Published Aug 16, 2005· Updated Jun 16, 2026

CVE-2005-2097

CVE-2005-2097

Description

xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temporary file to be created when xpdf attempts to reconstruct the information.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • cpe:2.3:a:kde:kpdf:*:*:*:*:*:*:*:*
  • Xpdf/Xpdf4 versions
    cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:xpdf:xpdf:3.0_pl2:*:*:*:*:*:*:*
    • cpe:2.3:a:xpdf:xpdf:3.0_pl3:*:*:*:*:*:*:*
    • (no CPE)
  • kpdf/kpdfllm-fuzzy

Patches

Vulnerability mechanics

References

22

News mentions

0

No linked articles in our index yet.