VYPR
Medium severity5.5NVD Advisory· Published Mar 14, 2018· Updated Jun 17, 2026

CVE-2018-8105

CVE-2018-8105

Description

The JPXStream::fillReadBuf function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml.

Affected products

2
  • Xpdf/Xpdfinferred2 versions
    = 4.00+ 1 more
    • (no CPE)range: = 4.00
    • (no CPE)range: =4.00

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.