Unrated severityNVD Advisory· Published Sep 3, 2020· Updated Aug 4, 2024
CVE-2020-24996
CVE-2020-24996
Description
There is an invalid memory access in the function TextString::~TextString() located in Catalog.cc in Xpdf 4.0.2. It can be triggered by (for example) sending a crafted pdf file to the pdftohtml binary, which allows a remote attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact.
Affected products
2- Xpdf/Xpdfdescription
Patches
Vulnerability mechanics
References
1- forum.xpdfreader.com/viewtopic.phpmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.