Unrated severityNVD Advisory· Published Nov 21, 2020· Updated Aug 4, 2024
CVE-2020-25725
CVE-2020-25725
Description
In Xpdf 4.02, SplashOutputDev::endType3Char(GfxState *state) SplashOutputDev.cc:3079 is trying to use the freed t3GlyphStack->cache, which causes an heap-use-after-free problem. The codes of a previous fix for nested Type 3 characters wasn't correctly handling the case where a Type 3 char referred to another char in the same Type 3 font.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Glyph & Cog/xpdfv5Range: 4.02
Patches
Vulnerability mechanics
References
4- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ZUU5QG6SSVRTKZTR3A72LDRVZETEI63/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VLOYVJSM54IL6I5RY4QTJGRS7PIEG44X/mitrevendor-advisoryx_refsource_FEDORA
- bugzilla.redhat.com/show_bug.cgimitrex_refsource_CONFIRM
- forum.xpdfreader.com/viewtopic.phpmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.