Unrated severityNVD Advisory· Published May 9, 2022· Updated Aug 3, 2024
CVE-2022-30524
CVE-2022-30524
Description
There is an invalid memory access in the TextLine class in TextOutputDev.cc in Xpdf 4.0.4 because the text extractor mishandles characters at large y coordinates. It can be triggered by (for example) sending a crafted pdf file to the pdftotext binary, which allows a remote attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact.
Affected products
2Patches
Vulnerability mechanics
References
1- forum.xpdfreader.com/viewtopic.phpmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.