VYPR
Unrated severityNVD Advisory· Published Aug 22, 2022· Updated Sep 16, 2024

CVE-2022-38171

CVE-2022-38171

Description

Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIG2Stream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2021-30860 (Apple CoreGraphics).

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Xpdf/Xpdfcpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: <4.04

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.