There is an invalid memory access in the TextLine class in TextOutputDev.cc in Xpdf 4.0.4 because the text extractor mishandles characters at large y coordinates. It can be triggered by (for example) sending a crafted pdf file to the pdftotext binary, which allows a remote attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://forum.xpdfreader.com/viewtopic.php?f=3&t=42261 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2022-05-09T18:00:09
Updated: 2024-08-03T06:48:36.389Z
Reserved: 2022-05-09T00:00:00
Link: CVE-2022-30524
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-05-09T18:15:09.343
Modified: 2022-05-18T16:44:06.680
Link: CVE-2022-30524
Redhat
No data.