There is an invalid memory access in the TextLine class in TextOutputDev.cc in Xpdf 4.0.4 because the text extractor mishandles characters at large y coordinates. It can be triggered by (for example) sending a crafted pdf file to the pdftotext binary, which allows a remote attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2022-05-09T18:00:09

Updated: 2024-08-03T06:48:36.389Z

Reserved: 2022-05-09T00:00:00

Link: CVE-2022-30524

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2022-05-09T18:15:09.343

Modified: 2022-05-18T16:44:06.680

Link: CVE-2022-30524

cve-icon Redhat

No data.