Debian Security Advisory 1136-1 - infamous41md and Chris Evans discovered several heap based buffer overflows in xpdf, the Portable Document Format (PDF) suite, which are also present in gpdf, the viewer with Gtk bindings, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code.
5c0cf7aefc51b063845696294db059d520a282066b9b9ab668fa4ab4db46465b
Debian Security Advisory DSA 936-1 - infamous41md and Chris Evans discovered several heap based buffer overflows in xpdf, the Portable Document Format (PDF) suite, which is also present in libextractor, a library to extract arbitrary meta-data from files, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code.
05aa3a9e1b59b0e2922805f67a2a0515ad4a563507ef62f6b197bfe5c1fadfe6
Debian Security Advisory DSA 780-1 - A bug has been discovered in the font handling code in xpdf, which is also present in kpdf, the PDF viewer for KDE. A specially crafted PDF file could cause infinite resource consumption, in terms of both CPU and disk space.
ce6384e72221bfe424ed552304717cf159ac00f8e1405d6926e72bc9d892ac06
Gentoo Linux Security Advisory GLSA 200508-08 - Xpdf, Kpdf and GPdf do not handle a broken table of embedded TrueType fonts correctly. After detecting such a table, Xpdf, Kpdf and GPdf attempt to reconstruct the information in it by decoding the PDF file, which causes the generation of a huge temporary file. Versions less than 3.00-r10 are affected.
8c9adaf5bc503b7b7cc86f1fc25ed15c58ef4db9225447aa086a4e614d3f39bb
KDE Security Advisory: kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains a vulnerability that causes it to write a file in $TMPDIR with almost infinite size, which can severly impact system performance. Systems affected are KDE 3.3.1 up to and including KDE 3.4.1.
2be88a931bccf813356cdff44b2770b38780fa147899f88ce3aa27638c7b3866
Ubuntu Security Notice USN-163-1 - xpdf and kpdf does not sufficiently verify the validity of the loca table in PDF files, a table that contains glyph description information for embedded TrueType fonts.
4cc20405aee985285628121077443cc64f7258c718a9298cc2d8e50f1194fb7e