The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in xpdf before 4.00 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JPEG data.
References
Link | Resource |
---|---|
https://forum.xpdfreader.com/viewtopic.php?f=3&t=40842 | Issue Tracking Vendor Advisory |
Configurations
Information
Published : 2018-05-13 17:29
Updated : 2018-06-19 08:25
NVD link : CVE-2018-11033
Mitre link : CVE-2018-11033
JSON object : View
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Products Affected
xpdfreader
- xpdf