Xpdf 4.02 allows stack consumption because of an incorrect subroutine reference in a Type 1C font charstring, related to the FoFiType1C::getOp() function.
References
Link | Resource |
---|---|
https://forum.xpdfreader.com/viewtopic.php?f=3&t=42066 | Exploit Vendor Advisory |
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4ZUU5QG6SSVRTKZTR3A72LDRVZETEI63/ | Mailing List Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VLOYVJSM54IL6I5RY4QTJGRS7PIEG44X/ | Mailing List Third Party Advisory |
Information
Published : 2020-12-25 20:15
Updated : 2021-02-23 08:05
NVD link : CVE-2020-35376
Mitre link : CVE-2020-35376
JSON object : View
CWE
CWE-787
Out-of-bounds Write
Products Affected
xpdfreader
- xpdf
fedoraproject
- fedora