CVE-2005-2097

Published: 16 August 2005

xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temporary file to be created when xpdf attempts to reconstruct the information.

Priority

Low

Status

Package Release Status
cups
Launchpad, Ubuntu, Debian
Upstream Needs triage

cupsys
Launchpad, Ubuntu, Debian
Upstream Needs triage

gpdf
Launchpad, Ubuntu, Debian
Upstream Needs triage

kdegraphics
Launchpad, Ubuntu, Debian
Upstream Needs triage

poppler
Launchpad, Ubuntu, Debian
Upstream Needs triage

xpdf
Launchpad, Ubuntu, Debian
Upstream Needs triage