USN-4642-1: PDFResurrect vulnerability
24 November 2020
PDFResurrect could be made to crash or run programs as your login if it opened a specially crafted file.
- pdfresurrect - tool for extracting versioning data from PDF documents
It was discovered that PDFResurrect incorrectly handled certain memory
operations during PDF summary generation. An attacker could use this to
cause out-of-bounds writes, resulting in a denial of service (system crash)
or arbitrary code execution.