Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-2663

In Xpdf 4.04 (and earlier), a PDF object loop in the page label tree leads to infinite recursion and a stack overflow.

Published

2023-05-11T21:15:10.043

Last Modified

2025-01-24T16:15:31.577

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 2.9 (LOW)

Weaknesses

Type: Secondary
CWE-674
Type: Primary
CWE-674
Type: Secondary
CWE-674

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	xpdfreader	xpdf	≤ 4.04	Yes

References

https://forum.xpdfreader.com/viewtopic.php?t=42421 Exploit ([email protected])
https://forum.xpdfreader.com/viewtopic.php?t=42421 Exploit (af854a3a-2127-422b-91ae-364da2661108)