Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-2664

In Xpdf 4.04 (and earlier), a PDF object loop in the embedded file tree leads to infinite recursion and a stack overflow.

Published

2023-05-11T21:15:10.137

Last Modified

2024-11-21T07:59:02.050

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 2.9 (LOW)

Weaknesses

Type: Secondary
CWE-674
Type: Primary
CWE-674

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	xpdfreader	xpdf	≤ 4.04	Yes

References

https://forum.xpdfreader.com/viewtopic.php?t=42422 Exploit ([email protected])
https://forum.xpdfreader.com/viewtopic.php?t=42422 Exploit (af854a3a-2127-422b-91ae-364da2661108)