Denial of Service Vulnerability in xpdf and kpdf via loca Table in PDF Files

Denial of Service Vulnerability in xpdf and kpdf via loca Table in PDF Files

CVE-2005-2097 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:N/A:P

xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temporary file to be created when xpdf attempts to reconstruct the information.

Learn more about our User Device Pen Test.