DescriptionXpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2021-30860 (Apple CoreGraphics).
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more)


NOT-FOR-US: xpdf (relevant issue for Poppler tracked as CVE-2022-38784)
This is CVE-2021-30860 in Apple CoreGraphics and CVE-2022-38171 in xpdf

Search for package or bug name: Reporting problems