CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
96.5%
Secunia reports:
Some vulnerabilities have been reported in Xpdf, which can be
exploited by malicious people to potentially compromise a userβs
system.
A boundary error exists when decoding JBIG2 symbol dictionary
segments. This can be exploited to cause a heap-based buffer
overflow and potentially execute arbitrary code.
Multiple integer overflows in the JBIG2 decoder can be
exploited to potentially execute arbitrary code.
Multiple boundary errors in the JBIG2 decoder can be
exploited to cause buffer overflows and potentially execute
arbitrary code.
Multiple errors in the JBIG2 decoder can be exploited can be
exploited to free arbitrary memory and potentially execute arbitrary
code.
Multiple unspecified input validation errors in the JBIG2 decoder can
be exploited to potentially execute arbitrary code.