Lucene search
PRIOn knowledge basePRION:CVE-2020-25725HistoryNov 21, 2020 - 6:15 a.m.
Heap overflow
2020-11-2106:15:00
PRIOn knowledge base
www.prio-n.com
5
In Xpdf 4.02, SplashOutputDev::endType3Char(GfxState *state) SplashOutputDev.cc:3079 is trying to use the freed t3GlyphStack->cache, which causes an heap-use-after-free problem. The codes of a previous fix for nested Type 3 characters wasn’t correctly handling the case where a Type 3 char referred to another char in the same Type 3 font.
References
bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25725
forum.xpdfreader.com/viewtopic.php?f=3&t=41915
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ZUU5QG6SSVRTKZTR3A72LDRVZETEI63/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VLOYVJSM54IL6I5RY4QTJGRS7PIEG44X/
Related
debiancve
debiancve
CVE-2020-25725
2020-11-21 06:15:12
ubuntucve
ubuntucve
CVE-2020-25725
2020-11-21 00:00:00
nvd
nvd
CVE-2020-25725
2020-11-21 06:15:12
cve
cve
CVE-2020-25725
2020-11-21 06:15:12
veracode
veracode
Denial Of Service (DoS)
2021-04-29 12:51:40
alpinelinux
alpinelinux
CVE-2020-25725
2020-11-21 06:15:12
cvelist
cvelist
CVE-2020-25725
2020-11-21 05:29:54
nessus
nessus
Fedora 33 : 1:xpdf (2021-013d9a30e0)
2021-02-11 00:00:00
Fedora 32 : 1:xpdf (2021-4a437fe032)
2021-02-11 00:00:00
GLSA-202405-18 : Xpdf: Multiple Vulnerabilities
2024-05-07 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2021-0112)
2022-01-28 00:00:00
Fedora: Security Advisory for xpdf (FEDORA-2021-013d9a30e0)
2021-02-11 00:00:00
Fedora: Security Advisory for xpdf (FEDORA-2021-4a437fe032)
2021-02-11 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: xpdf-4.03-1.fc33
2021-02-11 01:43:55
[SECURITY] Fedora 32 Update: xpdf-4.03-1.fc32
2021-02-11 01:53:27
mageia
mageia
Updated xpdf packages fix security vulnerabilities
2021-03-04 19:53:32
gentoo
gentoo
Xpdf: Multiple Vulnerabilities
2024-05-07 00:00:00