Vulnerabilities > CVE-2018-16369 - Unspecified vulnerability in Xpdfreader Xpdf 4.00

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

xpdfreader

NVD

Published: 2018-09-03

Updated: 2019-10-03

Summary

XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (stack consumption) via a crafted pdf file, related to AcroForm::scanField, as demonstrated by pdftohtml. NOTE: this might overlap CVE-2018-7453.

Vulnerable Configurations

Part	Description	Count
Application	Xpdfreader Xpdfreader Xpdf 4.00	1

References

https://github.com/TeamSeri0us/pocs/tree/master/xpdf