Vulnerabilities > CVE-2018-18458 - NULL Pointer Dereference vulnerability in Xpdfreader Xpdf 4.00
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
The function DCTStream::decodeImage in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |