Vulnerabilities > CVE-2018-18651 - Excessive Iteration vulnerability in Xpdfreader Xpdf 4.00
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
An issue was discovered in Xpdf 4.00. catalog->getNumPages() in AcroForm.cc allows attackers to launch a denial of service (hang caused by large loop) via a specific pdf file, as demonstrated by pdftohtml. This is mainly caused by a large number after the /Count field in the file.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |