Vulnerabilities > CVE-2018-7174 - Infinite Loop vulnerability in Xpdfreader Xpdf 4.00

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL

Summary

An issue was discovered in xpdf 4.00. An infinite loop in XRef::Xref allows an attacker to cause denial of service because loop detection exists only for tables, not streams.

Vulnerable Configurations

Part Description Count
Application
Xpdfreader
1