XPDF Loca Table Verification Remote Denial of Service Vulnerability

info
discussion
exploit
solution
references

XPDF Loca Table Verification Remote Denial of Service Vulnerability

The 'xpdf' utility is prone to a remote denial-of-service vulnerability.

The vulnerability presents itself when the application tries to verify the validity of a malformed 'loca' table in PDF files.

This issue can result in disk consumption and can ultimately lead to a denial-of-service condition.

The 'kpdf', 'gpdf', and 'CUPS' utilities are vulnerable to this issue as well.