CVE-2022-38171

Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIG2Stream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2021-30860 (Apple CoreGraphics).
Configurations

Configuration 1 (hide)

cpe:2.3:a:xpdfreader:xpdf:4.04:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-08-22 19:15

Updated : 2024-02-28 19:29


NVD link : CVE-2022-38171

Mitre link : CVE-2022-38171

CVE.ORG link : CVE-2022-38171


JSON object : View

Products Affected

xpdfreader

  • xpdf

freedesktop

  • poppler
CWE
CWE-190

Integer Overflow or Wraparound