cbcvebase.
CVE-2018-7173
published 2018-02-15

CVE-2018-7173: A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an attacker to cause denial of service via a specific file due to inappropriate decoding.

medium5.5CVSS 3.0
AVLACLPRNUIRSUCNINAH
A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an attacker to cause denial of service via a specific file due to inappropriate decoding.

Affected

2 ranges
VendorProductVersion rangeFixed in
debianxpdf
xpdfreaderxpdf

CVSS provenance

nvdv3.05.5MEDIUMCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
osv5.5MEDIUM