Vulnerabilities in several PDF applications

Filed under

Security holes in numerous PDF applications allow attackers to infect systems with malware.

Developers have also released a patch for the free Xpdf PDF reader that fixes four security problems in version 3.02. Exploits for a buffer overflow and a null pointer dereference hole are already in circulation. Problems in Xpdf usually cause a whole string of vulnerabilities in other applications that are based on its code, for example poppler, CUPS , Gpdf and KPDF.

In CUPS, the holes were reportedly closed in the official version 1.4.1.

Rest Here