Security holes in numerous PDF applications allow attackers to infect systems with malware.
Developers have also released a patch for the free Xpdf PDF reader that fixes four security problems in version 3.02. Exploits for a buffer overflow and a null pointer dereference hole are already in circulation. Problems in Xpdf usually cause a whole string of vulnerabilities in other applications that are based on its code, for example poppler, CUPS , Gpdf and KPDF.
In CUPS, the holes were reportedly closed in the official version 1.4.1.
Rest Here