Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2005-2097

xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temporary file to be created when xpdf attempts to reconstruct the information.

  • Published: Aug 16, 2005
  • Updated: Apr 13, 2023
  • CVE: CVE-2005-2097
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 2.1
  • AV:L/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Software From Fixed in
xpdf / xpdf 3.0_pl3 3.0_pl3.x
kde / kpdf - -
xpdf / xpdf 3.0_pl2 3.0_pl2.x
xpdf / xpdf 3.0 3.0.x