Headline
CVE-2020-23873: Poc/pdf2xml at master · Aurorainfinity/Poc
pdf2xml v2.0 was discovered to contain a heap-buffer overflow in the function TextPage::dump.
Related news
pdf2xml v2.0 was discovered to contain a heap-buffer overflow in the function TextPage::addAttributsNode.
A NULL pointer dereference in the function TextPage::restoreState of pdf2xml v2.0 allows attackers to cause a denial of service (DoS).
pdf2xml v2.0 was discovered to contain a stack buffer overflow in the component getObjectStream.
pdf2xml v2.0 was discovered to contain a memory leak in the function TextPage::testLinkedText.
pdf2json v0.71 was discovered to contain a stack buffer overflow in the component XRef::fetch.
TadTools special page parameter does not properly restrict the input of specific characters, thus remote attackers can inject JavaScript syntax without logging in, and further perform reflective XSS attacks.