Headline
CVE-2020-23878: Stack-buffer-overflow-XRef-fetch · Issue #45 · flexpaper/pdf2json
pdf2json v0.71 was discovered to contain a stack buffer overflow in the component XRef::fetch.
Related news
pdf2xml v2.0 was discovered to contain a heap-buffer overflow in the function TextPage::addAttributsNode.
pdf2xml v2.0 was discovered to contain a heap-buffer overflow in the function TextPage::dump.
A NULL pointer dereference in the function TextPage::restoreState of pdf2xml v2.0 allows attackers to cause a denial of service (DoS).
pdf2xml v2.0 was discovered to contain a stack buffer overflow in the component getObjectStream.
pdf2xml v2.0 was discovered to contain a memory leak in the function TextPage::testLinkedText.
TadTools special page parameter does not properly restrict the input of specific characters, thus remote attackers can inject JavaScript syntax without logging in, and further perform reflective XSS attacks.