CVE-2017-11624

Published
View on NVD ↗
CVSS v3
N/A
CVSS v2
4.3
MEDIUM
Affected
1
PROJECT

Description

A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDFTokenizer::resolveLiteral function in QPDFTokenizer.cc after two consecutive calls to QPDFObjectHandle::parseInternal, aka an "infinite loop."

qpdf/qpdf
qpdf/qpdf
qpdf: A content-preserving PDF document transformer
GitHubGitHub
5.17K