Matthias Geerdsen

**Name of the Vulnerable Software and Affected Versions** xpdf versions 3.00 tetex-bin versions prior to the fixed version kpdf versions 3.2.x through 3.2.3 kpdf versions 3.3.x through 3.3.2 cupsys-pstoraster (affected versions not specified) **Description** The issue is related to a buffer overflow in the Gfx::doImage function, which can be triggered by a crafted PDF file, potentially allowing remote attackers to cause a denial of service or execute arbitrary code. Additionally, multiple vulnerabilities in the cupsys-pstoraster package may lead to breaches of confidentiality, integrity, and availability of protected information, with possible remote exploitation. **Recommendations** For xpdf version 3.00, update to a version that fixes the buffer overflow issue in the Gfx::doImage function. For tetex-bin, update to a version that fixes the vulnerabilities. For kpdf versions 3.2.x through 3.2.3 and 3.3.x through 3.3.2, update to a version that fixes the vulnerabilities. For cupsys-pstoraster, at the moment, there is no information about a newer version that contains a fix for this vulnerability.