CVE-2005-2097

Name of the Vulnerable Software and Affected Versions: xpdf (affected versions not specified) kpdf (affected versions not specified)

Description: The issue arises from improper validation of the "loca" table in PDF files, allowing local users to cause a denial of service. This can be achieved by creating a PDF file with a "broken" loca table, which in turn causes xpdf to create a large temporary file when attempting to reconstruct the information, resulting in disk consumption and hang.

Recommendations: For xpdf, consider implementing proper validation of the "loca" table in PDF files to prevent the creation of large temporary files. For kpdf, apply similar validation measures to the "loca" table to mitigate the risk of denial of service attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.