Toorto

**Name of the Vulnerable Software and Affected Versions** Xpdf version 4.01.01 **Description** The issue is a heap-based buffer over-read in the `DCTStream::readScan()` function, located at `Stream.cc`. This can be triggered by sending a crafted PDF document to the `pdftops` tool, potentially allowing an attacker to cause Information Disclosure. **Recommendations** For Xpdf version 4.01.01, consider restricting the use of the `pdftops` tool until a patch is available, and avoid processing crafted PDF documents to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Artifex MuPDF version 1.15.0 **Description** The issue is a heap-based buffer overflow in the `fz append display node` function, located at `fitz/list-device.c`, which allows remote attackers to execute arbitrary code via a crafted PDF file. This occurs when a large BDC property name overflows the allocated size of a display list node. **Recommendations** For Artifex MuPDF version 1.15.0, consider disabling the `fz append display node` function until a patch is available to prevent exploitation. Avoid using the affected function to process crafted PDF files. At the moment, there is no information about a newer version that contains a fix for this vulnerability.