Xiaobaozidi

**Name of the Vulnerable Software and Affected Versions** Xpdf versions 4.05 and earlier **Description** The issue is caused by a PDF object loop in a pattern resource, leading to infinite recursion and a stack overflow. This could allow attackers to crash the system or expose data. **Recommendations** For Xpdf versions 4.05 and earlier, patch immediately to prevent potential exploitation. Monitor for exploits and apply the patch as soon as possible to minimize the risk of a stack overflow due to infinite recursion.

**Name of the Vulnerable Software and Affected Versions** Xpdf versions 4.05 and earlier **Description** The issue arises when very large coordinates in a page box cause an integer overflow and divide-by-zero. **Recommendations** For Xpdf versions 4.05 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SignalWire freeswitch versions prior to 1.10.6 **Description** An issue was discovered in the function `sofia handle sip i notify` in `sofia.c`, which may allow attackers to view sensitive information due to an uninitialized value. **Recommendations** For versions prior to 1.10.6, update to version 1.10.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the `sofia handle sip i notify` function until a patch is available.