Kees Cook discovered a vulnerability in xpdf, a set of tools for display and conversion of Portable Document Format (PDF) files. The Common Vulnerabilities and Exposures project identifies the following problem: Xpdf"s handling of embedded fonts lacks sufficient validation and type checking. If a maliciously crafted PDF file is opened, the vulnerability may allow the execution of arbitrary code with the privileges of the user running xpdf.