KDE Security Advisory: kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains a buffer overflow that can be triggered by a specially crafted PDF file.
34a96e4ccfc6bc38f130061fe7d69adb1d54fb95e91f6eb8ea657e2605e23145
iDEFENSE Security Advisory 12.21.2004 - Remote exploitation of a buffer overflow vulnerability in the xpdf PDF viewer, as included in multiple Linux distributions, could allow attackers to execute arbitrary code as the user viewing a PDF file. The offending code can be found in the Gfx::doImage() function in the source file xpdf/Gfx.cc.
f6afe7f6a50c802f304a6367c43f84a34223a2a7528a2adb2348b94f3ab6610f