A bug discovered in an obscure PDF parsing library back in 2011 is also present in most of today's top PDF viewers, according to German software developer Hanno Böck.
The original bug affected the PDF parser component included with Evince, a document viewer app for Linux. It was discovered by fellow German software developer Andreas Bogk, who helped Evince fixed the flaw, and presented his findings at the 2011 Chaos Communication Camp.
Bogk discovered that PDF documents with a certain structure — PDF files cross-referencing internal xref tables — would cause the Evince app to enter a continuous loop that would take up all of the local CPU's resources, and quickly run out of memory, crashing the Evince app.
The bug was mostly ignored since it was never deemed a major security issue and only affected a small app installed only on Linux desktops.
Full Article.