Description of problem: http://www.idefense.com/advisory/12.23.02.txt describes how to attack pdftops filter used, among other things, by CUPS. That advisory is specifically for a version of xpdf currently in rawhide but it mentions that it applies to all earlier versions as well. It also includes a reference to a patch (although 'indexHighA != indexHighA && 0xff' test would be likely marginally simpler).
known issue, erratum for CUPS and Xpdf packages is in progress
CUPS was released some time ago, xpdf updates were completed last week. http://rhn.redhat.com/errata/RHSA-2003-037.html