Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."
Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Red Hat would like to thank Chris Evans for reporting this issue.