Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Red Hat would like to thank Chris Evans for reporting this issue.