Several flaws were found in in xpdf 4.00. These allows attackers to launch denial of service or possibly have unspecified other impact via a specific pdf file, as demonstrated by pdftohtml.
Created xpdf tracking bugs for this issue:
Affects: fedora-all [bug 1559129]
Affects: epel-all [bug 1559128]