Update to version 2.02pl1. From the xpdf website:

  This version includes a small patch that fixes a security hole in
  version 2.02. It was possible to construct a malicious URL link in a
  PDF file which would cause an arbitrary command to be run. The patch
  changes things to that the various characters which can cause trouble
  are escaped (%xx) before calling system(). This patch also changes the
  "launch" link verification dialog to provde a scrolling view of the
  command about to be run when the command string is excessively long.

0 files changed, 0 insertions, 0 deletions