Secunia Research has discovered a vulnerability in KDE Okular, which can be exploited by malicious people to potentially compromise a user’s system. The vulnerability is caused by a boundary error within the RLE decompression in the “TranscribePalmImageToJPEG()” function in generators/plucker/unpluck/image.cpp. This can be exploited to cause a heap-based buffer overflow by e.g. tricking a user into opening a specially crafted PDB file. Version 4.4.5 is affected.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/93129/secunia-kdeokular.txt
Source: https://packetstormsecurity.com/files/93129/KDE-Okular-PDB-Parsing-RLE-Decompression-Buffer-Overflow.html