QwikSec

Security Database

CVE

CWE

Training

CVE-2019-12515

Published: Jun 1, 2019

Modified: Aug 4, 2024

PUBLISHED

Description

There is an out-of-bounds read vulnerability in the function FlateStream::getChar() located at Stream.cc in Xpdf 4.01.01. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure or a denial of service.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/PanguL4b/pocs/tree/master/xpdf/out-of-bounds-read-in-FlateStream__getChar

x_refsource_MISC

FEDORA-2019-a457286734

vendor-advisory

x_refsource_FEDORA

FEDORA-2019-01da705767

vendor-advisory

x_refsource_FEDORA

FEDORA-2019-759ba8202b

vendor-advisory

x_refsource_FEDORA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.