QwikSec

Security Database

CVE

CWE

Training

CVE-2019-13286

Published: Jul 4, 2019

Modified: Aug 4, 2024

PUBLISHED

Description

In Xpdf 4.01.01, there is a heap-based buffer over-read in the function JBIG2Stream::readTextRegionSeg() located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/PanguL4b/pocs/tree/master/xpdf/heap-buffer-overflow_JBIG2Stream__readTextRegionSeg

x_refsource_MISC

FEDORA-2019-a457286734

vendor-advisory

x_refsource_FEDORA

FEDORA-2019-01da705767

vendor-advisory

x_refsource_FEDORA

FEDORA-2019-759ba8202b

vendor-advisory

x_refsource_FEDORA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.