logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2019-12957

Description

In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToType1 in fofi/FoFiType1C.cc when the index number is larger than the charset array bounds. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It allows an attacker to use a crafted pdf file to cause Denial of Service or an information leak, or possibly have unspecified other impact.


Affected Package


OS OS Version Package Name Package Version
Debian 12 poppler 22.08.0-2.1
Debian 11 poppler 20.09.0-3.1
Debian 10 poppler 0.71.0-5
Debian 999 poppler 22.08.0-2.1
Debian 12 xpdf 3.04+git20220601-1
Debian 11 xpdf 3.04+git20210103-3
Debian 10 xpdf 3.04-13
Debian 999 xpdf 3.04+git20220601-1

Related