logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2019-13286

Description

In Xpdf 4.01.01, there is a heap-based buffer over-read in the function JBIG2Stream::readTextRegionSeg() located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure.


Affected Package


OS OS Version Package Name Package Version
Debian 12 xpdf 3.04+git20220601-1
Debian 11 xpdf 3.04+git20210103-3
Debian 10 xpdf 3.04-13
Debian 999 xpdf 3.04+git20220601-1

Related