SUSE CVE-2019-9959

The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo...

poppler: integer overflow in JPXStream::init function leading to memory consumption

The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo...

poppler: integer overflow in JPXStream::init function leading to memory consumption

The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo...

DEBIAN-CVE-2019-9959

The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo...

PT-2019-5843 · Poppler +5 · Poppler +5

Name of the Vulnerable Software and Affected Versions: Poppler version 0.78.0 and earlier Description: The issue is related to the JPXStream::init function, which does not check for negative values of stream length, leading to an Integer Overflow. This allows an attacker to allocate a large memor...