SUSE CVE-2019-13286

In Xpdf 4.01.01, there is a heap-based buffer over-read in the function JBIG2Stream::readTextRegionSeg located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure...

Denial Of Service (DoS)

libpoppler.so is vulnerable to Denial Of Service DoS. The vulnerability exists due to the integer overflow in the readTextRegionSeg function in JBIG2Stream.cc, allowing an attacker to crash the application by providing a maliciously crafted PDF file or JBIG2 image...

poppler:pdf_fuzzer: Use-of-uninitialized-value in JBIG2HuffmanDecoder::buildTable

Project: https://anongit.freedesktop.org/git/poppler/poppler.git Detailed Report: https://oss-fuzz.com/testcase?key=5671762633424896 Project: poppler Fuzzing Engine: libFuzzer Fuzz Target: pdffuzzer Job Type: libfuzzermsanpoppler Platform Id: linux Crash Type: Use-of-uninitialized-value Crash...

CVE-2019-13286

In Xpdf 4.01.01, there is a heap-based buffer over-read in the function JBIG2Stream::readTextRegionSeg located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure...

CVE-2019-13286

In Xpdf 4.01.01, there is a heap-based buffer over-read in the function JBIG2Stream::readTextRegionSeg located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure...

Heap overflow

In Xpdf 4.01.01, there is a heap-based buffer over-read in the function JBIG2Stream::readTextRegionSeg located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure...

CVE-2019-13286

In Xpdf 4.01.01, there is a heap-based buffer over-read in the function JBIG2Stream::readTextRegionSeg located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure...

PT-2019-13238 · Xpdf · Xpdf

Name of the Vulnerable Software and Affected Versions: Xpdf version 4.01.01 Description: The issue is a heap-based buffer over-read in the JBIG2Stream::readTextRegionSeg function, which can be triggered by sending a crafted PDF document to the pdftoppm tool. This might allow an attacker to cause...

poppler/pdf_fuzzer: Use-of-uninitialized-value in JBIG2Stream::readTextRegionSeg

Project: https://anongit.freedesktop.org/git/poppler/poppler.git Detailed report: https://oss-fuzz.com/testcase?key=5747049128001536 Project: poppler Fuzzer: libFuzzerpdffuzzer Fuzz target binary: pdffuzzer Job Type: libfuzzermsanpoppler Platform Id: linux Crash Type: Use-of-uninitialized-value...