logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2019-13282

Description

In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in SampledFunction::transform in Function.cc when using a large index for samples. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an attacker to use a crafted pdf file to cause Denial of Service or an information leak, or possibly have unspecified other impact. #### Notes Author| Note ---|--- [jdstrand](<https://launchpad.net/~jdstrand>) | xpdf in koffice is 2.0 [ebarretto](<https://launchpad.net/~ebarretto>) | since 0.5.12-1 libextractor does not use xpdf anymore.


Affected Package


OS OS Version Package Name Package Version
ubuntu upstream ipe any
ubuntu upstream libextractor any
ubuntu upstream poppler any
ubuntu 22.04 xpdf any
ubuntu 16.04 xpdf any

Related