CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-13287

In Xpdf 4.01.01, there is an out-of-bounds read vulnerability in the function SplashXPath::strokeAdjust() located at splash/SplashXPath.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure. This is related to CVE-2018-16368.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 42.5%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 4.3

References

https://github.com/PanguL4b/pocs/tree/master/xpdf/out-of-bounds-read-in-SplashXPath__strokeAdjust
https://github.com/PanguL4b/pocs/tree/master/xpdf/out-of-bounds-read-in-SplashXPath__strokeAdjust

Products affected by CVE-2019-13287

Glyphandcog » Xpdfreader » Version: 4.01.01

cpe:2.3:a:glyphandcog:xpdfreader:4.01.01

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-13287

Products

Pricing

Contact Us