CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-9877

There is an invalid memory access vulnerability in the function TextPage::findGaps() located at TextOutputDev.c in Xpdf 4.01, which can (for example) be triggered by sending a crafted pdf file to the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 44.7%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 6.8

References

https://forum.xpdfreader.com/viewtopic.php?f=3&t=41265
https://research.loginsoft.com/bugs/invalid-memory-access-in-textpagefindgaps-xpdf-4-01/
https://forum.xpdfreader.com/viewtopic.php?f=3&t=41265
https://research.loginsoft.com/bugs/invalid-memory-access-in-textpagefindgaps-xpdf-4-01/

Products affected by CVE-2019-9877

Xpdfreader » Xpdf » Version: 4.0.1

cpe:2.3:a:xpdfreader:xpdf:4.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-9877

Products

Pricing

Contact Us