Vulnerabilities > CVE-2019-16927 - Out-of-bounds Write vulnerability in Glyphandcog Xpdf 4.01.01

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
glyphandcog
CWE-787
nessus

Summary

Xpdf 4.01.01 has an out-of-bounds write in the vertProfile part of the TextPage::findGaps function in TextOutputDev.cc, a different vulnerability than CVE-2019-9877.

Vulnerable Configurations

Part Description Count
Application
Glyphandcog
1

Common Weakness Enumeration (CWE)

Nessus

NASL familyFreeBSD Local Security Checks
NASL idFREEBSD_PKG_791E8F79E7D111E98B31206A8A720317.NASL
descriptionXpdf 4.02 fixes two vulnerabilities. Both fixes have been backported to 3.04. An invalid memory access vulnerability in TextPage::findGaps() in Xpdf 4.01 through a crafted PDF document can cause a segfault. An out of bounds write exists in TextPage::findGaps() of Xpdf 4.01.01
last seen2020-06-01
modified2020-06-02
plugin id129661
published2019-10-07
reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/129661
titleFreeBSD : Xpdf -- Multiple Vulnerabilities (791e8f79-e7d1-11e9-8b31-206a8a720317)