Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2019-12360

Опубликовано: 27 мая 2019
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 5.8
CVSS3: 7.1

Описание

A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by sending crafted TrueType data in a PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data into dump content.

РелизСтатусПримечание
bionic

ignored

cosmic

ignored

devel

ignored

disco

ignored

eoan

ignored

esm-apps/bionic

ignored

esm-apps/jammy

ignored

esm-apps/noble

ignored

esm-apps/xenial

ignored

esm-infra-legacy/trusty

DNE

Показывать по

РелизСтатусПримечание
bionic

not-affected

code not present
cosmic

ignored

end of life
devel

not-affected

code not present
disco

not-affected

code not present
eoan

not-affected

code not present
esm-apps/bionic

not-affected

code not present
esm-apps/focal

not-affected

code not present
esm-apps/jammy

not-affected

code not present
esm-apps/noble

not-affected

code not present
esm-apps/xenial

not-affected

code not present

Показывать по

РелизСтатусПримечание
bionic

not-affected

code not present
cosmic

ignored

end of life
devel

not-affected

code not present
disco

not-affected

code not present
eoan

not-affected

code not present
esm-apps/bionic

not-affected

code not present
esm-apps/focal

not-affected

code not present
esm-apps/jammy

not-affected

code not present
esm-apps/noble

not-affected

code not present
esm-apps/xenial

not-affected

code not present

Показывать по

РелизСтатусПримечание
bionic

not-affected

0.62.0-2ubuntu2.8
cosmic

not-affected

0.68.0-0ubuntu1.6
devel

not-affected

0.76.1-0ubuntu3
disco

not-affected

0.74.0-0ubuntu1.1
eoan

not-affected

0.76.1-0ubuntu3
esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

0.62.0-2ubuntu2.8
esm-infra/focal

not-affected

0.76.1-0ubuntu3
esm-infra/xenial

not-affected

0.41.0-0ubuntu1.13
focal

not-affected

0.76.1-0ubuntu3

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was deferred
cosmic

ignored

end of life
devel

deferred

disco

ignored

end of life
eoan

ignored

end of life
esm-infra-legacy/trusty

DNE

esm-infra/bionic

deferred

esm-infra/focal

deferred

esm-infra/xenial

deferred

focal

ignored

end of standard support, was deferred

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

Показывать по

РелизСтатусПримечание
bionic

not-affected

code not present
cosmic

ignored

end of life
devel

not-affected

code not present
disco

ignored

end of life
eoan

ignored

end of life
esm-apps/bionic

not-affected

code not present
esm-apps/jammy

not-affected

code not present
esm-apps/noble

not-affected

code not present
esm-apps/xenial

not-affected

code not present
esm-infra-legacy/trusty

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 58%
0.00358
Низкий

5.8 Medium

CVSS2

7.1 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2019-12360

CVSS3: 7.1
redhat
больше 6 лет назад

A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by sending crafted TrueType data in a PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data into dump content.

nvd логотип

CVE-2019-12360

CVSS3: 7.1
nvd
больше 6 лет назад

A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by sending crafted TrueType data in a PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data into dump content.

debian логотип

CVE-2019-12360

CVSS3: 7.1
debian
больше 6 лет назад

A stack-based buffer over-read exists in FoFiTrueType::dumpString in f ...

github логотип

GHSA-h895-jpgg-q54p

github
больше 3 лет назад

A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by sending crafted TrueType data in a PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data into dump content.

EPSS

Процентиль: 58%
0.00358
Низкий

5.8 Medium

CVSS2

7.1 High

CVSS3

Уязвимость CVE-2019-12360