Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2019-13291

Опубликовано: 04 июл. 2019
Источник: ubuntu
Приоритет: medium
CVSS2: 4.3
CVSS3: 5.5

Описание

In Xpdf 4.01.01, there is a heap-based buffer over-read in the function DCTStream::readScan() located at Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allow an attacker to cause Information Disclosure.

РелизСтатусПримечание
bionic

not-affected

code not present
cosmic

ignored

end of life
devel

not-affected

code not present
disco

not-affected

code not present
eoan

not-affected

code not present
esm-apps/bionic

not-affected

code not present
esm-apps/focal

not-affected

code not present
esm-apps/jammy

not-affected

code not present
esm-apps/xenial

not-affected

code not present
esm-infra-legacy/trusty

DNE

Показывать по

РелизСтатусПримечание
bionic

not-affected

code not present
cosmic

ignored

end of life
devel

not-affected

code not present
disco

not-affected

code not present
eoan

not-affected

code not present
esm-apps/bionic

not-affected

code not present
esm-apps/focal

not-affected

code not present
esm-apps/jammy

not-affected

code not present
esm-apps/xenial

not-affected

code not present
esm-infra-legacy/trusty

not-affected

code not present

Показывать по

РелизСтатусПримечание
bionic

not-affected

0.62.0-2ubuntu2.9
cosmic

not-affected

0.68.0-0ubuntu1.7
devel

not-affected

0.76.1-0ubuntu4
disco

not-affected

0.74.0-0ubuntu1.2
eoan

not-affected

0.76.1-0ubuntu4
esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

0.62.0-2ubuntu2.9
esm-infra/focal

not-affected

0.76.1-0ubuntu4
esm-infra/xenial

not-affected

0.41.0-0ubuntu1.14
focal

not-affected

0.76.1-0ubuntu4

Показывать по

РелизСтатусПримечание
bionic

not-affected

code not present
cosmic

ignored

end of life
devel

not-affected

code not present
disco

ignored

end of life
eoan

ignored

end of life
esm-apps/bionic

not-affected

code not present
esm-apps/jammy

not-affected

code not present
esm-apps/xenial

not-affected

code not present
esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

Показывать по

Ссылки на источники

4.3 Medium

CVSS2

5.5 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2019-13291

CVSS3: 5.5
nvd
больше 6 лет назад

In Xpdf 4.01.01, there is a heap-based buffer over-read in the function DCTStream::readScan() located at Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allow an attacker to cause Information Disclosure.

debian логотип

CVE-2019-13291

CVSS3: 5.5
debian
больше 6 лет назад

In Xpdf 4.01.01, there is a heap-based buffer over-read in the functio ...

github логотип

GHSA-wmrm-7x9c-wj29

github
больше 3 лет назад

In Xpdf 4.01.01, there is a heap-based buffer over-read in the function DCTStream::readScan() located at Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allow an attacker to cause Information Disclosure.

4.3 Medium

CVSS2

5.5 Medium

CVSS3