7.1
CVSSv3

CVE-2019-12515

Published: 02/06/2019 Updated: 07/11/2023
CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 7.1 | Impact Score: 5.2 | Exploitability Score: 1.8
VMScore: 516
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:P

Vulnerability Summary

There is an out-of-bounds read vulnerability in the function FlateStream::getChar() located at Stream.cc in Xpdf 4.01.01. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an malicious user to cause Information Disclosure or a denial of service.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

glyphandcog xpdfreader 4.01.01