Stack-based Buffer Over-read Vulnerability in Xpdf 4.01.01
CVE-2019-12360 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:N/A:P
A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by sending crafted TrueType data in a PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data into dump content.
Learn more about our Web Application Penetration Testing UK.