Invalid Memory Access Vulnerability in Xpdf 4.01's TextPage::findGaps() Function

Invalid Memory Access Vulnerability in Xpdf 4.01's TextPage::findGaps() Function

CVE-2019-9877 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

There is an invalid memory access vulnerability in the function TextPage::findGaps() located at TextOutputDev.c in Xpdf 4.01, which can (for example) be triggered by sending a crafted pdf file to the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.

Learn more about our Web Application Penetration Testing UK.