Invalid Memory Access Vulnerability in GfxIndexedColorSpace::mapColorToBase() Function in Xpdf 4.0.0

Invalid Memory Access Vulnerability in GfxIndexedColorSpace::mapColorToBase() Function in Xpdf 4.0.0

CVE-2019-9878 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

There is an invalid memory access in the function GfxIndexedColorSpace::mapColorToBase() located in GfxState.cc in Xpdf 4.0.0, as used in pdfalto 0.2. It can be triggered by (for example) sending a crafted pdf file to the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.

Learn more about our Web Application Penetration Testing UK.