CVE-2019-9959

Posted on by admin

CVE-2019-9959

The JPXStream::init function in Poppler 0.78.0 and earlier doesn’t check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo.

Source: CVE-2019-9959

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다