CVE-2019-5045

HIGH Year: 2019
CVSS v3 Score
8.8
High
CVSS v2 Score
6.8
Medium
Weakness Type
CWE-122
View all →

Vulnerability Description

A specifically crafted jpeg2000 file embedded in a PDF file can lead to a heap corruption when opening a PDF document in NitroPDF 12.12.1.522. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, the victim would need to open the malicious file.

Related Vulnerabilities

CVE-2015-6457

HIGH
CVSS:8.8(High)

Moxa SoftCMS 1.3 and prior is susceptible to a buffer overflow condition that may crash or allow remote code execution. Moxa released SoftCMS version 1.4 on June 1, 2015, to address the vulnerability.

CWE-1222015

CVE-2016-9580

HIGH
CVSS:8.8(High)

An integer overflow vulnerability was found in tiftoimage function in openjpeg 2.1.2, resulting in heap buffer overflow.

CWE-1222016

CVE-2016-9581

HIGH
CVSS:8.8(High)

An infinite loop vulnerability in tiftoimage that results in heap buffer overflow in convert_32s_C1P1 was found in openjpeg 2.1.2.

CWE-1222016

CVE-2017-12704

HIGH
CVSS:8.8(High)

A heap-based buffer overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Researchers have identified multiple vulnerabilities where there is a lack of proper validatio...

CWE-1222017

CVE-2017-13090

HIGH
CVSS:8.8(High)

The retr.c:fd_read_body() function is called when processing OK responses. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but does...

CWE-1222017

CVE-2017-6037

HIGH
CVSS:8.8(High)

A Heap-Based Buffer Overflow issue was discovered in Wecon Technologies LEVI Studio HMI Editor before 1.8.1. This vulnerability causes a buffer overflow when a maliciously crafted project file is run ...

CWE-1222017