CVE-2019-9587

HIGH Year: 2019
CVSS v3 Score
7.8
High
CVSS v2 Score
6.8
Medium
Weakness Type
CWE-400
View all →

Vulnerability Description

There is a stack consumption issue in md5Round1() located in Decrypt.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdfimages binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. This is related to Catalog::countPageTree.

Related Vulnerabilities

CVE-2017-13825

HIGH
CVSS:7.8(High)

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CoreText" component. It allows remote attackers to execute arbitrary code or cause a denial...

CWE-4002017

CVE-2017-14177

HIGH
CVSS:7.8(High)

Apport through 2.20.7 does not properly handle core dumps from setuid binaries allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via ...

CWE-4002017

CVE-2017-14179

HIGH
CVSS:7.8(High)

Apport before 2.13 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of servic...

CWE-4002017

CVE-2017-14180

HIGH
CVSS:7.8(High)

Apport 2.13 through 2.20.7 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial o...

CWE-4002017

CVE-2017-7132

HIGH
CVSS:7.8(High)

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Quick Look" component. It allows remote attackers to execute arbitrary code or cause a deni...

CWE-4002017

CVE-2017-8247

HIGH
CVSS:7.8(High)

In all Qualcomm products with Android releases from CAF using the Linux kernel, if there is more than one thread doing the device open operation, the device may be opened more than once. This would le...

CWE-4002017