CVE-2019-14294

NONE EPSS 56.9%
Published Jul 27, 20196y ago · Modified Jun 17, 20262w ago
Find Similar
Published Jul 27, 2019 6y ago
Last Modified Jun 17, 2026 2w ago

Description

An issue was discovered in Xpdf 4.01.01. There is a use-after-free in the function JPXStream::fillReadBuf at JPXStream.cc, due to an out of bounds read.

Threat Intelligence

EPSS Exploit Probability
56.9% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 2

CWE-125 Out-of-bounds Read Memory Safety
CWE-416 Use After Free Memory Safety

Affected Products 1

VendorProductVersionRange
glyphandcogxpdfreader4.01.01any

References 2

  • forum.xpdfreader.com https://forum.xpdfreader.com/viewtopic.php?f=3&t=41851
    ExploitThird Party Advisory
  • github.com https://github.com/TeamSeri0us/pocs/tree/master/xpdf/4.01.01
    ExploitThird Party Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.