CVE-2019-9687

NONE EPSS 80.4%
Published Mar 11, 20197y ago ยท Modified Jun 17, 20262w ago
Find Similar
Published Mar 11, 2019 7y ago
Last Modified Jun 17, 2026 2w ago

Description

PoDoFo 0.9.6 has a heap-based buffer overflow in PdfString::ConvertUTF16toUTF8 in base/PdfString.cpp.

Threat Intelligence

EPSS Exploit Probability
80.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-787 Out-of-bounds Write Memory Safety

Affected Products 2

VendorProductVersionRange
podofo_projectpodofo0.9.6any
fedoraprojectfedora29any

References 3

  • lists.fedoraproject.org https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CIC2EXSSMBT3MY2HY42IIY4BUQS2SVYB/
  • lists.fedoraproject.org https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NTJ5AAM6Y4NMSELEH7N5ZG4DNO56BCYF/
  • sourceforge.net https://sourceforge.net/p/podofo/code/1969
    PatchThird Party Advisory

Remediation

  • sourceforge.net https://sourceforge.net/p/podofo/code/1969
    PatchThird Party Advisory