CVE-2019-14267 - PDFResurrect 0.15 has a buffer overflow via a crafted PDF file because data associated with startxre

CVE-2019-14267

Summary

PDFResurrect 0.15 has a buffer overflow via a crafted PDF file because data associated with startxref and %%EOF is mishandled.

References

Vulnerable Configurations

cpe:2.3:a:pdfresurrect_project:pdfresurrect:0.15:*:*:*:*:*:*:*
cpe:2.3:a:pdfresurrect_project:pdfresurrect:0.15:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*

CVSS

CWE

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:P

refmap via4

fedora	FEDORA-2019-80e5e20cf8 FEDORA-2019-b20614ff74 FEDORA-2019-e01bc28777
misc	http://packetstormsecurity.com/files/153767/pdfresurrect-0.15-Buffer-Overflow.html https://github.com/enferex/pdfresurrect/commits/master https://github.com/snappyJack/pdfresurrect_CVE-2019-14267

Last major update

28-02-2023 - 15:19

Published

29-07-2019 - 16:15

Last modified

28-02-2023 - 15:19