CVE-2019-9543
Summary
| CVE | CVE-2019-9543 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2019-03-01 19:29:00 UTC |
| Updated | 2021-07-21 11:39:00 UTC |
| Description | An issue was discovered in Poppler 0.74.0. A recursive function call, in JBIG2Stream::readGenericBitmap() located in JBIG2Stream.cc, can be triggered by sending a crafted pdf file to (for example) the pdfseparate binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. This is related to JArithmeticDecoder::decodeBit. |
Risk And Classification
Problem Types: CWE-674
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Freedesktop | Poppler | 0.74.0 | All | All | All |
| Application | Freedesktop | Poppler | 0.74.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| CVE-2019-9543: Recursive function call in function JBIG2Stream::readGenericBitmap() – poppler 0.74.0 - Loginsoft Research | MISC | research.loginsoft.com | Third Party Advisory |
| 107238 | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| recursive function call in function JBIG2Stream::readGenericBitmap() (#730) · Issues · poppler / poppler · GitLab | MISC | gitlab.freedesktop.org | Exploit, Third Party Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.