CVE-2019-9199 - log back

CVE-2019-9199 edited at 10 Jan 2021 10:59:36
Description
- PoDoFo::Impose::PdfTranslator::setSource() in pdftranslator.cpp in PoDoFo 0.9.6 has a NULL pointer dereference that can (for example) be triggered by sending a crafted PDF file to the podofoimpose binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.
+ PoDoFo::Impose::PdfTranslator::setSource() in pdftranslator.cpp in PoDoFo 0.9.6 has a NULL pointer dereference that can (for example) be triggered by sending a crafted PDF file to the podofoimpose binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. The issue is fixed in PoDoFo version 0.9.7.
CVE-2019-9199 edited at 10 Jan 2021 09:26:40
Severity
- Unknown
+ Low
Remote
- Unknown
+ Local
Type
- Unknown
+ Denial of service
Description
+ PoDoFo::Impose::PdfTranslator::setSource() in pdftranslator.cpp in PoDoFo 0.9.6 has a NULL pointer dereference that can (for example) be triggered by sending a crafted PDF file to the podofoimpose binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.
References
+ https://research.loginsoft.com/vulnerability/null-pointer-dereference-vulnerability-in-setsource-podofo-0-9-6-trunk-r1967/
+ https://sourceforge.net/p/podofo/tickets/40/
+ https://sourceforge.net/p/podofo/code/1971/
CVE-2019-9199 created at 10 Jan 2021 09:16:02
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes