[ASA-201910-10] xpdf: arbitrary code execution

Morten Linderud foxboron at archlinux.org
Wed Oct 23 14:19:47 UTC 2019


Arch Linux Security Advisory ASA-201910-10
==========================================

Severity: Medium
Date    : 2019-10-16
CVE-ID  : CVE-2019-16927
Package : xpdf
Type    : arbitrary code execution
Remote  : No
Link    : https://security.archlinux.org/AVG-1048

Summary
=======

The package xpdf before version 4.02-1 is vulnerable to arbitrary code
execution.

Resolution
==========

Upgrade to 4.02-1.

# pacman -Syu "xpdf>=4.02-1"

The problem has been fixed upstream in version 4.02.

Workaround
==========

None.

Description
===========

Xpdf 4.01.01 has an out-of-bounds write in the vertProfile part of the
TextPage::findGaps function in TextOutputDev.cc, a different
vulnerability than CVE-2019-9877.

Impact
======

A local attacker is able to execute arbitrary code via a specially
crafted PDF document.

References
==========

https://bugs.archlinux.org/task/63980
https://forum.xpdfreader.com/viewtopic.php?f=3&t=41885
https://security.archlinux.org/CVE-2019-16927
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.archlinux.org/pipermail/arch-security/attachments/20191023/2ed289bc/attachment.sig>


More information about the arch-security mailing list