CVE-2019-9545

HIGH Year: 2019
CVSS v3 Score
8.8
High
CVSS v2 Score
6.8
Medium
Weakness Type
CWE-674
View all →

Vulnerability Description

An issue was discovered in Poppler 0.74.0. A recursive function call, in JBIG2Stream::readTextRegion() located in JBIG2Stream.cc, can be triggered by sending a crafted pdf file to (for example) the pdfimages binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. This is related to JBIG2Bitmap::clearToZero.

Related Vulnerabilities

CVE-2019-9143

HIGH
CVSS:8.8(High)

An issue was discovered in Exiv2 0.27. There is infinite recursion at Exiv2::Image::printTiffStructure in the file image.cpp. This can be triggered by a crafted file. It allows an attacker to cause De...

CWE-6742019

CVE-2019-9144

HIGH
CVSS:8.8(High)

An issue was discovered in Exiv2 0.27. There is infinite recursion at BigTiffImage::printIFD in the file bigtiffimage.cpp. This can be triggered by a crafted file. It allows an attacker to cause Denia...

CWE-6742019

CVE-2019-9543

HIGH
CVSS:8.8(High)

An issue was discovered in Poppler 0.74.0. A recursive function call, in JBIG2Stream::readGenericBitmap() located in JBIG2Stream.cc, can be triggered by sending a crafted pdf file to (for example) the...

CWE-6742019

CVE-2024-20311

HIGH
CVSS:8.6(High)

A vulnerability in the Locator ID Separation Protocol (LISP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to relo...

CWE-6742024

CVE-2023-2663

CRITICAL
CVSS:9.1(Critical)

In Xpdf 4.04 (and earlier), a PDF object loop in the page label tree leads to infinite recursion and a stack overflow.

CWE-6742023

CVE-2019-10761

HIGH
CVSS:8.3(High)

This affects the package vm2 before 3.6.11. It is possible to trigger a RangeError exception from the host rather than the "sandboxed" context by reaching the stack call limit with an infinite recursi...

CWE-6742019