First published: Sun Mar 24 2019(Updated: )
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpMod case.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Xpdfreader Xpdf | =4.01.01 | |
debian/xpdf | 3.04+git20210103-3 3.04+git20220601-1 3.04+git20240613-1 | |
=4.01.01 |
https://cgit.freedesktop.org/poppler/poppler/commit/?id=e2ab2fa9d8c41e0115b2c276a2594cd2f7c217e6
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-10023 is a vulnerability discovered in Xpdf 4.01.01 that causes a floating point exception (FPE) in the PostScriptFunction::exec function.
CVE-2019-10023 has a severity rating of 5.5 (medium).
The affected software versions include poppler 0.41.0-0ubuntu1.14 (Ubuntu) and xpdf 3.04-13, 3.04+git20210103-3, and 3.04+git20220601-1 (Debian).
To fix CVE-2019-10023, update to poppler 0.41.0-0ubuntu1.14 (Ubuntu) or xpdf versions 3.04-13, 3.04+git20210103-3, or 3.04+git20220601-1 (Debian).
Yes, you can find additional information about CVE-2019-10023 at the following links: [MITRE CVE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10023), [Xpdf Forum](https://forum.xpdfreader.com/viewtopic.php?f=3&t=41276), [Ubuntu Security Notice](https://ubuntu.com/security/notices/USN-4042-1).