What is CVE-2019-10023?

CVE-2019-10023 is a vulnerability discovered in Xpdf 4.01.01 that causes a floating point exception (FPE) in the PostScriptFunction::exec function.

How severe is CVE-2019-10023?

CVE-2019-10023 has a severity rating of 5.5 (medium).

Which software versions are affected by CVE-2019-10023?

The affected software versions include poppler 0.41.0-0ubuntu1.14 (Ubuntu) and xpdf 3.04-13, 3.04+git20210103-3, and 3.04+git20220601-1 (Debian).

How can I fix CVE-2019-10023?

To fix CVE-2019-10023, update to poppler 0.41.0-0ubuntu1.14 (Ubuntu) or xpdf versions 3.04-13, 3.04+git20210103-3, or 3.04+git20220601-1 (Debian).

Is there any additional information about CVE-2019-10023?

Yes, you can find additional information about CVE-2019-10023 at the following links: [MITRE CVE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10023), [Xpdf Forum](https://forum.xpdfreader.com/viewtopic.php?f=3&t=41276), [Ubuntu Security Notice](https://ubuntu.com/security/notices/USN-4042-1).

Vulnerability/
CVE-2019-10023

medium

5.5

CWE

369

24/3/2019

27/6/2019

CVE-2019-10023: Divide by Zero

First published: Sun Mar 24 2019(Updated: )

An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpMod case.

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
Xpdfreader Xpdf	=4.01.01
ubuntu/poppler	<0.41.0-0ubuntu1.14	0.41.0-0ubuntu1.14
debian/xpdf		3.04-13 3.04+git20210103-3 3.04+git20220601-1 3.04+git20240202-1

Remedy

https://cgit.freedesktop.org/poppler/poppler/commit/?id=e2ab2fa9d8c41e0115b2c276a2594cd2f7c217e6

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

USN-4042-1

Frequently Asked Questions

What is CVE-2019-10023?
CVE-2019-10023 is a vulnerability discovered in Xpdf 4.01.01 that causes a floating point exception (FPE) in the PostScriptFunction::exec function.
How severe is CVE-2019-10023?
CVE-2019-10023 has a severity rating of 5.5 (medium).
Which software versions are affected by CVE-2019-10023?
The affected software versions include poppler 0.41.0-0ubuntu1.14 (Ubuntu) and xpdf 3.04-13, 3.04+git20210103-3, and 3.04+git20220601-1 (Debian).
How can I fix CVE-2019-10023?
To fix CVE-2019-10023, update to poppler 0.41.0-0ubuntu1.14 (Ubuntu) or xpdf versions 3.04-13, 3.04+git20210103-3, or 3.04+git20220601-1 (Debian).
Is there any additional information about CVE-2019-10023?
Yes, you can find additional information about CVE-2019-10023 at the following links: [MITRE CVE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10023), [Xpdf Forum](https://forum.xpdfreader.com/viewtopic.php?f=3&t=41276), [Ubuntu Security Notice](https://ubuntu.com/security/notices/USN-4042-1).

collector/nvd-index
agent/author
agent/type
agent/first-publish-date
agent/last-modified-date
collector/launchpad-cve
source/Launchpad
collector/nvd-cve
source/NVD
agent/software-canonical-lookup
agent/severity
agent/references
agent/remedy
agent/weakness
agent/tags
agent/event
agent/description
collector/security-tracker-debian
source/Debian
agent/softwarecombine
collector/usn-cve
source/Ubuntu
vendor/xpdfreader
canonical/xpdfreader xpdf
version/xpdfreader xpdf/4.01.01
package-manager/debian
package-manager/ubuntu

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.