CVE-2019-14294: Use After Free
Published Jul 27, 2019
·Updated
An issue was discovered in Xpdf 4.01.01. There is a use-after-free in the function JPXStream::fillReadBuf at JPXStream.cc, due to an out of bounds read.
Affected Software
1 affected component
Glyphandcog Xpdfreader=4.01.01
Event History
Jul 27, 2019
CVE Published
via MITRE·06:40 PM
Data Sourced
via MITRE·06:40 PM
Description
Frequently Asked Questions
1
What is the severity of CVE-2019-14294?
The severity of CVE-2019-14294 is considered high due to the potential for exploitation leading to application crashes or arbitrary code execution.
2
How do I fix CVE-2019-14294?
To fix CVE-2019-14294, update Xpdf to the latest version provided by Glyph & Cog that addresses this vulnerability.
3
What software versions are affected by CVE-2019-14294?
CVE-2019-14294 specifically affects Xpdf version 4.01.01.
4
What type of vulnerability is CVE-2019-14294?
CVE-2019-14294 is classified as a use-after-free vulnerability, which can lead to out of bounds read issues.
5
Who is the vendor associated with CVE-2019-14294?
The vendor associated with CVE-2019-14294 is Glyph & Cog, the company behind the XpdfReader software.