CVE-2019-17064: Null Pointer Dereference
Published Oct 1, 2019
·Updated
Catalog.cc in Xpdf 4.02 has a NULL pointer dereference because Catalog.pageLabels is initialized too late in the Catalog constructor.
Affected Software
1 affected component
Glyphandcog Xpdfreader=4.02
Remediation
Patch Available
Event History
Oct 1, 2019
CVE Published
via MITRE·03:22 PM
Data Sourced
via MITRE·03:22 PM
Description
Frequently Asked Questions
1
What is the severity of CVE-2019-17064?
CVE-2019-17064 is classified as a low severity vulnerability due to its nature of causing a NULL pointer dereference.
2
How do I fix CVE-2019-17064?
To fix CVE-2019-17064, you should upgrade to a newer version of Xpdf that addresses this vulnerability.
3
What types of systems are affected by CVE-2019-17064?
CVE-2019-17064 affects Xpdf version 4.02 specifically on any supported systems using this version.
4
What impact does CVE-2019-17064 have on users?
The impact of CVE-2019-17064 includes potential crashes of the Xpdf application when certain PDF files are processed.
5
Is CVE-2019-17064 an easily exploitable vulnerability?
CVE-2019-17064 is not considered easily exploitable as it requires specific conditions related to the processing of PDF files.