RSS   Podatności dla 'Aspose.pdf for c++'   RSS

2019-09-18
 
CVE-2019-5067

CWE-416
 

 
An uninitialized memory access vulnerability exists in the way Aspose.PDF 19.2 for C++ handles invalid parent object pointers. A specially crafted PDF can cause a read and write from uninitialized memory, resulting in memory corruption and possibly arbitrary code execution. To trigger this vulnerability, a specifically crafted PDF document needs to be processed by the target application.

 
 
CVE-2019-5066

CWE-416
 

 
An exploitable use-after-free vulnerability exists in the way LZW-compressed streams are processed in Aspose.PDF 19.2 for C++. A specially crafted PDF can cause a dangling heap pointer, resulting in a use-after-free condition. To trigger this vulnerability, a specifically crafted PDF document needs to be processed by the target application.

 
 
CVE-2019-5042

CWE-416
 

 
An exploitable Use-After-Free vulnerability exists in the way FunctionType 0 PDF elements are processed in Aspose.PDF 19.2 for C++. A specially crafted PDF can cause a dangling heap pointer, resulting in a use-after-free. An attacker can send a malicious PDF to trigger this vulnerability.

 

 >>> Vendor: Aspose 3 Produkty
Aspose.cells
Aspose.words
Aspose.pdf for c++


Copyright 2020, cxsecurity.com

 

Back to Top