An exploitable use-after-free vulnerability exists in the way LZW-compressed streams are processed in Aspose.PDF 19.2 for C++. A specially crafted PDF can cause a dangling heap pointer, resulting in a use-after-free condition. To trigger this vulnerability, a specifically crafted PDF document needs to be processed by the target application.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: talos

Published: 2019-09-18T20:16:09

Updated: 2024-08-04T19:47:56.635Z

Reserved: 2019-01-04T00:00:00

Link: CVE-2019-5066

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-09-18T21:15:13.187

Modified: 2024-11-21T04:44:17.020

Link: CVE-2019-5066

cve-icon Redhat

No data.