CVE-2019-5042 - OpenCVE

An exploitable Use-After-Free vulnerability exists in the way FunctionType 0 PDF elements are processed in Aspose.PDF 19.2 for C++. A specially crafted PDF can cause a dangling heap pointer, resulting in a use-after-free. An attacker can send a malicious PDF to trigger this vulnerability.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:S/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Aspose	Aspose.pdf For C\+\+

Configuration 1 [-]

cpe:2.3:a:aspose:aspose.pdf_for_c\+\+:19.2:*:*:*:*:*:*:*

References

Link	Resource
https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0809	Exploit Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: talos

Published: 2019-09-18T20:41:35

Updated: 2022-04-19T17:33:17

Reserved: 2019-01-04T00:00:00

Link: CVE-2019-5042

JSON object: View

NVD Information

Status : Analyzed

Published: 2019-09-18T21:15:13.140

Modified: 2022-06-27T17:24:58.330

Link: CVE-2019-5042

JSON object: View

Redhat Information

No data.

CWE

CWE-416

{"containers": {"cna": {"affected": [{"product": "Aspose.PDF for C++", "vendor": "Talos", "versions": [{"status": "affected", "version": "19.2"}]}], "descriptions": [{"lang": "en", "value": "An exploitable Use-After-Free vulnerability exists in the way FunctionType 0 PDF elements are processed in Aspose.PDF 19.2 for C++. A specially crafted PDF can cause a dangling heap pointer, resulting in a use-after-free. An attacker can send a malicious PDF to trigger this vulnerability."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-416", "description": "CWE-416: Use After Free", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-04-19T17:33:17", "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0809"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "talos-cna@cisco.com", "ID": "CVE-2019-5042", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Aspose.PDF for C++", "version": {"version_data": [{"version_value": "19.2"}]}}]}, "vendor_name": "Talos"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An exploitable Use-After-Free vulnerability exists in the way FunctionType 0 PDF elements are processed in Aspose.PDF 19.2 for C++. A specially crafted PDF can cause a dangling heap pointer, resulting in a use-after-free. An attacker can send a malicious PDF to trigger this vulnerability."}]}, "impact": {"cvss": {"baseScore": 8.8, "baseSeverity": "High", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-416: Use After Free"}]}]}, "references": {"reference_data": [{"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0809", "refsource": "CONFIRM", "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0809"}]}}}}, "cveMetadata": {"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "assignerShortName": "talos", "cveId": "CVE-2019-5042", "datePublished": "2019-09-18T20:41:35", "dateReserved": "2019-01-04T00:00:00", "dateUpdated": "2022-04-19T17:33:17", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:aspose:aspose.pdf_for_c\\+\\+:19.2:*:*:*:*:*:*:*", "matchCriteriaId": "C1066A89-61BC-405D-8853-AA4802A1E194", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An exploitable Use-After-Free vulnerability exists in the way FunctionType 0 PDF elements are processed in Aspose.PDF 19.2 for C++. A specially crafted PDF can cause a dangling heap pointer, resulting in a use-after-free. An attacker can send a malicious PDF to trigger this vulnerability."}, {"lang": "es", "value": "Se presenta una vulnerabilidad explotable de Uso de la Memoria Previamente Liberada, en la manera en que los elementos PDF de FunctionType 0 son procesados en Aspose.PDF versi\u00f3n 19.2 para C++. Un PDF especialmente dise\u00f1ado puede causar un colgado del puntero de la pila, resultando en un uso de la memoria previamente liberada. Un atacante puede enviar un PDF malicioso para desencadenar esta vulnerabilidad."}], "id": "CVE-2019-5042", "lastModified": "2022-06-27T17:24:58.330", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "talos-cna@cisco.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-09-18T21:15:13.140", "references": [{"source": "talos-cna@cisco.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0809"}], "sourceIdentifier": "talos-cna@cisco.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-416"}], "source": "talos-cna@cisco.com", "type": "Secondary"}]}