Exploitation Summary
EIP tracks 4 public exploits for CVE-2019-13288. PoCs published by Fineas, ngtuonghung, WildWestCyberSecurity.
AI-analyzed exploit summary The repository contains minimal information about CVE-2019-13288, describing a DoS vulnerability in Xpdf 4.01.01 due to infinite recursion in Parser::getObj(). However, it lacks functional exploit code or detailed technical analysis, only providing a command and a backtrace image reference.
Description
In Xpdf 4.01.01, the Parser::getObj() function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. This is similar to CVE-2018-16646.
Exploits (4)
The repository contains minimal information about CVE-2019-13288, describing a DoS vulnerability in Xpdf 4.01.01 due to infinite recursion in Parser::getObj(). However, it lacks functional exploit code or detailed technical analysis, only providing a command and a backtrace image reference.
This repository provides a link to a detailed writeup and PoC for CVE-2019-13288, which involves infinite recursion and null pointer dereference vulnerabilities in XPDF. The linked writeup likely contains technical analysis and reproduction steps.
This repository provides a detailed technical analysis of CVE-2019-13288, an infinite recursion vulnerability in Xpdf's Parser::getObj() function, including steps to replicate the exploit using AFL++ fuzzing.
The repository contains only a README file with general information about Xpdf and a single source file (parseargs.c) unrelated to CVE-2019-13288. No exploit code or technical details about the vulnerability are present.
References (1)
Scores
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H