CVE-2019-5067

Name of the Vulnerable Software and Affected Versions Aspose.PDF version 19.2 for C++

Description The issue arises from the handling of invalid parent object pointers in Aspose.PDF for C++, which can lead to an uninitialized memory access vulnerability. A specially crafted PDF document can cause the application to read and write from uninitialized memory, resulting in memory corruption and potentially allowing arbitrary code execution.

Recommendations For Aspose.PDF version 19.2 for C++, consider avoiding the processing of untrusted or specially crafted PDF documents until a fix is available. As a temporary workaround, restrict the use of the application to trusted PDF files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.