PT-2019-4646 · Qualcomm · Qualcomm Ipc

Xiaoyuhe

Published

2019-09-27

Updated

2022-04-12

CVE-2019-10627

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Qualcomm IPS versions prior to 2019.2

Description The issue is caused by an integer overflow in PostScript- and PDF-compatible interpreters, which can lead to a buffer overflow. This is due to incorrect buffer size calculation in the PostScript image handling code. The exploitation of this issue may allow a remote attacker to impact the confidentiality, integrity, and availability of protected information.

Recommendations For versions prior to 2019.2, update to version 2019.2 or later to resolve the issue. As a temporary workaround, consider restricting the use of PostScript and PDF printing functions until a patch is available. Avoid using the vulnerable PostScript image handling code in the affected interpreters until the issue is resolved.

Fix

Buffer Overflow

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-131CWE-119CWE-190

Related Identifiers

BDU:2020-00812

CVE-2019-10627

Affected Products

Qualcomm Ipc

PT-2019-4646 · Qualcomm · Qualcomm Ipc

CVE-2019-10627

Weakness Enumeration

Related Identifiers

Affected Products

References · 6