CVE-2020-19470

Vulnerability

A NULL pointer dereference vulnerability exists in the DCTStream::getChar function of PDF2JSON version 0.70 (commit b671b64). The bug occurs when processing a specially crafted PDF file, leading to an invalid read of size 1. The issue was reported in a GitHub issue [1].

Exploitation

An attacker can exploit this vulnerability by providing a malicious PDF file to the pdf2json utility. No authentication or special privileges are required; the attacker only needs to convince a user or service to process the crafted PDF. The PoC demonstrates that running pdf2json on the malformed file triggers the crash [1].

Impact

Successful exploitation results in a denial of service (DoS) due to a segmentation fault (SEGV). The application crashes, potentially disrupting services that rely on PDF2JSON for PDF parsing. No code execution or data disclosure is indicated.

Mitigation

As of the publication date (2021-07-21), no official fix has been released for this vulnerability. Users are advised to avoid processing untrusted PDF files with PDF2JSON 0.70. Upgrading to a newer version or applying a patch from the project repository may mitigate the issue, but no specific fix is referenced [1].