CVE-2020-19472

Vulnerability

The vulnerability resides in the DCTStream::readHuffSym function in PDF2JSON version 0.70 (commit b671b64). When parsing a specially crafted, malformed PDF file, the function performs an invalid read of 2 bytes, leading to a crash. The issue is triggered during the processing of JPEG-encoded image data within the PDF, specifically when the Huffman table decoding logic encounters unexpected input [1].

Exploitation

An attacker can exploit this issue by providing a malicious PDF file to the pdf2json utility. No special network position or authentication is required; the attacker only needs to convince the target to process the file (e.g., via email attachment or web upload). The application attempts to reconstruct the xref table and display the PDF, but during the DCT decoding phase, the invalid read occurs, causing a denial of service (application crash) [1].

Impact

Successful exploitation leads to a Denial of Service (DoS) due to the application crash. The impact is limited to service availability, as the invalid read does not appear to allow code execution or information disclosure based on the available references [1].

Mitigation

As of the available reference (July 2021), no patched version of PDF2JSON has been released to address this issue. Users should consider avoiding processing untrusted PDF files with the affected version (0.70) until a fix is available [1].