CVE-2022-35091 is a medium severity vulnerability identified in the SWFTools project, specifically within the codebase related to PDF processing. The issue arises from a floating point exception (FPE) in the function DCTStream::readMCURow() located in the file /xpdf/Stream.cc.ow(). This function is responsible for reading Minimum Coded Unit (MCU) rows during the decoding of JPEG images embedded in PDF files. A floating point exception typically occurs due to invalid arithmetic operations such as division by zero or overflow, which can cause the application to crash or behave unexpectedly. In this case, the vulnerability can be triggered by processing a specially crafted PDF file containing malicious JPEG streams, leading to an application crash and denial of service (DoS). The CVSS 3.1 base score is 5.5, indicating a medium severity level. The vector indicates that the attack requires local access (AV:L), low attack complexity (AC:L), no privileges (PR:N), but requires user interaction (UI:R). The impact is limited to availability (A:H), with no confidentiality or integrity impact. There are no known exploits in the wild, and no patches have been linked yet. The vulnerability is classified under CWE-697, which relates to improper control of a resource through its lifetime, in this case, improper handling of floating point operations during image decoding.

For European organizations, the primary impact of CVE-2022-35091 is the potential for denial of service in applications or services that utilize SWFTools or related PDF processing libraries that include the vulnerable DCTStream::readMCURow() function. This could affect document processing workflows, automated PDF parsing, or any system that ingests PDFs with embedded JPEG images. While the vulnerability does not compromise confidentiality or integrity, disruption of availability can impact business operations, especially in sectors relying heavily on automated document handling such as legal, financial, and governmental institutions. Since the attack vector requires local access and user interaction, the risk is somewhat mitigated in environments with strict user controls and limited local access. However, organizations that allow users to open untrusted PDFs locally or have automated systems processing PDFs without sufficient validation may be vulnerable to crashes or service interruptions. The lack of known exploits reduces immediate risk, but the presence of a floating point exception vulnerability in widely used tools warrants attention to prevent future exploitation or accidental disruptions.

European organizations should implement the following specific mitigations: 1) Identify and inventory all systems and applications using SWFTools or related PDF processing libraries that might include the vulnerable function. 2) Restrict local access to systems processing PDFs to trusted users only, minimizing the chance of malicious PDF files being opened. 3) Implement strict input validation and sandboxing for PDF processing workflows to isolate and contain potential crashes caused by malformed files. 4) Monitor for updates or patches from SWFTools or related projects and apply them promptly once available. 5) Consider deploying alternative PDF processing tools with a strong security track record if patching is delayed. 6) Educate users about the risks of opening untrusted PDF files and enforce policies to avoid processing suspicious documents. 7) Employ application whitelisting and endpoint protection to detect and prevent exploitation attempts that might leverage this vulnerability indirectly.