ID CVE-2016-6265
Summary Use-after-free vulnerability in the pdf_load_xref function in pdf/pdf-xref.c in MuPDF allows remote attackers to cause a denial of service (crash) via a crafted PDF file.
References
Vulnerable Configurations
  • Artifex MuPDF 1.9
    cpe:2.3:a:artifex:mupdf:1.9
  • openSUSE Leap 42.1
    cpe:2.3:o:opensuse:leap:42.1
  • OpenSUSE 13.2
    cpe:2.3:o:opensuse:opensuse:13.2
CVSS
Base: 4.3 (as of 22-09-2016 - 12:31)
Impact:
Exploitability:
CWE CWE-416
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2017-6FE982684D.NASL
    description New release (1.10a). Security fix for CVE-2016-6265 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2017-03-01
    plugin id 97453
    published 2017-03-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97453
    title Fedora 25 : mupdf (2017-6fe982684d)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-926.NASL
    description This update for mupdf fixes the following issues : Security issues fixed : - CVE-2016-6265: Fixed a use-after-free issue (boo#990195).
    last seen 2019-02-21
    modified 2016-10-13
    plugin id 92715
    published 2016-08-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=92715
    title openSUSE Security Update : mupdf (openSUSE-2016-926)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-3655.NASL
    description Two vulnerabilities were discovered in MuPDF, a lightweight PDF viewer. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2016-6265 Marco Grassi discovered a use-after-free vulnerability in MuPDF. An attacker can take advantage of this flaw to cause an application crash (denial-of-service), or potentially to execute arbitrary code with the privileges of the user running MuPDF, if a specially crafted PDF file is processed. - CVE-2016-6525 Yu Hong and Zheng Jihong discovered a heap overflow vulnerability within the pdf_load_mesh_params function, allowing an attacker to cause an application crash (denial-of-service), or potentially to execute arbitrary code with the privileges of the user running MuPDF, if a specially crafted PDF file is processed.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 93134
    published 2016-08-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=93134
    title Debian DSA-3655-1 : mupdf - security update
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201702-12.NASL
    description The remote host is affected by the vulnerability described in GLSA-201702-12 (MuPDF: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in MuPDF. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a specially crafted PDF document using MuPDF possibly resulting in the execution of arbitrary code, with the privileges of the process, or a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2017-02-21
    plugin id 97255
    published 2017-02-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97255
    title GLSA-201702-12 : MuPDF: Multiple vulnerabilities
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_47157C14901311E6A59014DAE9D210B8.NASL
    description Tobias Kortkamp reports : Heap-based buffer overflow in the pdf_load_mesh_params function in pdf/pdf-shade.c in MuPDF allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a large decode array. Use-after-free vulnerability in the pdf_load_xref function in pdf/pdf-xref.c in MuPDF allows remote attackers to cause a denial of service (crash) via a crafted PDF file.
    last seen 2019-02-21
    modified 2018-11-21
    plugin id 93985
    published 2016-10-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=93985
    title FreeBSD : mupdf -- multiple vulnerabilities (47157c14-9013-11e6-a590-14dae9d210b8)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2017-844445F2AA.NASL
    description Security fix for CVE-2016-6265 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2017-03-02
    plugin id 97482
    published 2017-03-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97482
    title Fedora 24 : mupdf (2017-844445f2aa)
refmap via4
bid 92071
confirm
debian DSA-3655
gentoo GLSA-201702-12
mlist [oss-security] 20160721 Re: mupdf library use after free
suse openSUSE-SU-2016:1926
Last major update 22-09-2016 - 13:25
Published 22-09-2016 - 11:59
Last modified 30-10-2018 - 12:27
Back to Top