CVE-2018-1000039 - In MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an atta

CVE-2018-1000039

Summary

In MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an attacker to execute arbitrary code, read memory, or cause a denial of service via a crafted file.

References

Vulnerable Configurations

cpe:2.3:a:artifex:mupdf:0.6:*:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:0.6:*:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:0.7:*:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:0.7:*:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:0.8:*:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:0.8:*:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:0.8.15:*:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:0.8.15:*:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:0.8.165:*:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:0.8.165:*:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:0.9:-:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:0.9:-:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:0.9:rc1:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:0.9:rc1:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:0.9.1:*:*:*:*:iphone_os:*:*
cpe:2.3:a:artifex:mupdf:0.9.1:*:*:*:*:iphone_os:*:*
cpe:2.3:a:artifex:mupdf:1.0:*:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.0:*:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.0:*:*:*:*:iphone_os:*:*
cpe:2.3:a:artifex:mupdf:1.0:*:*:*:*:iphone_os:*:*
cpe:2.3:a:artifex:mupdf:1.0:-:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.0:-:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.0:rc1:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.0:rc1:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.1:*:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.1:*:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.1:*:*:*:*:iphone_os:*:*
cpe:2.3:a:artifex:mupdf:1.1:*:*:*:*:iphone_os:*:*
cpe:2.3:a:artifex:mupdf:1.1:-:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.1:-:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.1:rc1:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.1:rc1:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.2:*:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.2:*:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.3:*:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.3:*:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.3:-:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.3:-:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.3:rc1:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.3:rc1:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.4:*:*:*:*:iphone_os:*:*
cpe:2.3:a:artifex:mupdf:1.4:*:*:*:*:iphone_os:*:*
cpe:2.3:a:artifex:mupdf:1.4:-:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.4:-:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.4:rc1:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.4:rc1:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.5:*:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.5:*:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.5:*:*:*:*:iphone_os:*:*
cpe:2.3:a:artifex:mupdf:1.5:*:*:*:*:iphone_os:*:*
cpe:2.3:a:artifex:mupdf:1.6:*:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.6:*:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.6:*:*:*:*:iphone_os:*:*
cpe:2.3:a:artifex:mupdf:1.6:*:*:*:*:iphone_os:*:*
cpe:2.3:a:artifex:mupdf:1.7:*:*:*:*:iphone_os:*:*
cpe:2.3:a:artifex:mupdf:1.7:*:*:*:*:iphone_os:*:*
cpe:2.3:a:artifex:mupdf:1.7:-:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.7:-:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.7:rc1:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.7:rc1:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.7.1:*:*:*:*:iphone_os:*:*
cpe:2.3:a:artifex:mupdf:1.7.1:*:*:*:*:iphone_os:*:*
cpe:2.3:a:artifex:mupdf:1.7a:*:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.7a:*:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.8:-:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.8:-:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.8:rc1:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.8:rc1:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.8.1:*:*:*:*:iphone_os:*:*
cpe:2.3:a:artifex:mupdf:1.8.1:*:*:*:*:iphone_os:*:*
cpe:2.3:a:artifex:mupdf:1.9:*:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.9:*:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.9:*:*:*:*:iphone_os:*:*
cpe:2.3:a:artifex:mupdf:1.9:*:*:*:*:iphone_os:*:*
cpe:2.3:a:artifex:mupdf:1.9:-:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.9:-:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.9:rc1:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.9:rc1:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.9a:*:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.9a:*:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.10:*:*:*:*:iphone_os:*:*
cpe:2.3:a:artifex:mupdf:1.10:*:*:*:*:iphone_os:*:*
cpe:2.3:a:artifex:mupdf:1.10:-:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.10:-:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.10:rc1:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.10:rc1:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.10:rc2:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.10:rc2:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.10a:*:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.10a:*:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.11:*:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.11:*:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.11:*:*:*:*:iphone_os:*:*
cpe:2.3:a:artifex:mupdf:1.11:*:*:*:*:iphone_os:*:*
cpe:2.3:a:artifex:mupdf:1.11:rc1:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.11:rc1:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.12:rc1:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.12:rc1:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.12.0:-:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.12.0:-:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.12.0:rc1:*:*:*:*:*:*
cpe:2.3:a:artifex:mupdf:1.12.0:rc1:*:*:*:*:*:*

CVSS

Base:	6.8 (as of 14-03-2019 - 17:33)
Impact:
Exploitability:

CWE

CWE-416

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:P

refmap via4

confirm	http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=4dcc6affe04368461310a21238f7e1871a752a05;hp=8ec561d1bccc46e9db40a9f61310cd8b3763914e http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=71ceebcf56e682504da22c4035b39a2d451e8ffd;hp=7f82c01523505052615492f8e220f4348ba46995 http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=f597300439e62f5e921f0d7b1e880b5c1a1f1607;hp=093fc3b098dc5fadef5d8ad4b225db9fb124758b
gentoo	GLSA-201811-15
misc	https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5492 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5513 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5521 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5604

Last major update

14-03-2019 - 17:33

Published

24-05-2018 - 13:29

Last modified

14-03-2019 - 17:33