ID CVE-2020-26519
Summary Artifex MuPDF before 1.18.0 has a heap based buffer over-write when parsing JBIG2 files allowing attackers to cause a denial of service.
References
Vulnerable Configurations
  • cpe:2.3:a:artifex:mupdf:0.6:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:0.7:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:0.8:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:0.8.15:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:0.8.15:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:0.8.165:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:0.8.165:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:0.9:-:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:0.9:-:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:0.9:rc1:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:0.9:rc1:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:0.9.1:*:*:*:*:iphone_os:*:*
    cpe:2.3:a:artifex:mupdf:0.9.1:*:*:*:*:iphone_os:*:*
  • cpe:2.3:a:artifex:mupdf:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.0:*:*:*:*:iphone_os:*:*
    cpe:2.3:a:artifex:mupdf:1.0:*:*:*:*:iphone_os:*:*
  • cpe:2.3:a:artifex:mupdf:1.0:-:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.0:-:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.1:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.1:*:*:*:*:iphone_os:*:*
    cpe:2.3:a:artifex:mupdf:1.1:*:*:*:*:iphone_os:*:*
  • cpe:2.3:a:artifex:mupdf:1.1:-:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.1:-:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.1:rc1:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.1:rc1:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.2:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.3:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.3:-:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.3:-:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.3:rc1:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.3:rc1:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.4:*:*:*:*:iphone_os:*:*
    cpe:2.3:a:artifex:mupdf:1.4:*:*:*:*:iphone_os:*:*
  • cpe:2.3:a:artifex:mupdf:1.4:-:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.4:-:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.4:rc1:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.4:rc1:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.5:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.5:*:*:*:*:iphone_os:*:*
    cpe:2.3:a:artifex:mupdf:1.5:*:*:*:*:iphone_os:*:*
  • cpe:2.3:a:artifex:mupdf:1.6:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.6:*:*:*:*:iphone_os:*:*
    cpe:2.3:a:artifex:mupdf:1.6:*:*:*:*:iphone_os:*:*
  • cpe:2.3:a:artifex:mupdf:1.7:*:*:*:*:iphone_os:*:*
    cpe:2.3:a:artifex:mupdf:1.7:*:*:*:*:iphone_os:*:*
  • cpe:2.3:a:artifex:mupdf:1.7:-:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.7:-:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.7:rc1:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.7:rc1:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.7.1:*:*:*:*:iphone_os:*:*
    cpe:2.3:a:artifex:mupdf:1.7.1:*:*:*:*:iphone_os:*:*
  • cpe:2.3:a:artifex:mupdf:1.7a:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.7a:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.8:-:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.8:-:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.8:rc1:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.8:rc1:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.8.1:*:*:*:*:iphone_os:*:*
    cpe:2.3:a:artifex:mupdf:1.8.1:*:*:*:*:iphone_os:*:*
  • cpe:2.3:a:artifex:mupdf:1.9:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.9:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.9:*:*:*:*:iphone_os:*:*
    cpe:2.3:a:artifex:mupdf:1.9:*:*:*:*:iphone_os:*:*
  • cpe:2.3:a:artifex:mupdf:1.9:-:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.9:-:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.9:rc1:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.9:rc1:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.9a:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.9a:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.10:*:*:*:*:iphone_os:*:*
    cpe:2.3:a:artifex:mupdf:1.10:*:*:*:*:iphone_os:*:*
  • cpe:2.3:a:artifex:mupdf:1.10:-:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.10:-:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.10:rc1:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.10:rc1:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.10:rc2:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.10:rc2:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.10a:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.10a:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.11:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.11:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.11:*:*:*:*:iphone_os:*:*
    cpe:2.3:a:artifex:mupdf:1.11:*:*:*:*:iphone_os:*:*
  • cpe:2.3:a:artifex:mupdf:1.11:rc1:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.11:rc1:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.12:rc1:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.12:rc1:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.12.0:-:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.12.0:-:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.12.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.12.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.13:rc1:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.13:rc1:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.13.0:-:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.13.0:-:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.13.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.13.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.14.0:-:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.14.0:-:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.14.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.14.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.15.0:-:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.15.0:-:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.15.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.15.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.15.1:*:*:*:*:iphone_os:*:*
    cpe:2.3:a:artifex:mupdf:1.15.1:*:*:*:*:iphone_os:*:*
  • cpe:2.3:a:artifex:mupdf:1.15.2:*:*:*:*:iphone_os:*:*
    cpe:2.3:a:artifex:mupdf:1.15.2:*:*:*:*:iphone_os:*:*
  • cpe:2.3:a:artifex:mupdf:1.16.0:-:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.16.0:-:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.16.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.16.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.16.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.16.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.16.1:*:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.16.1:*:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.17.0:-:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.17.0:-:*:*:*:*:*:*
  • cpe:2.3:a:artifex:mupdf:1.17.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:artifex:mupdf:1.17.0:rc1:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 21-11-2020 - 20:15)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:P
Last major update 21-11-2020 - 20:15
Published 02-10-2020 - 06:15
Last modified 21-11-2020 - 20:15
Back to Top