ID CVE-2018-5686
Summary In MuPDF 1.12.0, there is an infinite loop vulnerability and application hang in the pdf_parse_array function (pdf/pdf-parse.c) because EOF is not considered. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file.
References
Vulnerable Configurations
  • cpe:2.3:a:artifex:mupdf:1.112.0
    cpe:2.3:a:artifex:mupdf:1.112.0
CVSS
Base: 4.3
Impact:
Exploitability:
CWE CWE-399
CAPEC
nessus via4
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2018-7982AD5F2A.NASL
    description CVE-2017-17858 (rh bz #1537952) (gs bz #698819) CVE-2018-5686 (rh bz #1539854) gs bz #698860) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-02-13
    modified 2018-02-12
    plugin id 106638
    published 2018-02-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106638
    title Fedora 27 : mupdf (2018-7982ad5f2a)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2018-89.NASL
    description This update for mupdf to version 1.12.0 fixes several issues. These security issues were fixed : - CVE-2018-5686: Prevent infinite loop in pdf_parse_array function because EOF is not considered. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file (bsc#1075936). - CVE-2017-15369: The build_filter_chain function in pdf/pdf-stream.c mishandled a case where a variable may reside in a register, which allowed remote attackers to cause a denial of service (Fitz fz_drop_imp use-after-free and application crash) or possibly have unspecified other impact via a crafted PDF document (bsc#1063413). - CVE-2017-15587: Prevent integer overflow in pdf_read_new_xref_section that allowed for DoS (bsc#1064027). - CVE-2017-17866: Fixed mishandling of length changes when a repair operation occured during a clean operation, which allowed remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted PDF document (bsc#1074116). - CVE-2017-17858: Fixed a heap-based buffer overflow in the ensure_solid_xref function which allowed a remote attacker to potentially execute arbitrary code via a crafted PDF file, because xref subsection object numbers were unrestricted (bsc#1077161). For non-security changes please refer to the changelog.
    last seen 2018-01-27
    modified 2018-01-26
    plugin id 106358
    published 2018-01-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106358
    title openSUSE Security Update : mupdf (openSUSE-2018-89)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2018-7151603128.NASL
    description CVE-2017-17858 (rh bz #1537952) (gs bz #698819) CVE-2018-5686 (gs bz #698860) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-02-13
    modified 2018-02-12
    plugin id 106636
    published 2018-02-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106636
    title Fedora 26 : mupdf (2018-7151603128)
refmap via4
misc https://bugs.ghostscript.com/show_bug.cgi?id=698860
Last major update 13-01-2018 - 21:29
Published 13-01-2018 - 21:29
Last modified 02-02-2018 - 13:26
Back to Top