Vulnerabilites related to artifex - mupdf
Vulnerability from fkie_nvd
Published
2018-04-22 05:29
Modified
2024-11-21 03:41
Severity ?
Summary
In MuPDF 1.13.0, there is an infinite loop in the fz_skip_space function of the pdf/pdf-xref.c file. A remote adversary could leverage this vulnerability to cause a denial of service via a crafted pdf file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.ghostscript.com/cgi-bin/findgit.cgi?2e43685dc8a8a886fc9df9b3663cf199404f7637 | ||
| cve@mitre.org | https://bugs.ghostscript.com/show_bug.cgi?id=699271 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.ghostscript.com/show_bug.cgi?id=699271 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html | Mailing List, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| artifex | mupdf | 1.13.0 | |
| debian | debian_linux | 9.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.13.0:*:*:*:*:*:*:*", matchCriteriaId: "59D72588-9786-4242-A86B-D084604F9E08", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In MuPDF 1.13.0, there is an infinite loop in the fz_skip_space function of the pdf/pdf-xref.c file. A remote adversary could leverage this vulnerability to cause a denial of service via a crafted pdf file.", }, { lang: "es", value: "En MuPDF 1.13.0, hay un bucle infinito en la función fz_skip_space del archivo pdf/pdf-xref.c. Un adversario remoto puede aprovechar esta vulnerabilidad para provocar una denegación de servicio (DoS) mediante un archivo pdf manipulado.", }, ], id: "CVE-2018-10289", lastModified: "2024-11-21T03:41:09.403", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-04-22T05:29:00.207", references: [ { source: "cve@mitre.org", url: "http://www.ghostscript.com/cgi-bin/findgit.cgi?2e43685dc8a8a886fc9df9b3663cf199404f7637", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=699271", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=699271", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-835", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-09-22 06:29
Modified
2024-11-21 03:13
Severity ?
Summary
Artifex MuPDF 1.11 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV near NULL starting at wow64!Wow64NotifyDebugger+0x000000000000001d" on Windows. This occurs because read_zip_dir_imp in fitz/unzip.c does not check whether size fields in a ZIP entry are negative numbers.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.11:*:*:*:*:*:*:*", matchCriteriaId: "13F18A1A-67A7-471B-AD7A-29F65DF4F2BD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", matchCriteriaId: "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Artifex MuPDF 1.11 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a \"User Mode Write AV near NULL starting at wow64!Wow64NotifyDebugger+0x000000000000001d\" on Windows. This occurs because read_zip_dir_imp in fitz/unzip.c does not check whether size fields in a ZIP entry are negative numbers.", }, { lang: "es", value: "La versión 1.11 de Artifex MuPDF permite que los atacantes ejecuten código arbitrario o que provoquen una denegación de servicio mediante un archivo .xps manipulado, relacionado con \"User Mode Write AV comenzando en wow64!Wow64NotifyDebugger+0x000000000000001d\" en Windows. Esto ocurre porque read_zip_dir_imp en fitz/unzip.c no comprueba si los campos de tamaño en una entrada ZIP son números negativos.", }, ], id: "CVE-2017-14686", lastModified: "2024-11-21T03:13:19.227", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-09-22T06:29:00.267", references: [ { source: "cve@mitre.org", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=0f0fbc07d9be31f5e83ec5328d7311fdfd8328b1", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2017/dsa-4006", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698540", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14686", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=0f0fbc07d9be31f5e83ec5328d7311fdfd8328b1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2017/dsa-4006", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698540", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14686", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-01-11 05:29
Modified
2024-11-21 04:45
Severity ?
Summary
Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the fitz/document.c file, as demonstrated by mutool. This is related to page-number mishandling in cbz/mucbz.c, cbz/muimg.c, and svg/svg-doc.c.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.14.0:*:*:*:*:*:*:*", matchCriteriaId: "48631AF2-1BED-4AD8-A18F-81D7B8921B0B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the fitz/document.c file, as demonstrated by mutool. This is related to page-number mishandling in cbz/mucbz.c, cbz/muimg.c, and svg/svg-doc.c.", }, { lang: "es", value: "Artifex MuPDF 1.14.0 tiene un SEGV en la función fz_load_page del archivo fitz/document.c, tal y como queda demostrado con mutool. Esto está relacionado con la mala gestión de página-número en cbz/mucbz.c, cbz/muimg.c y svg/svg-doc.c.", }, ], id: "CVE-2019-6130", lastModified: "2024-11-21T04:45:59.923", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-01-11T05:29:01.687", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106558", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=700446", }, { source: "cve@mitre.org", url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=faf47b94e24314d74907f3f6bc874105f2c962ed", }, { source: "cve@mitre.org", url: "https://lists.debian.org/debian-lts-announce/2019/06/msg00027.html", }, { source: "cve@mitre.org", url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00019.html", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNJNEX5EW6YH5OARXXSSXW4HHC5PIBSY/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SEK2EHVNREJ7XZMFF2MXRWKIF4IBHPNE/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106558", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=700446", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2019/06/msg00027.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNJNEX5EW6YH5OARXXSSXW4HHC5PIBSY/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SEK2EHVNREJ7XZMFF2MXRWKIF4IBHPNE/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-118", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-05-24 13:29
Modified
2024-11-21 03:39
Severity ?
Summary
In Artifex MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs in the PDF parser could allow an attacker to cause a denial of service (crash) or influence program flow via a crafted file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| artifex | mupdf | * | |
| debian | debian_linux | 9.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:*:*:*:*:*:*:*:*", matchCriteriaId: "98C162E1-CD83-4DF5-92FD-938F0CCDA53E", versionEndIncluding: "1.12.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Artifex MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs in the PDF parser could allow an attacker to cause a denial of service (crash) or influence program flow via a crafted file.", }, { lang: "es", value: "En MuPDF 1.12.0 y anteriores, múltiples errores de valores no inicializados en el analizador PDF permiten que un atacante provoque una denegación de servicio (cierre inesperado) o influya en el flujo del programa mediante un archivo manipulado.", }, ], id: "CVE-2018-1000040", lastModified: "2024-11-21T03:39:30.020", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-05-24T13:29:01.133", references: [ { source: "cve@mitre.org", url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=83d4dae44c71816c084a635550acc1a51529b881%3Bhp=f597300439e62f5e921f0d7b1e880b5c1a1f1607", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5596", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5600", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5603", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5609", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5610", }, { source: "cve@mitre.org", url: "https://bugs.ghostscript.com/show_bug.cgi?id=698904", }, { source: "cve@mitre.org", url: "https://bugs.ghostscript.com/show_bug.cgi?id=699086", }, { source: "cve@mitre.org", url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=ace9e69017c08e1e4ce5912014177414c0382004", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201811-15", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4334", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=83d4dae44c71816c084a635550acc1a51529b881%3Bhp=f597300439e62f5e921f0d7b1e880b5c1a1f1607", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5596", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5600", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5603", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5609", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5610", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugs.ghostscript.com/show_bug.cgi?id=698904", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugs.ghostscript.com/show_bug.cgi?id=699086", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=ace9e69017c08e1e4ce5912014177414c0382004", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201811-15", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4334", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-12-27 17:08
Modified
2024-11-21 03:18
Severity ?
Summary
pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain length changes when a repair operation occurs during a clean operation, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted PDF document.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.ghostscript.com/cgi-bin/findgit.cgi?520cc26d18c9ee245b56e9e91f9d4fcae02be5f0 | Patch, Third Party Advisory | |
| cve@mitre.org | https://bugs.ghostscript.com/show_bug.cgi?id=698699 | Permissions Required, Third Party Advisory | |
| cve@mitre.org | https://www.debian.org/security/2018/dsa-4334 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ghostscript.com/cgi-bin/findgit.cgi?520cc26d18c9ee245b56e9e91f9d4fcae02be5f0 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.ghostscript.com/show_bug.cgi?id=698699 | Permissions Required, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2018/dsa-4334 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| artifex | mupdf | * | |
| debian | debian_linux | 9.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:*:*:*:*:*:*:*:*", matchCriteriaId: "742A4A62-B35B-4DB8-BFB0-868C97E3418C", versionEndExcluding: "1.12.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain length changes when a repair operation occurs during a clean operation, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted PDF document.", }, { lang: "es", value: "pdf/pdf-write.c en Artifex MuPDF en versiones anteriores a la 1.12.0 gestiona de manera incorrecta determinados cambios de longitud cuando tiene lugar una operación de reparación durante una operación de limpieza. Esto permite que atacantes remotos provoquen una denegación de servicio (desbordamiento de búfer y cierre inesperado de la aplicación) o, posiblemente, causen otros impactos mediante un documento PDF manipulado.", }, ], id: "CVE-2017-17866", lastModified: "2024-11-21T03:18:50.950", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-12-27T17:08:20.640", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.ghostscript.com/cgi-bin/findgit.cgi?520cc26d18c9ee245b56e9e91f9d4fcae02be5f0", }, { source: "cve@mitre.org", tags: [ "Permissions Required", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698699", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4334", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.ghostscript.com/cgi-bin/findgit.cgi?520cc26d18c9ee245b56e9e91f9d4fcae02be5f0", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698699", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4334", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-23 23:15
Modified
2024-11-21 06:21
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A flaw was found in mupdf 1.18.0. Double free of object during linearization may lead to memory corruption and other potential consequences.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| artifex | mupdf | 1.18.0 | |
| fedoraproject | fedora | 32 | |
| fedoraproject | fedora | 33 | |
| fedoraproject | fedora | 34 | |
| debian | debian_linux | 9.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.18.0:-:*:*:*:*:*:*", matchCriteriaId: "DB83DDAD-11E6-405B-B4C3-DE7465B0D1B9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A flaw was found in mupdf 1.18.0. Double free of object during linearization may lead to memory corruption and other potential consequences.", }, { lang: "es", value: "Se encontró un fallo en mupdf versión 1.18.0. Una doble liberación de objetos durante la linealización puede conllevar a una corrupción de la memoria y otras potenciales consecuencias", }, ], id: "CVE-2021-3407", lastModified: "2024-11-21T06:21:25.993", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2021-02-23T23:15:14.100", references: [ { source: "secalert@redhat.com", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=cee7cefc610d42fd383b3c80c12cbc675443176a", }, { source: "secalert@redhat.com", url: "https://bugs.ghostscript.com/show_bug.cgi?id=703366", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00012.html", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LCADE3VSPWCGTE5BV4KL273R5VK3GDKM/", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M44PNYCBL33OD7GC75XNE6CDS4VSGVWO/", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLC6MPH7YS6JPU427XOFRLF3KKZQUZJN/", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202105-30", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=cee7cefc610d42fd383b3c80c12cbc675443176a", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugs.ghostscript.com/show_bug.cgi?id=703366", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00012.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LCADE3VSPWCGTE5BV4KL273R5VK3GDKM/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M44PNYCBL33OD7GC75XNE6CDS4VSGVWO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLC6MPH7YS6JPU427XOFRLF3KKZQUZJN/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202105-30", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-415", }, ], source: "secalert@redhat.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-415", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2017-02-15 06:59
Modified
2024-11-21 03:28
Severity ?
Summary
An issue was discovered in Artifex MuPDF before 1912de5f08e90af1d9d0a9791f58ba3afdb9d465. The pdf_run_xobject function in pdf-op-run.c encounters a NULL pointer dereference during a Fitz fz_paint_pixmap_with_mask painting operation. Versions 1.11 and later are unaffected.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| artifex | mupdf | * | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:*:*:*:*:*:*:*:*", matchCriteriaId: "79F8012F-8057-46D9-8638-40EA6CE979F7", versionEndExcluding: "1.11", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in Artifex MuPDF before 1912de5f08e90af1d9d0a9791f58ba3afdb9d465. The pdf_run_xobject function in pdf-op-run.c encounters a NULL pointer dereference during a Fitz fz_paint_pixmap_with_mask painting operation. Versions 1.11 and later are unaffected.", }, { lang: "es", value: "Se ha descubierto un problema en Artifex MuPDF antes de 1912de5f08e90af1d9d0a9791f58ba3afdb9d465. La función pdf_run_xobject en pdf-op-run.c encuentra una derivación de puntero NULL durante una operación de pintura Fitz fz_paint_pixmap_with_mask. Las versiones 1.11 y posteriores no se ven afectadas", }, ], id: "CVE-2017-5991", lastModified: "2024-11-21T03:28:50.903", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-02-15T06:59:00.917", references: [ { source: "cve@mitre.org", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=1912de5f08e90af1d9d0a9791f58ba3afdb9d465", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2017/dsa-3797", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.securityfocus.com/bid/96213", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=697500", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201706-08", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/42138/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=1912de5f08e90af1d9d0a9791f58ba3afdb9d465", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2017/dsa-3797", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.securityfocus.com/bid/96213", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=697500", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201706-08", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/42138/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-09-22 15:59
Modified
2024-11-21 02:56
Severity ?
Summary
Heap-based buffer overflow in the pdf_load_mesh_params function in pdf/pdf-shade.c in MuPDF allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a large decode array.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 8.0 | |
| artifex | mupdf | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:*:*:*:*:*:*:*:*", matchCriteriaId: "62C1A42B-E4DB-4696-A159-A7A6825739B3", versionEndIncluding: "1.9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Heap-based buffer overflow in the pdf_load_mesh_params function in pdf/pdf-shade.c in MuPDF allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a large decode array.", }, { lang: "es", value: "Desbordamiento de búfer basado en memoria dinámica en la función pdf_load_mesh_params en pdf/pdf-shade.c en MuPDF permite a atacantes remotos provocar una denegación de servicio (caída) o ejecutar código arbitrario a través de una decodificación array grande.", }, ], id: "CVE-2016-6525", lastModified: "2024-11-21T02:56:17.617", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-09-22T15:59:04.977", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "http://bugs.ghostscript.com/show_bug.cgi?id=696954", }, { source: "cve@mitre.org", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=39b0f07dd960f34e7e6bf230ffc3d87c41ef0f2e", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3655", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://www.openwall.com/lists/oss-security/2016/08/03/8", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.securityfocus.com/bid/92266", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201702-12", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://bugs.ghostscript.com/show_bug.cgi?id=696954", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=39b0f07dd960f34e7e6bf230ffc3d87c41ef0f2e", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3655", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://www.openwall.com/lists/oss-security/2016/08/03/8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.securityfocus.com/bid/92266", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201702-12", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-05-24 13:29
Modified
2024-11-21 03:39
Severity ?
Summary
In Artifex MuPDF 1.12.0 and earlier, multiple reachable assertions in the PDF parser allow an attacker to cause a denial of service (assert crash) via a crafted file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| artifex | mupdf | * | |
| debian | debian_linux | 9.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:*:*:*:*:*:*:*:*", matchCriteriaId: "98C162E1-CD83-4DF5-92FD-938F0CCDA53E", versionEndIncluding: "1.12.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Artifex MuPDF 1.12.0 and earlier, multiple reachable assertions in the PDF parser allow an attacker to cause a denial of service (assert crash) via a crafted file.", }, { lang: "es", value: "En MuPDF 1.12.0 y anteriores, múltiples aserciones alcanzables en el analizador PDF permiten que un atacante provoque una denegación de servicio (cierre inesperado de la aserción) mediante un archivo manipulado.", }, ], id: "CVE-2018-1000037", lastModified: "2024-11-21T03:39:29.360", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2018-05-24T13:29:00.430", references: [ { source: "cve@mitre.org", url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=71ceebcf56e682504da22c4035b39a2d451e8ffd%3Bhp=7f82c01523505052615492f8e220f4348ba46995", }, { source: "cve@mitre.org", url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=8a3257b01faa899dd9b5e35c6bb3403cd709c371%3Bhp=de39f005f12a1afc6973c1f5cec362d6545f70cb", }, { source: "cve@mitre.org", url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=b2e7d38e845c7d4922d05e6e41f3a2dc1bc1b14a%3Bhp=f51836b9732c38d945b87fda0770009a77ba680c", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5490", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5501", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5503", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5511", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5564", }, { source: "cve@mitre.org", url: "https://bugs.ghostscript.com/show_bug.cgi?id=698882", }, { source: "cve@mitre.org", url: "https://bugs.ghostscript.com/show_bug.cgi?id=698886", }, { source: "cve@mitre.org", url: "https://bugs.ghostscript.com/show_bug.cgi?id=698888", }, { source: "cve@mitre.org", url: "https://bugs.ghostscript.com/show_bug.cgi?id=698890", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201811-15", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4334", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=71ceebcf56e682504da22c4035b39a2d451e8ffd%3Bhp=7f82c01523505052615492f8e220f4348ba46995", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=8a3257b01faa899dd9b5e35c6bb3403cd709c371%3Bhp=de39f005f12a1afc6973c1f5cec362d6545f70cb", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=b2e7d38e845c7d4922d05e6e41f3a2dc1bc1b14a%3Bhp=f51836b9732c38d945b87fda0770009a77ba680c", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5490", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5501", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5503", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5511", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5564", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugs.ghostscript.com/show_bug.cgi?id=698882", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugs.ghostscript.com/show_bug.cgi?id=698886", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugs.ghostscript.com/show_bug.cgi?id=698888", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugs.ghostscript.com/show_bug.cgi?id=698890", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201811-15", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4334", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2017-09-22 06:29
Modified
2024-11-21 03:13
Severity ?
Summary
Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016aa61" on Windows. This occurs because xps_load_links_in_glyphs in xps/xps-link.c does not verify that an xps font could be loaded.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.11:*:*:*:*:*:*:*", matchCriteriaId: "13F18A1A-67A7-471B-AD7A-29F65DF4F2BD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", matchCriteriaId: "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to \"Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016aa61\" on Windows. This occurs because xps_load_links_in_glyphs in xps/xps-link.c does not verify that an xps font could be loaded.", }, { lang: "es", value: "La versión 1.11 de Artifex MuPDF permite que los atacantes provoquen una denegación de servicio o, posiblemente, otro impacto sin especificar mediante un archivo .xps manipulado. Esta vulnerabilidad está relacionada con \"Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016aa61\" en Windows. Esto ocurre porque xps_load_links_in_glyphs en xps/xps-link.c no verifica que se puede cargar una fuente xps.", }, ], id: "CVE-2017-14685", lastModified: "2024-11-21T03:13:19.080", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-09-22T06:29:00.207", references: [ { source: "cve@mitre.org", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=ab1a420613dec93c686acbee2c165274e922f82a", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2017/dsa-4006", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698539", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14685", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=ab1a420613dec93c686acbee2c165274e922f82a", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2017/dsa-4006", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698539", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14685", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-06-13 18:29
Modified
2024-11-21 04:48
Severity ?
Summary
Usage of an uninitialized variable in the function fz_load_jpeg in Artifex MuPDF 1.14 can result in a heap overflow vulnerability that allows an attacker to execute arbitrary code.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.14.0:*:*:*:*:*:*:*", matchCriteriaId: "48631AF2-1BED-4AD8-A18F-81D7B8921B0B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Usage of an uninitialized variable in the function fz_load_jpeg in Artifex MuPDF 1.14 can result in a heap overflow vulnerability that allows an attacker to execute arbitrary code.", }, { lang: "es", value: "El uso de una variable sin inicializar en la función fz_load_jpeg en Artifex MuPDF 1.14 puede dar como resultado una vulnerabilidad de desbordamiento de pila (heap) que permite a un atacante ejecutar código arbitrario.", }, ], id: "CVE-2019-7321", lastModified: "2024-11-21T04:48:00.447", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-13T18:29:00.730", references: [ { source: "cve@mitre.org", url: "https://bugs.ghostscript.com/show_bug.cgi?id=700560", }, { source: "cve@mitre.org", url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=2be83b57e77938fddbb06bdffb11979ad89a9c7d", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/ereisr00/bagofbugz/tree/master/MuPDF/700560", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugs.ghostscript.com/show_bug.cgi?id=700560", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/ereisr00/bagofbugz/tree/master/MuPDF/700560", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, { lang: "en", value: "CWE-908", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-12-06 00:29
Modified
2024-11-21 03:58
Severity ?
Summary
In Artifex MuPDF 1.14.0, the svg_run_image function in svg/svg-run.c allows remote attackers to cause a denial of service (href_att NULL pointer dereference and application crash) via a crafted svg file, as demonstrated by mupdf-gl.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.14.0:*:*:*:*:*:*:*", matchCriteriaId: "48631AF2-1BED-4AD8-A18F-81D7B8921B0B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Artifex MuPDF 1.14.0, the svg_run_image function in svg/svg-run.c allows remote attackers to cause a denial of service (href_att NULL pointer dereference and application crash) via a crafted svg file, as demonstrated by mupdf-gl.", }, { lang: "es", value: "En Artifex MuPDF 1.14.0, la función svg_run_image en svg/svg-run.c permite que atacantes remotos provoquen una denegación de servicio (desreferencia de puntero NULL de href_att y cierre inesperado de la aplicación) mediante un archivo svg manipulado, tal y como queda demostrado con mupdf-gl.", }, ], id: "CVE-2018-19882", lastModified: "2024-11-21T03:58:44.800", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-12-06T00:29:00.283", references: [ { source: "cve@mitre.org", url: "http://www.ghostscript.com/cgi-bin/findgit.cgi?a7f7d91cdff8d303c11d458fa8b802776f73c8cc", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=700342", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/TeamSeri0us/pocs/tree/master/mupdf/20181203", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNJNEX5EW6YH5OARXXSSXW4HHC5PIBSY/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SEK2EHVNREJ7XZMFF2MXRWKIF4IBHPNE/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=700342", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/TeamSeri0us/pocs/tree/master/mupdf/20181203", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNJNEX5EW6YH5OARXXSSXW4HHC5PIBSY/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SEK2EHVNREJ7XZMFF2MXRWKIF4IBHPNE/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-02-15 21:59
Modified
2024-11-21 02:59
Severity ?
Summary
The pdf_to_num function in pdf-object.c in MuPDF before 1.10 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted file.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:*:*:*:*:*:*:*:*", matchCriteriaId: "3CAF561C-636F-469C-B1CB-AB016D182B3A", versionEndIncluding: "1.9a", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The pdf_to_num function in pdf-object.c in MuPDF before 1.10 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted file.", }, { lang: "es", value: "La función pdf_to_num en pdf-object.c en MuPDF en versiones anteriores a 1.10 permite a atacantes remotos provocar una denegación de servicio (uso después de liberación y bloqueo de aplicación) a través de un archivo manipulado.", }, ], id: "CVE-2016-8674", lastModified: "2024-11-21T02:59:48.867", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-02-15T21:59:00.307", references: [ { source: "cve@mitre.org", url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=1e03c06456d997435019fb3526fa2d4be7dbc6ec", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2017/dsa-3797", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/10/16/8", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/93127", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", "VDB Entry", ], url: "https://blogs.gentoo.org/ago/2016/09/22/mupdf-use-after-free-in-pdf_to_num-pdf-object-c/", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=697015", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=697019", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1385685", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=1e03c06456d997435019fb3526fa2d4be7dbc6ec", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2017/dsa-3797", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/10/16/8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/93127", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", "VDB Entry", ], url: "https://blogs.gentoo.org/ago/2016/09/22/mupdf-use-after-free-in-pdf_to_num-pdf-object-c/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=697015", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=697019", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1385685", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-05-24 13:29
Modified
2024-11-21 03:39
Severity ?
Summary
In Artifex MuPDF 1.12.0 and earlier, multiple memory leaks in the PDF parser allow an attacker to cause a denial of service (memory leak) via a crafted file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5502 | Exploit, Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://bugs.ghostscript.com/show_bug.cgi?id=698887 | ||
| cve@mitre.org | https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=8aa2bd34065d2844aae778bd4cc20c74bbcd9406 | ||
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201811-15 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5502 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.ghostscript.com/show_bug.cgi?id=698887 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201811-15 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| artifex | mupdf | * | |
| debian | debian_linux | 9.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:*:*:*:*:*:*:*:*", matchCriteriaId: "98C162E1-CD83-4DF5-92FD-938F0CCDA53E", versionEndIncluding: "1.12.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Artifex MuPDF 1.12.0 and earlier, multiple memory leaks in the PDF parser allow an attacker to cause a denial of service (memory leak) via a crafted file.", }, { lang: "es", value: "En MuPDF 1.12.0 y anteriores, múltiples fugas de memoria en el analizador PDF permiten que un atacante provoque una denegación de servicio (fuga de memoria) mediante un archivo manipulado.", }, ], id: "CVE-2018-1000036", lastModified: "2024-11-21T03:39:29.173", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-05-24T13:29:00.337", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5502", }, { source: "cve@mitre.org", url: "https://bugs.ghostscript.com/show_bug.cgi?id=698887", }, { source: "cve@mitre.org", url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=8aa2bd34065d2844aae778bd4cc20c74bbcd9406", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201811-15", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5502", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugs.ghostscript.com/show_bug.cgi?id=698887", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201811-15", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-772", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-05-24 13:29
Modified
2024-11-21 03:39
Severity ?
Summary
In Artifex MuPDF 1.12.0 and earlier, a stack buffer overflow in function pdf_lookup_cmap_full in pdf/pdf-cmap.c could allow an attacker to execute arbitrary code via a crafted file.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:*:*:*:*:*:*:*:*", matchCriteriaId: "98C162E1-CD83-4DF5-92FD-938F0CCDA53E", versionEndIncluding: "1.12.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Artifex MuPDF 1.12.0 and earlier, a stack buffer overflow in function pdf_lookup_cmap_full in pdf/pdf-cmap.c could allow an attacker to execute arbitrary code via a crafted file.", }, { lang: "es", value: "En MuPDF 1.12.0 y anteriores, un desbordamiento de búfer basado en pila en la función pdf_lookup_cmap_full en pdf/pdf-cmap.c podría permitir que un atacante ejecute código arbitrario mediante un archivo manipulado.", }, ], id: "CVE-2018-1000038", lastModified: "2024-11-21T03:39:29.620", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-05-24T13:29:00.667", references: [ { source: "cve@mitre.org", url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=71ceebcf56e682504da22c4035b39a2d451e8ffd%3Bhp=7f82c01523505052615492f8e220f4348ba46995", }, { source: "cve@mitre.org", url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=f597300439e62f5e921f0d7b1e880b5c1a1f1607%3Bhp=093fc3b098dc5fadef5d8ad4b225db9fb124758b", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5494", }, { source: "cve@mitre.org", url: "https://bugs.ghostscript.com/show_bug.cgi?id=698884", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201811-15", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=71ceebcf56e682504da22c4035b39a2d451e8ffd%3Bhp=7f82c01523505052615492f8e220f4348ba46995", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=f597300439e62f5e921f0d7b1e880b5c1a1f1607%3Bhp=093fc3b098dc5fadef5d8ad4b225db9fb124758b", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5494", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugs.ghostscript.com/show_bug.cgi?id=698884", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201811-15", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-01-23 22:15
Modified
2024-11-21 01:44
Severity ?
Summary
SumatraPDF 2.1.1/MuPDF 1.0 allows remote attackers to cause an Integer Overflow in the lex_number() function via a corrupt PDF file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.exploit-db.com/exploits/23246 | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://bugs.ghostscript.com/show_bug.cgi?id=693371 | ||
| cve@mitre.org | https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=f919270b6a732ff45c3ba2d0c105e2b39e9c9bc9 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.exploit-db.com/exploits/23246 | Exploit, Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sumatrapdfreader | sumatrapdf | 2.1.1 | |
| artifex | mupdf | 1.0 | |
| artifex | mupdf | 1.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sumatrapdfreader:sumatrapdf:2.1.1:*:*:*:*:*:*:*", matchCriteriaId: "7423C1A3-5DC3-49BE-85BB-C55D2B058456", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.0:*:*:*:*:*:*:*", matchCriteriaId: "33369840-03D2-4EA4-9D73-B63431E4D7FD", vulnerable: true, }, { criteria: "cpe:2.3:a:artifex:mupdf:1.1:*:*:*:*:iphone_os:*:*", matchCriteriaId: "C1F34AD9-8596-4C75-AFC7-F1F524627811", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SumatraPDF 2.1.1/MuPDF 1.0 allows remote attackers to cause an Integer Overflow in the lex_number() function via a corrupt PDF file.", }, { lang: "es", value: "SumatraPDF versión 2.1.1 y MuPDF versión 1.0, permite a atacantes remotos causar un desbordamiento de enteros en la función lex_number() por medio de un archivo PDF corrupto.", }, ], id: "CVE-2012-5340", lastModified: "2024-11-21T01:44:32.650", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-01-23T22:15:09.683", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.exploit-db.com/exploits/23246", }, { source: "cve@mitre.org", url: "https://bugs.ghostscript.com/show_bug.cgi?id=693371", }, { source: "cve@mitre.org", url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=f919270b6a732ff45c3ba2d0c105e2b39e9c9bc9", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.exploit-db.com/exploits/23246", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-02-02 09:29
Modified
2024-11-21 04:10
Severity ?
Summary
pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could reference the object stream recursively and therefore run out of error stack, which allows remote attackers to cause a denial of service via a crafted PDF document.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| artifex | mupdf | 1.12.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.12.0:*:*:*:*:*:*:*", matchCriteriaId: "F503888C-29F3-4111-9549-9CD541EAC242", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could reference the object stream recursively and therefore run out of error stack, which allows remote attackers to cause a denial of service via a crafted PDF document.", }, { lang: "es", value: "pdf_load_obj_stm en pdf/pdf-xref.c en Artifex MuPDF 1.12.0 podría referenciar la secuencia de objetos de manera recursiva y por lo tanto agotar la pila de errores, lo que permite a los atacantes remotos provocar una denegación de servicio (DoS) mediante un documento PDF manipulado.", }, ], id: "CVE-2018-6544", lastModified: "2024-11-21T04:10:52.357", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-02-02T09:29:00.727", references: [ { source: "cve@mitre.org", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=26527eef77b3e51c2258c8e40845bfbc015e405d", }, { source: "cve@mitre.org", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=b03def134988da8c800adac1a38a41a1f09a1d89", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Permissions Required", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698830", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698965", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201811-15", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4152", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=26527eef77b3e51c2258c8e40845bfbc015e405d", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=b03def134988da8c800adac1a38a41a1f09a1d89", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Permissions Required", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698830", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698965", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201811-15", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4152", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-674", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-07-04 22:15
Modified
2024-11-21 04:24
Severity ?
Summary
Artifex MuPDF 1.15.0 has a heap-based buffer overflow in fz_append_display_node located at fitz/list-device.c, allowing remote attackers to execute arbitrary code via a crafted PDF file. This occurs with a large BDC property name that overflows the allocated size of a display list node.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.15.0:*:*:*:*:*:*:*", matchCriteriaId: "D97105A9-2C48-4AB1-A4AD-04E00B5CEF9F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Artifex MuPDF 1.15.0 has a heap-based buffer overflow in fz_append_display_node located at fitz/list-device.c, allowing remote attackers to execute arbitrary code via a crafted PDF file. This occurs with a large BDC property name that overflows the allocated size of a display list node.", }, { lang: "es", value: "Artifex MuPDF versión 1.15.0, presenta un desbordamiento de búfer en la región heap de la memoria en la función fz_append_display_node ubicado en el archivo fitz/list-device.c, lo que permite a atacantes remotos ejecutar código arbitrario por medio de un archivo PDF creado. Esto ocurre con un nombre de propiedad BDC largo que desborda el tamaño asignado de un nodo de lista de visualización.", }, ], id: "CVE-2019-13290", lastModified: "2024-11-21T04:24:38.207", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-07-04T22:15:10.807", references: [ { source: "cve@mitre.org", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=aaf794439e40a2ef544f15b50c20e657414dec7a", }, { source: "cve@mitre.org", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=ed19bc806809ad10c4ddce515d375581b86ede85", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://archive.today/oi6bm", }, { source: "cve@mitre.org", tags: [ "Permissions Required", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=701118", }, { source: "cve@mitre.org", url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00019.html", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUXKCY35PKC32IFHN4RBUCZ75OWEYVJH/", }, { source: "cve@mitre.org", url: "https://www.debian.org/security/2020/dsa-4753", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=aaf794439e40a2ef544f15b50c20e657414dec7a", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=ed19bc806809ad10c4ddce515d375581b86ede85", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://archive.today/oi6bm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=701118", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUXKCY35PKC32IFHN4RBUCZ75OWEYVJH/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2020/dsa-4753", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-10-18 08:29
Modified
2024-11-21 03:14
Severity ?
Summary
An integer overflow was discovered in pdf_read_new_xref_section in pdf/pdf-xref.c in Artifex MuPDF 1.11.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.11:*:*:*:*:*:*:*", matchCriteriaId: "13F18A1A-67A7-471B-AD7A-29F65DF4F2BD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An integer overflow was discovered in pdf_read_new_xref_section in pdf/pdf-xref.c in Artifex MuPDF 1.11.", }, { lang: "es", value: "Se ha descubierto un desbordamiento de enteros en pdf_read_new_xref_section en pdf/pdf-xref.c en Artifex MuPDF 1.11.", }, ], id: "CVE-2017-15587", lastModified: "2024-11-21T03:14:48.360", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-10-18T08:29:00.310", references: [ { source: "cve@mitre.org", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=82df2631d7d0446b206ea6b434ea609b6c28b0e8", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2017/dsa-4006", }, { source: "cve@mitre.org", url: "https://bugs.ghostscript.com/show_bug.cgi?id=698605", }, { source: "cve@mitre.org", url: "https://bugs.ghostscript.com/show_bug.cgi?id=698704", }, { source: "cve@mitre.org", url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=d18bc728e46c5a5708f14d27c2b6c44e1d0c3232", }, { source: "cve@mitre.org", url: "https://lists.debian.org/debian-lts-announce/2017/11/msg00007.html", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201811-15", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=82df2631d7d0446b206ea6b434ea609b6c28b0e8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2017/dsa-4006", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2017/11/msg00007.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201811-15", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-03-26 05:59
Modified
2024-11-21 03:31
Severity ?
Summary
Use-after-free vulnerability in the fz_subsample_pixmap function in fitz/pixmap.c in Artifex MuPDF 1.10a allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted document.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.10a:*:*:*:*:*:*:*", matchCriteriaId: "C03FAE98-D477-4974-B585-4D1D8DE409B6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Use-after-free vulnerability in the fz_subsample_pixmap function in fitz/pixmap.c in Artifex MuPDF 1.10a allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted document.", }, { lang: "es", value: "Vulnerabilidad de uso después de liberación en la función fz_subsample_pixmap en fitz/pixmap.c en Artifex Software, Inc. MuPDF 1.10a permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente tener otro impacto no especificado a través de un documento manipulado.", }, ], id: "CVE-2017-7264", lastModified: "2024-11-21T03:31:30.180", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2017-03-26T05:59:00.243", references: [ { source: "cve@mitre.org", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=2c4e5867ee699b1081527bc6c6ea0e99a35a5c27", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/97111", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", "VDB Entry", ], url: "https://blogs.gentoo.org/ago/2017/02/09/mupdf-use-after-free-in-fz_subsample_pixmap-pixmap-c/", }, { source: "cve@mitre.org", url: "https://bugs.ghostscript.com/show_bug.cgi?id=697515", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=2c4e5867ee699b1081527bc6c6ea0e99a35a5c27", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/97111", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", "VDB Entry", ], url: "https://blogs.gentoo.org/ago/2017/02/09/mupdf-use-after-free-in-fz_subsample_pixmap-pixmap-c/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugs.ghostscript.com/show_bug.cgi?id=697515", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-12-26 15:15
Modified
2024-11-21 08:37
Severity ?
Summary
A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in function bmp_decompress_rle4() of load-bmp.c.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.23.4:*:*:*:*:*:*:*", matchCriteriaId: "84C208C6-A3D9-4A82-83B9-FCBECD89AD23", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in function bmp_decompress_rle4() of load-bmp.c.", }, { lang: "es", value: "Se descubrió una vulnerabilidad de excepción de punto flotante (división por cero) en mupdf 1.23.4 en la función bmp_decompress_rle4() de load-bmp.c.", }, ], id: "CVE-2023-51105", lastModified: "2024-11-21T08:37:51.417", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-12-26T15:15:08.720", references: [ { source: "cve@mitre.org", url: "http://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=cee86dc519d5270a3b96476ad15809ceace64a26", }, { source: "cve@mitre.org", url: "https://bugs.ghostscript.com/show_bug.cgi?id=707622", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=cee86dc519d5270a3b96476ad15809ceace64a26", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugs.ghostscript.com/show_bug.cgi?id=707622", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-369", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-12-26 15:15
Modified
2024-11-21 08:37
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in functon compute_color() of jquant2.c. NOTE: this is disputed by the supplier because there was not reasonable evidence to determine the existence of a vulnerability or identify the affected product.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md | Exploit, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.23.4:*:*:*:*:*:*:*", matchCriteriaId: "84C208C6-A3D9-4A82-83B9-FCBECD89AD23", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [ { sourceIdentifier: "cve@mitre.org", tags: [ "disputed", ], }, ], descriptions: [ { lang: "en", value: "A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in functon compute_color() of jquant2.c. NOTE: this is disputed by the supplier because there was not reasonable evidence to determine the existence of a vulnerability or identify the affected product.", }, { lang: "es", value: "Se descubrió una vulnerabilidad de excepción de punto flotante (división por cero) en mupdf 1.23.4 en la función compute_color() de jquant2.c.", }, ], id: "CVE-2023-51107", lastModified: "2024-11-21T08:37:51.720", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-12-26T15:15:08.807", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-369", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-369", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2018-09-06 23:29
Modified
2024-11-21 03:53
Severity ?
Summary
In Artifex MuPDF 1.13.0, the fz_append_byte function in fitz/buffer.c allows remote attackers to cause a denial of service (segmentation fault) via a crafted pdf file. This is caused by a pdf/pdf-device.c pdf_dev_alpha array-index underflow.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.13.0:*:*:*:*:*:*:*", matchCriteriaId: "59D72588-9786-4242-A86B-D084604F9E08", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Artifex MuPDF 1.13.0, the fz_append_byte function in fitz/buffer.c allows remote attackers to cause a denial of service (segmentation fault) via a crafted pdf file. This is caused by a pdf/pdf-device.c pdf_dev_alpha array-index underflow.", }, { lang: "es", value: "La función fz_append_byte en fitz/buffer.c en Artifex MuPDF 1.13.0 permite que atacantes remotos provoquen una denegación de servicio (fallo de segmentación) mediante un archivo pdf manipulado. Esto se ha provocado por un subdesbordamiento de índice de arrays pdf_dev_alpha en pdf/pdf-device.c.", }, ], id: "CVE-2018-16648", lastModified: "2024-11-21T03:53:08.350", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-09-06T23:29:01.927", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=699685", }, { source: "cve@mitre.org", url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=38f883fe129a5e89306252a4676eaaf4bc968824", }, { source: "cve@mitre.org", url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=699685", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00019.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-129", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-04-24 19:29
Modified
2024-11-21 02:59
Severity ?
Summary
An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. A specially crafted PDF file can cause a out of bounds write resulting in heap metadata and sensitive process memory corruption leading to potential code execution. Victim needs to open the specially crafted file in a vulnerable reader in order to trigger this vulnerability.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.10:rc1:*:*:*:*:*:*", matchCriteriaId: "8A070189-2FC4-4F03-A204-7E3262DE6D6D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. A specially crafted PDF file can cause a out of bounds write resulting in heap metadata and sensitive process memory corruption leading to potential code execution. Victim needs to open the specially crafted file in a vulnerable reader in order to trigger this vulnerability.", }, { lang: "es", value: "Existe una vulnerabilidad explotable de escritura fuera de límites en la memoria dinámica (heap) en la parte de la biblioteca gráfica Fitz del representador MuPDF. Un archivo PDF especialmente manipulado puede provocar una escritura fuera de límites que resulta en la corrupción de los metadatos del heap y de la memoria sensible del proceso. Esto conduce a la potencial ejecución de código. La víctima necesita abrir el archivo especialmente manipulado en un lector vulnerable para desencadenar esta vulnerabilidad.", }, ], id: "CVE-2016-8728", lastModified: "2024-11-21T02:59:56.283", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 6, source: "talos-cna@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-04-24T19:29:00.423", references: [ { source: "talos-cna@cisco.com", tags: [ "Third Party Advisory", ], url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0242", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ghostscript.com/cgi-bin/findgit.cgi?0c86abf954ca4a5f00c26f6600acac93f9fc3538", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugs.ghostscript.com/show_bug.cgi?id=697395", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0242", }, ], sourceIdentifier: "talos-cna@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-05-24 13:29
Modified
2024-11-21 03:39
Severity ?
Summary
In Artifex MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an attacker to execute arbitrary code, read memory, or cause a denial of service via a crafted file.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:*:*:*:*:*:*:*:*", matchCriteriaId: "98C162E1-CD83-4DF5-92FD-938F0CCDA53E", versionEndIncluding: "1.12.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Artifex MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an attacker to execute arbitrary code, read memory, or cause a denial of service via a crafted file.", }, { lang: "es", value: "En MuPDF 1.12.0 y anteriores, múltiples errores de uso de memoria dinámica (heap) previamente liberada en el analizador PDF podrían permitir que un atacante ejecute código arbitrario, lea memoria o provoque una denegación de servicio (DoS) mediante un archivo manipulado.", }, ], id: "CVE-2018-1000039", lastModified: "2024-11-21T03:39:29.797", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.4, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2018-05-24T13:29:00.807", references: [ { source: "cve@mitre.org", url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=4dcc6affe04368461310a21238f7e1871a752a05%3Bhp=8ec561d1bccc46e9db40a9f61310cd8b3763914e", }, { source: "cve@mitre.org", url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=71ceebcf56e682504da22c4035b39a2d451e8ffd%3Bhp=7f82c01523505052615492f8e220f4348ba46995", }, { source: "cve@mitre.org", url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=f597300439e62f5e921f0d7b1e880b5c1a1f1607%3Bhp=093fc3b098dc5fadef5d8ad4b225db9fb124758b", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5492", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5513", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5521", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5604", }, { source: "cve@mitre.org", url: "https://bugs.ghostscript.com/show_bug.cgi?id=698883", }, { source: "cve@mitre.org", url: "https://bugs.ghostscript.com/show_bug.cgi?id=698888", }, { source: "cve@mitre.org", url: "https://bugs.ghostscript.com/show_bug.cgi?id=698891", }, { source: "cve@mitre.org", url: "https://bugs.ghostscript.com/show_bug.cgi?id=698892", }, { source: "cve@mitre.org", url: "https://bugs.ghostscript.com/show_bug.cgi?id=698901", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201811-15", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=4dcc6affe04368461310a21238f7e1871a752a05%3Bhp=8ec561d1bccc46e9db40a9f61310cd8b3763914e", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=71ceebcf56e682504da22c4035b39a2d451e8ffd%3Bhp=7f82c01523505052615492f8e220f4348ba46995", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=f597300439e62f5e921f0d7b1e880b5c1a1f1607%3Bhp=093fc3b098dc5fadef5d8ad4b225db9fb124758b", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5492", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5513", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5521", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5604", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugs.ghostscript.com/show_bug.cgi?id=698883", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugs.ghostscript.com/show_bug.cgi?id=698888", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugs.ghostscript.com/show_bug.cgi?id=698891", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugs.ghostscript.com/show_bug.cgi?id=698892", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugs.ghostscript.com/show_bug.cgi?id=698901", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201811-15", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-10-02 06:15
Modified
2024-11-21 05:19
Severity ?
Summary
Artifex MuPDF before 1.18.0 has a heap based buffer over-write when parsing JBIG2 files allowing attackers to cause a denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| artifex | mupdf | * | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| fedoraproject | fedora | 32 | |
| fedoraproject | fedora | 33 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:*:*:*:*:*:*:*:*", matchCriteriaId: "16F9EE47-9275-4412-A0B0-4AD83F610AD8", versionEndExcluding: "1.18.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Artifex MuPDF before 1.18.0 has a heap based buffer over-write when parsing JBIG2 files allowing attackers to cause a denial of service.", }, { lang: "es", value: "Artifex MuPDF antes de la 1.18.0 tiene un búfer basado en heap que se sobreescribe al analizar los archivos JBIG2 permitiendo a los atacantes causar una denegación de servicio", }, ], id: "CVE-2020-26519", lastModified: "2024-11-21T05:19:59.017", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-10-02T06:15:12.487", references: [ { source: "cve@mitre.org", url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commit%3Bh=af1e390a2c7abceb32676ec684cd1dbb92907ce8", }, { source: "cve@mitre.org", tags: [ "Permissions Required", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=702937", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00012.html", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SOF4PX2A5TGKKPMXINADSOJJ4H5UUMKK/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WJMBKWVY7ZBIQV3EU5YHEFH5XWV4PABG/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202105-30", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4794", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commit%3Bh=af1e390a2c7abceb32676ec684cd1dbb92907ce8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=702937", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00012.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SOF4PX2A5TGKKPMXINADSOJJ4H5UUMKK/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WJMBKWVY7ZBIQV3EU5YHEFH5XWV4PABG/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202105-30", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4794", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-12-26 15:15
Modified
2024-11-21 08:37
Severity ?
Summary
A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in function pnm_binary_read_image() of load-pnm.c when span equals zero.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.23.4:*:*:*:*:*:*:*", matchCriteriaId: "84C208C6-A3D9-4A82-83B9-FCBECD89AD23", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in function pnm_binary_read_image() of load-pnm.c when span equals zero.", }, { lang: "es", value: "Se descubrió una vulnerabilidad de excepción de punto flotante (división por cero) en mupdf 1.23.4 en la función pnm_binary_read_image() de la línea 527 de load-pnm.c.", }, ], id: "CVE-2023-51104", lastModified: "2024-11-21T08:37:51.243", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-12-26T15:15:08.670", references: [ { source: "cve@mitre.org", url: "http://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=0c06a4e51519515615f6ab2d5b1f25da6771e1f4", }, { source: "cve@mitre.org", url: "https://bugs.ghostscript.com/show_bug.cgi?id=707621", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=0c06a4e51519515615f6ab2d5b1f25da6771e1f4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugs.ghostscript.com/show_bug.cgi?id=707621", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-369", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-12-09 21:15
Modified
2024-11-21 05:07
Severity ?
Summary
A Use After Free vulnerability exists in Artifex Software, Inc. MuPDF library 1.17.0-rc1 and earlier when a valid page was followed by a page with invalid pixmap dimensions, causing bander - a static - to point to previously freed memory instead of a newband_writer.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:*:*:*:*:*:*:*:*", matchCriteriaId: "84D9E99D-AFE5-4BD8-A5A2-FD109C6F0A60", versionEndIncluding: "1.16.1", vulnerable: true, }, { criteria: "cpe:2.3:a:artifex:mupdf:1.17.0:rc1:*:*:*:*:*:*", matchCriteriaId: "4251AECB-BFFB-479A-B73A-B222A3DBC936", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A Use After Free vulnerability exists in Artifex Software, Inc. MuPDF library 1.17.0-rc1 and earlier when a valid page was followed by a page with invalid pixmap dimensions, causing bander - a static - to point to previously freed memory instead of a newband_writer.", }, { lang: "es", value: "Se presenta un vulnerabilidad de Uso de la Memoria Previamente Liberada en la biblioteca MuPDF de Artifex Software, Inc versión 1.17.0-rc1 y anteriores, cuando una página válida fue seguida por una página con dimensiones pixmap no válidas, causando que el anillador - a static - apunte a la memoria previamente liberada en lugar de un newband_writer", }, ], id: "CVE-2020-16600", lastModified: "2024-11-21T05:07:11.093", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-12-09T21:15:15.413", references: [ { source: "cve@mitre.org", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=96751b25462f83d6e16a9afaf8980b0c3f979c8b", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=702253", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=96751b25462f83d6e16a9afaf8980b0c3f979c8b", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=702253", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-10-31 01:15
Modified
2024-11-21 08:02
Severity ?
Summary
MuPDF v1.21.1 was discovered to contain an infinite recursion in the component pdf_mark_list_push. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.21.1:*:*:*:*:*:*:*", matchCriteriaId: "E61096B9-A405-4512-AD1E-7FEE96CFF38B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "MuPDF v1.21.1 was discovered to contain an infinite recursion in the component pdf_mark_list_push. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.", }, { lang: "es", value: "Se descubrió que MuPDF v1.21.1 contiene una recursividad infinita en el componente pdf_mark_list_push. Esta vulnerabilidad permite a los atacantes provocar una denegación de servicio (DoS) a través de un archivo PDF manipulado.", }, ], id: "CVE-2023-31794", lastModified: "2024-11-21T08:02:15.753", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-10-31T01:15:07.497", references: [ { source: "cve@mitre.org", tags: [ "Permissions Required", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=706506", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://gist.github.com/spookhorror/c770d118767b1b0d89fdfe2845169d06", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://git.ghostscript.com/?p=mupdf.git%3Bh=c0015401693b58e2deb5d75c39f27bc1216e47c6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=706506", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://gist.github.com/spookhorror/c770d118767b1b0d89fdfe2845169d06", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://git.ghostscript.com/?p=mupdf.git%3Bh=c0015401693b58e2deb5d75c39f27bc1216e47c6", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-674", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-08-26 16:15
Modified
2024-11-21 06:37
Severity ?
Summary
A Floating point exception (division-by-zero) flaw was found in Mupdf for zero width pages in muraster.c. It is fixed in Mupdf-1.20.0-rc1 upstream.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://bugs.ghostscript.com/show_bug.cgi?id=704834 | Permissions Required | |
| secalert@redhat.com | https://github.com/ArtifexSoftware/mupdf/commit/22c47acbd52949421f8c7cb46ea1556827d0fcbf | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.ghostscript.com/show_bug.cgi?id=704834 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/ArtifexSoftware/mupdf/commit/22c47acbd52949421f8c7cb46ea1556827d0fcbf | Patch, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:*:*:*:*:*:*:*:*", matchCriteriaId: "11EB83ED-4B1E-4503-AABB-1182ED39051B", versionEndExcluding: "1.20.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A Floating point exception (division-by-zero) flaw was found in Mupdf for zero width pages in muraster.c. It is fixed in Mupdf-1.20.0-rc1 upstream.", }, { lang: "es", value: "Se encontró un fallo de excepción de punto Flotante (división por cero) en Mupdf para páginas de ancho cero en el archivo muraster.c. Ha sido corregido en Mupdf versión 1.20.0-rc1 upstream.", }, ], id: "CVE-2021-4216", lastModified: "2024-11-21T06:37:10.217", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-08-26T16:15:09.820", references: [ { source: "secalert@redhat.com", tags: [ "Permissions Required", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=704834", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/ArtifexSoftware/mupdf/commit/22c47acbd52949421f8c7cb46ea1556827d0fcbf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=704834", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/ArtifexSoftware/mupdf/commit/22c47acbd52949421f8c7cb46ea1556827d0fcbf", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-369", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-369", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-09-06 23:29
Modified
2024-11-21 03:53
Severity ?
Summary
In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation fault in fz_write_data in fitz/output.c) via a crafted pdf file.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.13.0:*:*:*:*:*:*:*", matchCriteriaId: "59D72588-9786-4242-A86B-D084604F9E08", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation fault in fz_write_data in fitz/output.c) via a crafted pdf file.", }, { lang: "es", value: "La función pdf_get_xref_entry en pdf/pdf-xref.c en Artifex MuPDF 1.13.0 permite que atacantes remotos provoquen una denegación de servicio (fallo de segmentación en fz_write_data en fitz/output.c) mediante un archivo pdf manipulado.", }, ], id: "CVE-2018-16647", lastModified: "2024-11-21T03:53:08.207", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-09-06T23:29:01.820", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=699686", }, { source: "cve@mitre.org", url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=351c99d8ce23bbf7099dbd52771a095f67e45a2c", }, { source: "cve@mitre.org", url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=699686", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00019.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-04-03 05:59
Modified
2024-11-21 02:43
Severity ?
Summary
The count_entries function in pdf-layer.c in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted PDF document.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.10a:*:*:*:*:*:*:*", matchCriteriaId: "C03FAE98-D477-4974-B585-4D1D8DE409B6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The count_entries function in pdf-layer.c in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted PDF document.", }, { lang: "es", value: "La función count_entries function en pdf-layer.c en Artifex Software, Inc. MuPDF 1.10a permite a atacantes remotos provocar una denegación de servicio (consumo de pila y caída de la aplicación) a través de un documento PDF manipulado.", }, ], id: "CVE-2016-10221", lastModified: "2024-11-21T02:43:35.930", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2017-04-03T05:59:00.473", references: [ { source: "cve@mitre.org", url: "http://www.ghostscript.com/cgi-bin/findgit.cgi?2590fed7a355a421f062ebd4293df892800fa7ac", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=697400", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201706-08", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=697400", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201706-08", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-02-05 18:15
Modified
2024-11-21 08:59
Severity ?
Summary
freeglut through 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddMenuEntry function.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.23.9:*:*:*:*:*:*:*", matchCriteriaId: "3F04E282-A975-4785-B8F2-A65652CF6853", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "freeglut through 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddMenuEntry function.", }, { lang: "es", value: "Se descubrió que mupdf v1.23.9 contenía una pérdida de memoria a través de la variable menuEntry en la función glutAddMenuEntry.", }, ], id: "CVE-2024-24259", lastModified: "2024-11-21T08:59:04.417", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-02-05T18:15:52.133", references: [ { source: "cve@mitre.org", url: "https://github.com/freeglut/freeglut/pull/155", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/yinluming13579/mupdf_defects/blob/main/mupdf_detect_2.md", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IBAWX3HMMZVAWJZ3U6VOAYYOYJCN3IS/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T43DAHPIWMGN54E4I6ABLHNYHZSTX7H5/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/freeglut/freeglut/pull/155", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/yinluming13579/mupdf_defects/blob/main/mupdf_detect_2.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IBAWX3HMMZVAWJZ3U6VOAYYOYJCN3IS/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T43DAHPIWMGN54E4I6ABLHNYHZSTX7H5/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-401", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-04-24 19:29
Modified
2024-11-21 02:59
Severity ?
Summary
An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. A specially crafted PDF can cause a negative number to be passed to a memset resulting in memory corruption and potential code execution. An attacker can specially craft a PDF and send to the victim to trigger this vulnerability.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.9:*:*:*:*:*:*:*", matchCriteriaId: "1FC75743-7A56-47AC-BDAA-42C9C6DAF55E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. A specially crafted PDF can cause a negative number to be passed to a memset resulting in memory corruption and potential code execution. An attacker can specially craft a PDF and send to the victim to trigger this vulnerability.", }, { lang: "es", value: "Existe una vulnerabilidad explotable de corrupción de memoria en el analizador JBIG2 de Artifex MuPDF 1.9. Un archivo PDF especialmente manipulado puede provocar que un número negativo se pase a un memset, lo que resulta en la corrupción de memoria y la potencial ejecución de código. Un atacante puede manipular un PDF y enviarlo a la víctima para desencadenar esta vulnerabilidad.", }, ], id: "CVE-2016-8729", lastModified: "2024-11-21T02:59:56.423", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.6, impactScore: 5.9, source: "talos-cna@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-04-24T19:29:00.487", references: [ { source: "talos-cna@cisco.com", tags: [ "Third Party Advisory", ], url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0243", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugs.ghostscript.com/show_bug.cgi?id=697395", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/jbig2dec.git/commit/?id=e698d5c11d27212aa1098bc5b1673a3378563092", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=1a7ef61410884daff8ff8391ddcecc3102acd989", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0243", }, ], sourceIdentifier: "talos-cna@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-07-21 15:15
Modified
2024-11-21 05:09
Severity ?
Summary
Artifex MuPDF before 1.18.0 has a heap based buffer over-write in tiff_expand_colormap() function when parsing TIFF files allowing attackers to cause a denial of service.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://git.ghostscript.com/?p=mupdf.git%3Bh=b7892cdc7fae62aa57d63ae62144e1f11b5f9275 | ||
| cve@mitre.org | https://bugs.ghostscript.com/show_bug.cgi?id=701176 | Issue Tracking, Patch, Vendor Advisory | |
| cve@mitre.org | https://bugs.ghostscript.com/show_bug.cgi?id=703076 | Exploit, Issue Tracking, Vendor Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.ghostscript.com/?p=mupdf.git%3Bh=b7892cdc7fae62aa57d63ae62144e1f11b5f9275 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.ghostscript.com/show_bug.cgi?id=701176 | Issue Tracking, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.ghostscript.com/show_bug.cgi?id=703076 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| artifex | mupdf | * | |
| debian | debian_linux | 9.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:*:*:*:*:*:*:*:*", matchCriteriaId: "16F9EE47-9275-4412-A0B0-4AD83F610AD8", versionEndExcluding: "1.18.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Artifex MuPDF before 1.18.0 has a heap based buffer over-write in tiff_expand_colormap() function when parsing TIFF files allowing attackers to cause a denial of service.", }, { lang: "es", value: "Artifex MuPDF versiones anteriores a 1.18.0, presenta una sobreescritura de búfer en la región heap de la memoria en la función tiff_expand_colormap() cuando se analizan archivos TIFF, lo que permite a atacantes causar una denegación de servicio", }, ], id: "CVE-2020-19609", lastModified: "2024-11-21T05:09:15.840", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-07-21T15:15:12.570", references: [ { source: "cve@mitre.org", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=b7892cdc7fae62aa57d63ae62144e1f11b5f9275", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=701176", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=703076", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=b7892cdc7fae62aa57d63ae62144e1f11b5f9275", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=701176", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=703076", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-07-21 22:15
Modified
2024-11-21 06:14
Severity ?
Summary
MuPDF through 1.18.1 has an out-of-bounds write because the cached color converter does not properly consider the maximum key size of a hash table. This can, for example, be seen with crafted "mutool draw" input.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| artifex | mupdf | * | |
| fedoraproject | fedora | 34 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:*:*:*:*:*:*:*:*", matchCriteriaId: "E019F36C-710D-41EE-9CF5-C434226D2F51", versionEndIncluding: "1.18.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "MuPDF through 1.18.1 has an out-of-bounds write because the cached color converter does not properly consider the maximum key size of a hash table. This can, for example, be seen with crafted \"mutool draw\" input.", }, { lang: "es", value: "MuPDF versiones hasta 1.18.1 presenta una escritura fuera de límites porque el convertidor de color en caché no considera apropiadamente el tamaño máximo de la clave de una tabla hash. Esto puede verse, por ejemplo, con la entrada \"mutool draw\" diseñada", }, ], id: "CVE-2021-37220", lastModified: "2024-11-21T06:14:53.407", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-07-21T22:15:08.170", references: [ { source: "cve@mitre.org", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=f5712c9949d026e4b891b25837edd2edc166151f", }, { source: "cve@mitre.org", tags: [ "Exploit", "Vendor Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=703791", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TKRMREIYUBGG2GV73CU7BJNW2Q34IP23/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=f5712c9949d026e4b891b25837edd2edc166151f", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Vendor Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=703791", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TKRMREIYUBGG2GV73CU7BJNW2Q34IP23/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-09-22 15:59
Modified
2024-11-21 02:55
Severity ?
Summary
Use-after-free vulnerability in the pdf_load_xref function in pdf/pdf-xref.c in MuPDF allows remote attackers to cause a denial of service (crash) via a crafted PDF file.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:*:*:*:*:*:*:*:*", matchCriteriaId: "62C1A42B-E4DB-4696-A159-A7A6825739B3", versionEndIncluding: "1.9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", matchCriteriaId: "4863BE36-D16A-4D75-90D9-FD76DB5B48B7", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Use-after-free vulnerability in the pdf_load_xref function in pdf/pdf-xref.c in MuPDF allows remote attackers to cause a denial of service (crash) via a crafted PDF file.", }, { lang: "es", value: "Vulnerabilidad de uso después de liberación en la función pdf_load_xref en pdf/pdf-xref.c en MuPDF permite a atacantes remotos provocar una denegación de servicio (caída) a través de un archivo PDF manipulado.", }, ], id: "CVE-2016-6265", lastModified: "2024-11-21T02:55:46.750", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-09-22T15:59:01.583", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Patch", ], url: "http://bugs.ghostscript.com/show_bug.cgi?id=696941", }, { source: "cve@mitre.org", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=fa1936405b6a84e5c9bb440912c23d532772f958", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2016-08/msg00007.html", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2016/dsa-3655", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://www.openwall.com/lists/oss-security/2016/07/21/7", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.securityfocus.com/bid/92071", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201702-12", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", ], url: "http://bugs.ghostscript.com/show_bug.cgi?id=696941", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=fa1936405b6a84e5c9bb440912c23d532772f958", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2016-08/msg00007.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2016/dsa-3655", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://www.openwall.com/lists/oss-security/2016/07/21/7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.securityfocus.com/bid/92071", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201702-12", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-03-16 14:59
Modified
2024-11-21 02:43
Severity ?
Summary
Buffer overflow in the main function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| artifex | mupdf | * | |
| debian | debian_linux | 9.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:*:rc2:*:*:*:*:*:*", matchCriteriaId: "78864BA0-664E-4B5A-8384-B26671EE3FB4", versionEndIncluding: "1.10", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Buffer overflow in the main function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.", }, { lang: "es", value: "Desbordamiento de búfer en la función principal en jstest_main.c en Mujstest en Artifex Software, Inc. MuPDF en versiones anteriores a 1.10 permite a atacantes provocar una denegación de servicio (escritura fuera de límites) a través de un archivo manipulado.", }, ], id: "CVE-2016-10246", lastModified: "2024-11-21T02:43:38.803", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-03-16T14:59:00.157", references: [ { source: "cve@mitre.org", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=cfe8f35bca61056363368c343be36812abde0a06", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2017/03/13/21", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", "VDB Entry", ], url: "https://blogs.gentoo.org/ago/2016/09/24/mupdf-mujstest-global-buffer-overflow-in-main-jstest_main-c/", }, { source: "cve@mitre.org", url: "https://bugs.ghostscript.com/show_bug.cgi?id=697020", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=cfe8f35bca61056363368c343be36812abde0a06", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2017/03/13/21", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", "VDB Entry", ], url: "https://blogs.gentoo.org/ago/2016/09/24/mupdf-mujstest-global-buffer-overflow-in-main-jstest_main-c/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-02-15 19:59
Modified
2024-11-21 03:28
Severity ?
Summary
Heap-based buffer overflow in the fz_subsample_pixmap function in fitz/pixmap.c in MuPDF 1.10a allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted image.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:*:*:*:*:*:*:*:*", matchCriteriaId: "7718D9BB-FEB8-4C5D-847E-9085BDA1A449", versionEndIncluding: "1.10", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Heap-based buffer overflow in the fz_subsample_pixmap function in fitz/pixmap.c in MuPDF 1.10a allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted image.", }, { lang: "es", value: "Desbordamiento de búfer basado en pila en la función fz_subsample_pixmap en fitz/pixmap.c en MuPDF 1.10a permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites y caída) a través de una imagen manipulada.", }, ], id: "CVE-2017-5896", lastModified: "2024-11-21T03:28:37.440", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-02-15T19:59:01.250", references: [ { source: "cve@mitre.org", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=2c4e5867ee699b1081527bc6c6ea0e99a35a5c27", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2017/dsa-3797", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2017/02/06/3", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2017/02/07/1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/96139", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=697515", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201702-12", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=2c4e5867ee699b1081527bc6c6ea0e99a35a5c27", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2017/dsa-3797", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2017/02/06/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2017/02/07/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/96139", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=697515", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201702-12", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-01-24 10:29
Modified
2024-11-21 04:10
Severity ?
Summary
In Artifex MuPDF 1.12.0, there is a heap-based buffer overflow vulnerability in the do_pdf_save_document function in the pdf/pdf-write.c file. Remote attackers could leverage the vulnerability to cause a denial of service via a crafted pdf file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/102823 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://bugs.ghostscript.com/show_bug.cgi?id=698908 | Exploit, Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=3e30fbb7bf5efd88df431e366492356e7eb969ec | ||
| cve@mitre.org | https://security.gentoo.org/glsa/201811-15 | Third Party Advisory | |
| cve@mitre.org | https://www.debian.org/security/2018/dsa-4334 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/102823 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.ghostscript.com/show_bug.cgi?id=698908 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201811-15 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2018/dsa-4334 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| artifex | mupdf | 1.12.0 | |
| debian | debian_linux | 9.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.12.0:*:*:*:*:*:*:*", matchCriteriaId: "F503888C-29F3-4111-9549-9CD541EAC242", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Artifex MuPDF 1.12.0, there is a heap-based buffer overflow vulnerability in the do_pdf_save_document function in the pdf/pdf-write.c file. Remote attackers could leverage the vulnerability to cause a denial of service via a crafted pdf file.", }, { lang: "es", value: "En Artifex MuPDF 1.12.0, hay una vulnerabilidad de desbordamiento de búfer basado en memoria dinámica (heap) en la función do_pdf_save_document en el archivo pdf/pdf-write.c. Los atacantes remotos pueden aprovechar esta vulnerabilidad para provocar una denegación de servicio (DoS) mediante un archivo pdf manipulado.", }, ], id: "CVE-2018-6187", lastModified: "2024-11-21T04:10:15.027", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-01-24T10:29:01.097", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/102823", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698908", }, { source: "cve@mitre.org", url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=3e30fbb7bf5efd88df431e366492356e7eb969ec", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201811-15", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4334", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/102823", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698908", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201811-15", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4334", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-12-26 15:15
Modified
2024-11-21 08:37
Severity ?
Summary
A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in the function fz_new_pixmap_from_float_data() of pixmap.c.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.23.4:*:*:*:*:*:*:*", matchCriteriaId: "84C208C6-A3D9-4A82-83B9-FCBECD89AD23", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in the function fz_new_pixmap_from_float_data() of pixmap.c.", }, { lang: "es", value: "Se descubrió una vulnerabilidad de excepción de punto flotante (división por cero) en mupdf 1.23.4 en la función fz_new_pixmap_from_float_data() de pixmap.c.", }, ], id: "CVE-2023-51103", lastModified: "2024-11-21T08:37:51.063", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-12-26T15:15:08.630", references: [ { source: "cve@mitre.org", url: "http://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=f1b5f87edd2675d5c79301e4ef2e1139f67f904b", }, { source: "cve@mitre.org", url: "https://bugs.ghostscript.com/show_bug.cgi?id=707620", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=f1b5f87edd2675d5c79301e4ef2e1139f67f904b", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugs.ghostscript.com/show_bug.cgi?id=707620", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-369", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-03-03 16:55
Modified
2024-11-21 02:05
Severity ?
Summary
Stack-based buffer overflow in the xps_parse_color function in xps/xps-common.c in MuPDF 1.3 and earlier allows remote attackers to execute arbitrary code via a large number of entries in the ContextColor value of the Fill attribute in a Path element.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:*:*:*:*:*:*:*:*", matchCriteriaId: "2FA11CBD-04CA-40ED-9014-9B848DCBE28D", versionEndIncluding: "1.3", vulnerable: true, }, { criteria: "cpe:2.3:a:artifex:mupdf:1.0:*:*:*:*:*:*:*", matchCriteriaId: "33369840-03D2-4EA4-9D73-B63431E4D7FD", vulnerable: true, }, { criteria: "cpe:2.3:a:artifex:mupdf:1.1:*:*:*:*:*:*:*", matchCriteriaId: "73CAC753-E44F-40D2-A484-94907D5F185F", vulnerable: true, }, { criteria: "cpe:2.3:a:artifex:mupdf:1.2:*:*:*:*:*:*:*", matchCriteriaId: "5DA67C35-BB05-4897-A91B-331CC34C3A02", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Stack-based buffer overflow in the xps_parse_color function in xps/xps-common.c in MuPDF 1.3 and earlier allows remote attackers to execute arbitrary code via a large number of entries in the ContextColor value of the Fill attribute in a Path element.", }, { lang: "es", value: "Desbordamiento de buffer basado en pila en la función xps_parse_color en xps/xps-common.c en MuPDF 1.3 y anteriores permite a atacantes remotos ejecutar código arbitrario a través de un número grande de entradas en el valor ContextColor del atributo Fill en un elemento Path.", }, ], id: "CVE-2014-2013", lastModified: "2024-11-21T02:05:27.300", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-03-03T16:55:04.350", references: [ { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://bugs.ghostscript.com/show_bug.cgi?id=694957", }, { source: "cve@mitre.org", url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=60dabde18d7fe12b19da8b509bdfee9cc886aafc", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-updates/2014-02/msg00088.html", }, { source: "cve@mitre.org", url: "http://seclists.org/fulldisclosure/2014/Jan/130", }, { source: "cve@mitre.org", url: "http://seclists.org/oss-sec/2014/q1/375", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/58904", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2014/dsa-2951", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://www.exploit-db.com/exploits/31090", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://www.hdwsec.fr/blog/mupdf.html", }, { source: "cve@mitre.org", url: "http://www.osvdb.org/102340", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/65036", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://bugs.ghostscript.com/show_bug.cgi?id=694957", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=60dabde18d7fe12b19da8b509bdfee9cc886aafc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2014-02/msg00088.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://seclists.org/fulldisclosure/2014/Jan/130", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://seclists.org/oss-sec/2014/q1/375", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/58904", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2014/dsa-2951", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://www.exploit-db.com/exploits/31090", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://www.hdwsec.fr/blog/mupdf.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.osvdb.org/102340", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/65036", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-01-11 05:29
Modified
2024-11-21 04:46
Severity ?
Summary
svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack consumption in svg_run_use_symbol, svg_run_element, and svg_run_use, as demonstrated by mutool.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.14.0:*:*:*:*:*:*:*", matchCriteriaId: "48631AF2-1BED-4AD8-A18F-81D7B8921B0B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack consumption in svg_run_use_symbol, svg_run_element, and svg_run_use, as demonstrated by mutool.", }, { lang: "es", value: "svg-run.c en Artifex MuPDF 1.14.0 tiene una recursión infinita con consumo de pila en svg_run_use_symbol, svg_run_element y svg_run_use, tal y como queda demostrado con mutool.", }, ], id: "CVE-2019-6131", lastModified: "2024-11-21T04:46:00.087", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-01-11T05:29:01.717", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106558", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=700442", }, { source: "cve@mitre.org", url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=c8f7e48ff74720a5e984ae19d978a5ab4d5dde5b", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNJNEX5EW6YH5OARXXSSXW4HHC5PIBSY/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SEK2EHVNREJ7XZMFF2MXRWKIF4IBHPNE/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106558", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=700442", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNJNEX5EW6YH5OARXXSSXW4HHC5PIBSY/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SEK2EHVNREJ7XZMFF2MXRWKIF4IBHPNE/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-674", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2011-05-13 17:05
Modified
2024-11-21 01:23
Severity ?
Summary
Stack-based buffer overflow in the pdfmoz_onmouse function in apps/mozilla/moz_main.c in the MuPDF plug-in 2008.09.02 for Firefox allows remote attackers to execute arbitrary code via a crafted web site.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:2008.09.02:*:*:*:*:*:*:*", matchCriteriaId: "713CB0E7-529E-4753-9F56-00BEAA5E8D9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", matchCriteriaId: "14E6A30E-7577-4569-9309-53A0AF7FE3AC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Stack-based buffer overflow in the pdfmoz_onmouse function in apps/mozilla/moz_main.c in the MuPDF plug-in 2008.09.02 for Firefox allows remote attackers to execute arbitrary code via a crafted web site.", }, { lang: "es", value: "Desbordamiento de búfer basado en pila en la función pdfmoz_onmouse function en apps/mozilla/moz_main.c en el plugin MuPDF v2008.09.02 para Firefox permite a atacantes remotos ejecutar código de su elección a través de un sitio web manipulado.", }, ], id: "CVE-2011-0341", lastModified: "2024-11-21T01:23:46.347", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], }, published: "2011-05-13T17:05:41.673", references: [ { source: "PSIRT-CNA@flexerasoftware.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/43739", }, { source: "PSIRT-CNA@flexerasoftware.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/secunia_research/2011-38/", }, { source: "PSIRT-CNA@flexerasoftware.com", url: "http://www.osvdb.org/72177", }, { source: "PSIRT-CNA@flexerasoftware.com", url: "http://www.securityfocus.com/bid/47739", }, { source: "PSIRT-CNA@flexerasoftware.com", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2011/1191", }, { source: "PSIRT-CNA@flexerasoftware.com", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/67298", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/43739", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/secunia_research/2011-38/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.osvdb.org/72177", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/47739", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2011/1191", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugs.ghostscript.com/show_bug.cgi?id=708029", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=d2de9cee6036b997e536a0c0384b88b38e523e56", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/67298", }, ], sourceIdentifier: "PSIRT-CNA@flexerasoftware.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-09-22 06:29
Modified
2024-11-21 03:13
Severity ?
Summary
Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016cb4f" on Windows. This occurs because of mishandling of XML tag name comparisons.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.11:*:*:*:*:*:*:*", matchCriteriaId: "13F18A1A-67A7-471B-AD7A-29F65DF4F2BD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", matchCriteriaId: "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to \"Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016cb4f\" on Windows. This occurs because of mishandling of XML tag name comparisons.", }, { lang: "es", value: "La versión 1.11 de Artifex MuPDF permite que los atacantes provoquen una denegación de servicio o, posiblemente, otro impacto sin especificar mediante un archivo .xps manipulado. Esta vulnerabilidad está relacionada con \"Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016cb4f\" en Windows. Esto se debe a la gestión incorrecta de las comparaciones de nombres de etiquetas XML.", }, ], id: "CVE-2017-14687", lastModified: "2024-11-21T03:13:19.370", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-09-22T06:29:00.317", references: [ { source: "cve@mitre.org", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=2b16dbd8f73269cb15ca61ece75cf8d2d196ed28", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2017/dsa-4006", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698558", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14687", }, { source: "cve@mitre.org", url: "https://lists.debian.org/debian-lts-announce/2017/11/msg00007.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=2b16dbd8f73269cb15ca61ece75cf8d2d196ed28", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2017/dsa-4006", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698558", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14687", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2017/11/msg00007.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-08-14 13:15
Modified
2024-11-21 04:27
Severity ?
Summary
Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fz_chartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:*:*:*:*:*:*:*:*", matchCriteriaId: "A5B0275D-F5A6-4221-945C-01B41A17DB9F", versionEndExcluding: "1.16.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fz_chartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string.", }, { lang: "es", value: "Artifex MuPDF versiones anteriores a 1.16.0, tiene una lectura excesiva de búfer en la región heap de la memoria en la función fz_chartorune en el archivo fitz/string.c porque el archivo pdf/pdf-op-filter.c no comprueba si falta una cadena.", }, ], id: "CVE-2019-14975", lastModified: "2024-11-21T04:27:48.360", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-08-14T13:15:11.127", references: [ { source: "cve@mitre.org", url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commit%3Bh=97096297d409ec6f206298444ba00719607e8ba8", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=701292", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commit%3Bh=97096297d409ec6f206298444ba00719607e8ba8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=701292", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-02-09 23:29
Modified
2024-11-21 03:39
Severity ?
Summary
Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability in fz_keep_key_storable that can result in DOS / Possible code execution. This attack appear to be exploitable via Victim opens a specially crafted PDF.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://bugs.ghostscript.com/show_bug.cgi?id=698825 | Issue Tracking, Patch | |
| cve@mitre.org | https://bugs.ghostscript.com/show_bug.cgi?id=698873 | Exploit, Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=321ba1de287016b0036bf4a56ce774ad11763384 | ||
| cve@mitre.org | https://security.gentoo.org/glsa/201811-15 | Third Party Advisory | |
| cve@mitre.org | https://www.debian.org/security/2018/dsa-4152 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.ghostscript.com/show_bug.cgi?id=698825 | Issue Tracking, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.ghostscript.com/show_bug.cgi?id=698873 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201811-15 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2018/dsa-4152 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| artifex | mupdf | 1.12.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.12.0:*:*:*:*:*:*:*", matchCriteriaId: "F503888C-29F3-4111-9549-9CD541EAC242", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability in fz_keep_key_storable that can result in DOS / Possible code execution. This attack appear to be exploitable via Victim opens a specially crafted PDF.", }, { lang: "es", value: "Artifex Mupdf 1.12.0 contiene una vulnerabilidad de uso de memoria previamente liberada en fz_keep_key_storable que puede resultar en DoS o en la posible ejecución de código. Este ataque parece ser explotable mediante una víctima que abra un archivo PDF especialmente manipulado.", }, ], id: "CVE-2018-1000051", lastModified: "2024-11-21T03:39:31.850", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-02-09T23:29:01.777", references: [ { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698825", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698873", }, { source: "cve@mitre.org", url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=321ba1de287016b0036bf4a56ce774ad11763384", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201811-15", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4152", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698825", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698873", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201811-15", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4152", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-01-24 21:29
Modified
2024-11-21 04:10
Severity ?
Summary
In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation violation and application crash) via a crafted pdf file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| artifex | mupdf | 1.12.0 | |
| debian | debian_linux | 9.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.12.0:*:*:*:*:*:*:*", matchCriteriaId: "F503888C-29F3-4111-9549-9CD541EAC242", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation violation and application crash) via a crafted pdf file.", }, { lang: "es", value: "La función pdf_read_new_xref en Artifex MuPDF 1.12.0 permite que atacantes remotos provoquen una denegación de servicio (violación de segmentación y cierre inesperado de la aplicación) mediante un archivo pdf manipulado.", }, ], id: "CVE-2018-6192", lastModified: "2024-11-21T04:10:15.823", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-01-24T21:29:00.467", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/102822", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698916", }, { source: "cve@mitre.org", url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=5e411a99604ff6be5db9e273ee84737204113299", }, { source: "cve@mitre.org", url: "https://lists.debian.org/debian-lts-announce/2019/06/msg00027.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201811-15", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4334", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/102822", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698916", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2019/06/msg00027.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201811-15", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4334", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-12-26 15:15
Modified
2024-11-21 08:37
Severity ?
Summary
A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in function pnm_binary_read_image() of load-pnm.c when fz_colorspace_n returns zero.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md | Exploit, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.23.4:*:*:*:*:*:*:*", matchCriteriaId: "84C208C6-A3D9-4A82-83B9-FCBECD89AD23", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in function pnm_binary_read_image() of load-pnm.c when fz_colorspace_n returns zero.", }, { lang: "es", value: "Se descubrió una vulnerabilidad de excepción de punto flotante (división por cero) en mupdf 1.23.4 en la función pnm_binary_read_image() de load-pnm.c.", }, ], id: "CVE-2023-51106", lastModified: "2024-11-21T08:37:51.573", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-12-26T15:15:08.760", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-369", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-02-05 18:15
Modified
2024-11-21 08:59
Severity ?
Summary
freeglut 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddSubMenu function.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.23.9:*:*:*:*:*:*:*", matchCriteriaId: "3F04E282-A975-4785-B8F2-A65652CF6853", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "freeglut 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddSubMenu function.", }, { lang: "es", value: "Se descubrió que mupdf v1.23.9 contenía una pérdida de memoria a través de la variable menuEntry en la función glutAddSubMenu.", }, ], id: "CVE-2024-24258", lastModified: "2024-11-21T08:59:04.247", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-02-05T18:15:52.083", references: [ { source: "cve@mitre.org", url: "https://github.com/freeglut/freeglut/pull/155", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/yinluming13579/mupdf_defects/blob/main/mupdf_detect_1.md", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IBAWX3HMMZVAWJZ3U6VOAYYOYJCN3IS/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T43DAHPIWMGN54E4I6ABLHNYHZSTX7H5/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/freeglut/freeglut/pull/155", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/yinluming13579/mupdf_defects/blob/main/mupdf_detect_1.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IBAWX3HMMZVAWJZ3U6VOAYYOYJCN3IS/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T43DAHPIWMGN54E4I6ABLHNYHZSTX7H5/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-401", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-01-14 02:29
Modified
2024-11-21 04:09
Severity ?
Summary
In MuPDF 1.12.0, there is an infinite loop vulnerability and application hang in the pdf_parse_array function (pdf/pdf-parse.c) because EOF is not considered. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://bugs.ghostscript.com/show_bug.cgi?id=698860 | Exploit, Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=b70eb93f6936c03d8af52040bbca4d4a7db39079 | ||
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2019/06/msg00027.html | Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201811-15 | Third Party Advisory | |
| cve@mitre.org | https://www.debian.org/security/2018/dsa-4334 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.ghostscript.com/show_bug.cgi?id=698860 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2019/06/msg00027.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201811-15 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2018/dsa-4334 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| artifex | mupdf | 1.12.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.12.0:-:*:*:*:*:*:*", matchCriteriaId: "14645985-49DA-4800-9A78-722C62B07854", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In MuPDF 1.12.0, there is an infinite loop vulnerability and application hang in the pdf_parse_array function (pdf/pdf-parse.c) because EOF is not considered. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file.", }, { lang: "es", value: "En MuPDF 1.12.0, hay una vulnerabilidad de bucle infinito y bloqueo de aplicación en la función pdf_parse_array (pdf/pdf-parse.c) debido a que no se considera EOF. Los atacantes remotos pueden aprovechar esta vulnerabilidad para provocar una denegación de servicio (DoS) mediante un archivo pdf manipulado.", }, ], id: "CVE-2018-5686", lastModified: "2024-11-21T04:09:10.020", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-01-14T02:29:05.213", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698860", }, { source: "cve@mitre.org", url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=b70eb93f6936c03d8af52040bbca4d4a7db39079", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/06/msg00027.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201811-15", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4334", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698860", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/06/msg00027.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201811-15", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4334", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-835", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-12-06 00:29
Modified
2024-11-21 03:58
Severity ?
Summary
In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote attackers to cause a denial of service (recursive calls followed by a fitz/xml.c fz_xml_att crash from excessive stack consumption) via a crafted svg file, as demonstrated by mupdf-gl.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.14.0:*:*:*:*:*:*:*", matchCriteriaId: "48631AF2-1BED-4AD8-A18F-81D7B8921B0B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote attackers to cause a denial of service (recursive calls followed by a fitz/xml.c fz_xml_att crash from excessive stack consumption) via a crafted svg file, as demonstrated by mupdf-gl.", }, { lang: "es", value: "En Artifex MuPDF 1.14.0, svg/svg-run.c permite que atacantes remotos provoquen una denegación de servicio (llamadas recursivas seguidas por un cierre inesperado de fz_xml_att en fitz/xml.c debido al consumo excesivo de pila) mediante un archivo svg manipulado, tal y como queda demostrado por mupdf-gl.", }, ], id: "CVE-2018-19881", lastModified: "2024-11-21T03:58:44.637", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-12-06T00:29:00.237", references: [ { source: "cve@mitre.org", url: "https://bugs.ghostscript.com/show_bug.cgi?id=700442", }, { source: "cve@mitre.org", url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=c8f7e48ff74720a5e984ae19d978a5ab4d5dde5b", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/TeamSeri0us/pocs/tree/master/mupdf/20181203", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNJNEX5EW6YH5OARXXSSXW4HHC5PIBSY/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SEK2EHVNREJ7XZMFF2MXRWKIF4IBHPNE/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugs.ghostscript.com/show_bug.cgi?id=700342", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/TeamSeri0us/pocs/tree/master/mupdf/20181203", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNJNEX5EW6YH5OARXXSSXW4HHC5PIBSY/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SEK2EHVNREJ7XZMFF2MXRWKIF4IBHPNE/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-400", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-08-22 19:16
Modified
2024-11-21 05:12
Severity ?
Summary
A Use After Free vulnerability in svg_dev_text_span_as_paths_defs function in source/fitz/svg-device.c in Artifex Software MuPDF 1.16.0 allows remote attackers to cause a denial of service via opening of a crafted PDF file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.ghostscript.com/cgi-bin/findgit.cgi?8719e07834d6a72b6b4131539e49ed1e8e2ff79e | ||
| cve@mitre.org | https://bugs.ghostscript.com/show_bug.cgi?id=701294 | Exploit, Issue Tracking, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.ghostscript.com/show_bug.cgi?id=701294 | Exploit, Issue Tracking, Patch, Vendor Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.16.0:-:*:*:*:*:*:*", matchCriteriaId: "BA9B18AE-B971-43B8-938A-A73F759FCD02", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A Use After Free vulnerability in svg_dev_text_span_as_paths_defs function in source/fitz/svg-device.c in Artifex Software MuPDF 1.16.0 allows remote attackers to cause a denial of service via opening of a crafted PDF file.", }, ], id: "CVE-2020-21896", lastModified: "2024-11-21T05:12:56.607", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-08-22T19:16:18.793", references: [ { source: "cve@mitre.org", url: "http://www.ghostscript.com/cgi-bin/findgit.cgi?8719e07834d6a72b6b4131539e49ed1e8e2ff79e", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=701294", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=701294", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-10-16 01:29
Modified
2024-11-21 03:14
Severity ?
Summary
The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF before 2017-09-25 mishandles a certain case where a variable may reside in a register, which allows remote attackers to cause a denial of service (Fitz fz_drop_imp use-after-free and application crash) or possibly have unspecified other impact via a crafted PDF document.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:*:*:*:*:*:*:*:*", matchCriteriaId: "E4AEC7EC-1559-463B-9A1A-0807F3C78C38", versionEndIncluding: "1.11", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF before 2017-09-25 mishandles a certain case where a variable may reside in a register, which allows remote attackers to cause a denial of service (Fitz fz_drop_imp use-after-free and application crash) or possibly have unspecified other impact via a crafted PDF document.", }, { lang: "es", value: "La función build_filter_chain en pdf/pdf-stream.c en Artifex MuPDF, en versiones anteriores al 2017-09-25, gestiona de manera incorrecta un caso específico en el que una variable podría encontrarse en un registro, lo que permite que atacantes remotos provoquen una denegación de servicio (uso de memoria después de su liberación o use-after-free de Fitz fz_drop_imp y cierre inesperado de la aplicación) o, probablemente, provocar otro tipo de impacto mediante un documento PDF manipulado.", }, ], id: "CVE-2017-15369", lastModified: "2024-11-21T03:14:34.053", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-10-16T01:29:01.060", references: [ { source: "cve@mitre.org", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=c2663e51238ec8256da7fc61ad580db891d9fe9a", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698592", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=c2663e51238ec8256da7fc61ad580db891d9fe9a", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698592", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-03-16 14:59
Modified
2024-11-21 02:43
Severity ?
Summary
Buffer overflow in the my_getline function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| artifex | mupdf | * | |
| debian | debian_linux | 9.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:*:rc2:*:*:*:*:*:*", matchCriteriaId: "78864BA0-664E-4B5A-8384-B26671EE3FB4", versionEndIncluding: "1.10", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Buffer overflow in the my_getline function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.", }, { lang: "es", value: "Desbordamiento de búfer en la función my_getline en jstest_main.c en Mujstest en Artifex Software, Inc. MuPDF en versiones anteriores a 1.10 permite a atacantes provocar una denegación de servicio (escritura fuera de límites) a través de un archivo manipulado.", }, ], id: "CVE-2016-10247", lastModified: "2024-11-21T02:43:38.970", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-03-16T14:59:00.207", references: [ { source: "cve@mitre.org", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=446097f97b71ce20fa8d1e45e070f2e62676003e", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2017/03/13/20", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/97099", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", "VDB Entry", ], url: "https://blogs.gentoo.org/ago/2016/09/24/mupdf-mujstest-global-buffer-overflow-in-my_getline-jstest_main-c/", }, { source: "cve@mitre.org", url: "https://bugs.ghostscript.com/show_bug.cgi?id=697021", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=446097f97b71ce20fa8d1e45e070f2e62676003e", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2017/03/13/20", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/97099", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", "VDB Entry", ], url: "https://blogs.gentoo.org/ago/2016/09/24/mupdf-mujstest-global-buffer-overflow-in-my_getline-jstest_main-c/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-01-22 15:29
Modified
2024-11-21 03:18
Severity ?
Summary
Heap-based buffer overflow in the ensure_solid_xref function in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 allows a remote attacker to potentially execute arbitrary code via a crafted PDF file, because xref subsection object numbers are unrestricted.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.12.0:*:*:*:*:*:*:*", matchCriteriaId: "F503888C-29F3-4111-9549-9CD541EAC242", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Heap-based buffer overflow in the ensure_solid_xref function in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 allows a remote attacker to potentially execute arbitrary code via a crafted PDF file, because xref subsection object numbers are unrestricted.", }, { lang: "es", value: "Desbordamiento de búfer basado en memoria dinámica (heap) en la función ensure_solid_xref en pdf/pdf-xref.c en Artifex MuPDF 1.12.0 permite que un atacante remoto pueda ejecutar código arbitrario mediante un archivo PDF manipulado. Esto se debe a que los números de objeto de subsección xref no están restringidos.", }, ], id: "CVE-2017-17858", lastModified: "2024-11-21T03:18:50.003", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-01-22T15:29:00.210", references: [ { source: "cve@mitre.org", url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commit%3Bh=55c3f68d638ac1263a386e0aaa004bb6e8bde731", }, { source: "cve@mitre.org", tags: [ "Permissions Required", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698819", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://github.com/mzet-/Security-Advisories/blob/master/mzet-adv-2017-01.md", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201811-15", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commit%3Bh=55c3f68d638ac1263a386e0aaa004bb6e8bde731", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698819", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://github.com/mzet-/Security-Advisories/blob/master/mzet-adv-2017-01.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201811-15", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-11-30 10:29
Modified
2024-11-21 03:58
Severity ?
Summary
In Artifex MuPDF 1.14.0, there is an infinite loop in the function svg_dev_end_tile in fitz/svg-device.c, as demonstrated by mutool.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| artifex | mupdf | 1.14.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.14.0:*:*:*:*:*:*:*", matchCriteriaId: "48631AF2-1BED-4AD8-A18F-81D7B8921B0B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Artifex MuPDF 1.14.0, there is an infinite loop in the function svg_dev_end_tile in fitz/svg-device.c, as demonstrated by mutool.", }, { lang: "es", value: "En Artifex MuPDF 1.14.0, hay un bucle infinito en la función svg_dev_end_tile en fitz/svg-device.c, tal y como queda demostrado con mutool.", }, ], id: "CVE-2018-19777", lastModified: "2024-11-21T03:58:32.377", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-11-30T10:29:00.210", references: [ { source: "cve@mitre.org", url: "http://www.ghostscript.com/cgi-bin/findgit.cgi?754ac68f119e0c25cd33c5d652d8aabd533a9fb3", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=700301", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUXKCY35PKC32IFHN4RBUCZ75OWEYVJH/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=700301", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUXKCY35PKC32IFHN4RBUCZ75OWEYVJH/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-835", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-10-26 14:29
Modified
2024-11-21 03:56
Severity ?
Summary
There is an out-of-bounds read in fz_run_t3_glyph in fitz/font.c in Artifex MuPDF 1.14.0, as demonstrated by mutool.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/105755 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://bugs.ghostscript.com/show_bug.cgi?id=700043 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=164ddc22ee0d5b63a81d5148f44c37dd132a9356 | ||
| cve@mitre.org | https://github.com/TeamSeri0us/pocs/tree/master/mupdf | Exploit, Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2020/07/msg00019.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105755 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.ghostscript.com/show_bug.cgi?id=700043 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/TeamSeri0us/pocs/tree/master/mupdf | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2020/07/msg00019.html |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.14.0:*:*:*:*:*:*:*", matchCriteriaId: "48631AF2-1BED-4AD8-A18F-81D7B8921B0B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "There is an out-of-bounds read in fz_run_t3_glyph in fitz/font.c in Artifex MuPDF 1.14.0, as demonstrated by mutool.", }, { lang: "es", value: "Hay una lectura fuera de límites en fz_run_t3_glyph en fitz/font.c en Artifex MuPDF 1.14.0, tal y como queda demostrado con mutool.", }, ], id: "CVE-2018-18662", lastModified: "2024-11-21T03:56:20.230", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-10-26T14:29:02.817", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/105755", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=700043", }, { source: "cve@mitre.org", url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=164ddc22ee0d5b63a81d5148f44c37dd132a9356", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/TeamSeri0us/pocs/tree/master/mupdf", }, { source: "cve@mitre.org", url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/105755", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=700043", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/TeamSeri0us/pocs/tree/master/mupdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00019.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-08-22 19:16
Modified
2024-11-21 05:20
Severity ?
Summary
A memory leak issue discovered in /pdf/pdf-font-add.c in Artifex Software MuPDF 1.17.0 allows attackers to obtain sensitive information.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://bugs.ghostscript.com/show_bug.cgi?id=702566 | Exploit, Issue Tracking, Patch | |
| cve@mitre.org | https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=05720b4ee3dbae57e65546dc2eecc3021c08eeea | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.ghostscript.com/show_bug.cgi?id=702566 | Exploit, Issue Tracking, Patch |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.17.0:-:*:*:*:*:*:*", matchCriteriaId: "10D59FD7-8E87-448D-9CDF-52C50C23B53A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A memory leak issue discovered in /pdf/pdf-font-add.c in Artifex Software MuPDF 1.17.0 allows attackers to obtain sensitive information.", }, { lang: "es", value: "Un problema de pérdida de memoria descubierto en /pdf/pdf-font-add.c en MuPDF 1.17.0 de Artifex Software permite a los atacantes obtener información confidencial.\n", }, ], id: "CVE-2020-26683", lastModified: "2024-11-21T05:20:15.047", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-08-22T19:16:19.997", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Patch", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=702566", }, { source: "cve@mitre.org", url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=05720b4ee3dbae57e65546dc2eecc3021c08eeea", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=702566", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-401", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-03-15 14:59
Modified
2024-11-21 03:29
Severity ?
Summary
Stack-based buffer overflow in jstest_main.c in mujstest in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to have unspecified impact via a crafted image.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| artifex | mupdf | 1.10a | |
| debian | debian_linux | 9.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:artifex:mupdf:1.10a:*:*:*:*:*:*:*", matchCriteriaId: "C03FAE98-D477-4974-B585-4D1D8DE409B6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Stack-based buffer overflow in jstest_main.c in mujstest in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to have unspecified impact via a crafted image.", }, { lang: "es", value: "Desbordamiento de búfer basado en pila en jstest_main.c en mujstest en Artifex Software, Inc. MuPDF 1.10a permite a atacantes remotos tener impacto no especificado a través de una imagen manipulada.", }, ], id: "CVE-2017-6060", lastModified: "2024-11-21T03:29:00.800", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-03-15T14:59:00.697", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2017/02/18/1", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.securityfocus.com/bid/96266", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", "VDB Entry", ], url: "https://blogs.gentoo.org/ago/2017/02/17/mupdf-mujstest-stack-based-buffer-overflow-in-main-jstest_main-c/", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=697551", }, { source: "cve@mitre.org", url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=06a012a42c9884e3cd653e7826cff1ddec04eb6e", }, { source: "cve@mitre.org", url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=e089b2e2c1d38c5696c7dfd741e21f8f3ef22b14", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201706-08", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2017/02/18/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.securityfocus.com/bid/96266", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", "VDB Entry", ], url: "https://blogs.gentoo.org/ago/2017/02/17/mupdf-mujstest-stack-based-buffer-overflow-in-main-jstest_main-c/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=697551", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201706-08", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2012-5340
Vulnerability from cvelistv5
Published
2020-01-23 21:33
Modified
2024-09-13 16:02
Severity ?
EPSS score ?
Summary
SumatraPDF 2.1.1/MuPDF 1.0 allows remote attackers to cause an Integer Overflow in the lex_number() function via a corrupt PDF file.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T21:05:47.259Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "23246", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "http://www.exploit-db.com/exploits/23246", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2012-5340", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-09-13T16:02:31.781858Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-13T16:02:54.702Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2012-12-09T00:00:00", descriptions: [ { lang: "en", value: "SumatraPDF 2.1.1/MuPDF 1.0 allows remote attackers to cause an Integer Overflow in the lex_number() function via a corrupt PDF file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-12T18:00:52.840474", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "23246", tags: [ "exploit", ], url: "http://www.exploit-db.com/exploits/23246", }, { url: "https://bugs.ghostscript.com/show_bug.cgi?id=693371", }, { url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=f919270b6a732ff45c3ba2d0c105e2b39e9c9bc9", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2012-5340", datePublished: "2020-01-23T21:33:52", dateReserved: "2012-10-08T00:00:00", dateUpdated: "2024-09-13T16:02:54.702Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-10221
Vulnerability from cvelistv5
Published
2017-04-03 05:44
Modified
2024-09-16 15:25
Severity ?
EPSS score ?
Summary
The count_entries function in pdf-layer.c in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted PDF document.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T03:14:42.889Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=697400", }, { name: "GLSA-201706-08", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201706-08", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, }, { other: { content: { id: "CVE-2016-10221", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-16T15:25:50.941823Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-16T15:25:55.779Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-04-03T00:00:00", descriptions: [ { lang: "en", value: "The count_entries function in pdf-layer.c in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted PDF document.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-12T16:50:40.735767", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://bugs.ghostscript.com/show_bug.cgi?id=697400", }, { name: "GLSA-201706-08", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/201706-08", }, { url: "http://www.ghostscript.com/cgi-bin/findgit.cgi?2590fed7a355a421f062ebd4293df892800fa7ac", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-10221", datePublished: "2017-04-03T05:44:00", dateReserved: "2017-02-09T00:00:00", dateUpdated: "2024-09-16T15:25:55.779Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-7321
Vulnerability from cvelistv5
Published
2019-06-13 17:20
Modified
2024-09-11 15:43
Severity ?
EPSS score ?
Summary
Usage of an uninitialized variable in the function fz_load_jpeg in Artifex MuPDF 1.14 can result in a heap overflow vulnerability that allows an attacker to execute arbitrary code.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:46:46.121Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=700560", }, { tags: [ "x_transferred", ], url: "https://github.com/ereisr00/bagofbugz/tree/master/MuPDF/700560", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Usage of an uninitialized variable in the function fz_load_jpeg in Artifex MuPDF 1.14 can result in a heap overflow vulnerability that allows an attacker to execute arbitrary code.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-11T15:43:54.548374", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://bugs.ghostscript.com/show_bug.cgi?id=700560", }, { url: "https://github.com/ereisr00/bagofbugz/tree/master/MuPDF/700560", }, { url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=2be83b57e77938fddbb06bdffb11979ad89a9c7d", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-7321", datePublished: "2019-06-13T17:20:13", dateReserved: "2019-02-04T00:00:00", dateUpdated: "2024-09-11T15:43:54.548374", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-19609
Vulnerability from cvelistv5
Published
2021-07-21 14:10
Modified
2024-08-04 14:15
Severity ?
EPSS score ?
Summary
Artifex MuPDF before 1.18.0 has a heap based buffer over-write in tiff_expand_colormap() function when parsing TIFF files allowing attackers to cause a denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.ghostscript.com/show_bug.cgi?id=701176 | x_refsource_MISC | |
| http://git.ghostscript.com/?p=mupdf.git%3Bh=b7892cdc7fae62aa57d63ae62144e1f11b5f9275 | x_refsource_MISC | |
| https://bugs.ghostscript.com/show_bug.cgi?id=703076 | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html | mailing-list, x_refsource_MLIST |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T14:15:27.470Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=701176", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=b7892cdc7fae62aa57d63ae62144e1f11b5f9275", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=703076", }, { name: "[debian-lts-announce] 20210923 [SECURITY] [DLA 2765-1] mupdf security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Artifex MuPDF before 1.18.0 has a heap based buffer over-write in tiff_expand_colormap() function when parsing TIFF files allowing attackers to cause a denial of service.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-09-23T23:06:17", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=701176", }, { tags: [ "x_refsource_MISC", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=b7892cdc7fae62aa57d63ae62144e1f11b5f9275", }, { tags: [ "x_refsource_MISC", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=703076", }, { name: "[debian-lts-announce] 20210923 [SECURITY] [DLA 2765-1] mupdf security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-19609", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Artifex MuPDF before 1.18.0 has a heap based buffer over-write in tiff_expand_colormap() function when parsing TIFF files allowing attackers to cause a denial of service.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://bugs.ghostscript.com/show_bug.cgi?id=701176", refsource: "MISC", url: "https://bugs.ghostscript.com/show_bug.cgi?id=701176", }, { name: "http://git.ghostscript.com/?p=mupdf.git;h=b7892cdc7fae62aa57d63ae62144e1f11b5f9275", refsource: "MISC", url: "http://git.ghostscript.com/?p=mupdf.git;h=b7892cdc7fae62aa57d63ae62144e1f11b5f9275", }, { name: "https://bugs.ghostscript.com/show_bug.cgi?id=703076", refsource: "MISC", url: "https://bugs.ghostscript.com/show_bug.cgi?id=703076", }, { name: "[debian-lts-announce] 20210923 [SECURITY] [DLA 2765-1] mupdf security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-19609", datePublished: "2021-07-21T14:10:23", dateReserved: "2020-08-13T00:00:00", dateUpdated: "2024-08-04T14:15:27.470Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-5686
Vulnerability from cvelistv5
Published
2018-01-14 02:00
Modified
2024-09-12 16:34
Severity ?
EPSS score ?
Summary
In MuPDF 1.12.0, there is an infinite loop vulnerability and application hang in the pdf_parse_array function (pdf/pdf-parse.c) because EOF is not considered. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T05:40:51.167Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698860", }, { name: "GLSA-201811-15", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201811-15", }, { name: "DSA-4334", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2018/dsa-4334", }, { name: "[debian-lts-announce] 20190628 [SECURITY] [DLA 1838-1] mupdf security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/06/msg00027.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-01-13T00:00:00", descriptions: [ { lang: "en", value: "In MuPDF 1.12.0, there is an infinite loop vulnerability and application hang in the pdf_parse_array function (pdf/pdf-parse.c) because EOF is not considered. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-12T16:34:07.947184", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://bugs.ghostscript.com/show_bug.cgi?id=698860", }, { name: "GLSA-201811-15", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/201811-15", }, { name: "DSA-4334", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2018/dsa-4334", }, { name: "[debian-lts-announce] 20190628 [SECURITY] [DLA 1838-1] mupdf security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2019/06/msg00027.html", }, { url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=b70eb93f6936c03d8af52040bbca4d4a7db39079", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-5686", datePublished: "2018-01-14T02:00:00", dateReserved: "2018-01-13T00:00:00", dateUpdated: "2024-09-12T16:34:07.947184", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-26519
Vulnerability from cvelistv5
Published
2020-10-02 05:34
Modified
2024-08-04 15:56
Severity ?
EPSS score ?
Summary
Artifex MuPDF before 1.18.0 has a heap based buffer over-write when parsing JBIG2 files allowing attackers to cause a denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.ghostscript.com/show_bug.cgi?id=702937 | x_refsource_MISC | |
| http://git.ghostscript.com/?p=mupdf.git%3Ba=commit%3Bh=af1e390a2c7abceb32676ec684cd1dbb92907ce8 | x_refsource_MISC | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SOF4PX2A5TGKKPMXINADSOJJ4H5UUMKK/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WJMBKWVY7ZBIQV3EU5YHEFH5XWV4PABG/ | vendor-advisory, x_refsource_FEDORA | |
| https://www.debian.org/security/2020/dsa-4794 | vendor-advisory, x_refsource_DEBIAN | |
| https://lists.debian.org/debian-lts-announce/2021/03/msg00012.html | mailing-list, x_refsource_MLIST | |
| https://security.gentoo.org/glsa/202105-30 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T15:56:04.698Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=702937", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commit%3Bh=af1e390a2c7abceb32676ec684cd1dbb92907ce8", }, { name: "FEDORA-2020-972ad7c8a8", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SOF4PX2A5TGKKPMXINADSOJJ4H5UUMKK/", }, { name: "FEDORA-2020-3cea1ac8f3", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WJMBKWVY7ZBIQV3EU5YHEFH5XWV4PABG/", }, { name: "DSA-4794", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4794", }, { name: "[debian-lts-announce] 20210311 [SECURITY] [DLA 2589-1] mupdf security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00012.html", }, { name: "GLSA-202105-30", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202105-30", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Artifex MuPDF before 1.18.0 has a heap based buffer over-write when parsing JBIG2 files allowing attackers to cause a denial of service.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-05-26T11:06:08", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=702937", }, { tags: [ "x_refsource_MISC", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commit%3Bh=af1e390a2c7abceb32676ec684cd1dbb92907ce8", }, { name: "FEDORA-2020-972ad7c8a8", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SOF4PX2A5TGKKPMXINADSOJJ4H5UUMKK/", }, { name: "FEDORA-2020-3cea1ac8f3", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WJMBKWVY7ZBIQV3EU5YHEFH5XWV4PABG/", }, { name: "DSA-4794", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4794", }, { name: "[debian-lts-announce] 20210311 [SECURITY] [DLA 2589-1] mupdf security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00012.html", }, { name: "GLSA-202105-30", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202105-30", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-26519", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Artifex MuPDF before 1.18.0 has a heap based buffer over-write when parsing JBIG2 files allowing attackers to cause a denial of service.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://bugs.ghostscript.com/show_bug.cgi?id=702937", refsource: "MISC", url: "https://bugs.ghostscript.com/show_bug.cgi?id=702937", }, { name: "http://git.ghostscript.com/?p=mupdf.git;a=commit;h=af1e390a2c7abceb32676ec684cd1dbb92907ce8", refsource: "MISC", url: "http://git.ghostscript.com/?p=mupdf.git;a=commit;h=af1e390a2c7abceb32676ec684cd1dbb92907ce8", }, { name: "FEDORA-2020-972ad7c8a8", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SOF4PX2A5TGKKPMXINADSOJJ4H5UUMKK/", }, { name: "FEDORA-2020-3cea1ac8f3", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WJMBKWVY7ZBIQV3EU5YHEFH5XWV4PABG/", }, { name: "DSA-4794", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4794", }, { name: "[debian-lts-announce] 20210311 [SECURITY] [DLA 2589-1] mupdf security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00012.html", }, { name: "GLSA-202105-30", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202105-30", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-26519", datePublished: "2020-10-02T05:34:12", dateReserved: "2020-10-02T00:00:00", dateUpdated: "2024-08-04T15:56:04.698Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-15587
Vulnerability from cvelistv5
Published
2017-10-18 08:00
Modified
2024-09-11 16:20
Severity ?
EPSS score ?
Summary
An integer overflow was discovered in pdf_read_new_xref_section in pdf/pdf-xref.c in Artifex MuPDF 1.11.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:57:27.010Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "GLSA-201811-15", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201811-15", }, { name: "DSA-4006", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2017/dsa-4006", }, { name: "[debian-lts-announce] 20171107 [SECURITY] [DLA 1164-1] mupdf security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2017/11/msg00007.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=82df2631d7d0446b206ea6b434ea609b6c28b0e8", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-10-18T00:00:00", descriptions: [ { lang: "en", value: "An integer overflow was discovered in pdf_read_new_xref_section in pdf/pdf-xref.c in Artifex MuPDF 1.11.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-11T16:20:30.905876", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "GLSA-201811-15", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/201811-15", }, { name: "DSA-4006", tags: [ "vendor-advisory", ], url: "http://www.debian.org/security/2017/dsa-4006", }, { name: "[debian-lts-announce] 20171107 [SECURITY] [DLA 1164-1] mupdf security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2017/11/msg00007.html", }, { url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=82df2631d7d0446b206ea6b434ea609b6c28b0e8", }, { url: "https://bugs.ghostscript.com/show_bug.cgi?id=698605", }, { url: "https://bugs.ghostscript.com/show_bug.cgi?id=698704", }, { url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=d18bc728e46c5a5708f14d27c2b6c44e1d0c3232", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-15587", datePublished: "2017-10-18T08:00:00", dateReserved: "2017-10-18T00:00:00", dateUpdated: "2024-09-11T16:20:30.905876", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-14975
Vulnerability from cvelistv5
Published
2019-08-14 12:46
Modified
2024-08-05 00:34
Severity ?
EPSS score ?
Summary
Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fz_chartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.ghostscript.com/show_bug.cgi?id=701292 | x_refsource_MISC | |
| http://git.ghostscript.com/?p=mupdf.git%3Ba=commit%3Bh=97096297d409ec6f206298444ba00719607e8ba8 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T00:34:52.695Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=701292", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commit%3Bh=97096297d409ec6f206298444ba00719607e8ba8", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fz_chartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-14T12:46:26", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=701292", }, { tags: [ "x_refsource_MISC", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commit%3Bh=97096297d409ec6f206298444ba00719607e8ba8", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-14975", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fz_chartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://bugs.ghostscript.com/show_bug.cgi?id=701292", refsource: "MISC", url: "https://bugs.ghostscript.com/show_bug.cgi?id=701292", }, { name: "http://git.ghostscript.com/?p=mupdf.git;a=commit;h=97096297d409ec6f206298444ba00719607e8ba8", refsource: "MISC", url: "http://git.ghostscript.com/?p=mupdf.git;a=commit;h=97096297d409ec6f206298444ba00719607e8ba8", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-14975", datePublished: "2019-08-14T12:46:26", dateReserved: "2019-08-12T00:00:00", dateUpdated: "2024-08-05T00:34:52.695Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-6525
Vulnerability from cvelistv5
Published
2016-09-22 15:00
Modified
2024-08-06 01:29
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in the pdf_load_mesh_params function in pdf/pdf-shade.c in MuPDF allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a large decode array.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.debian.org/security/2016/dsa-3655 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.openwall.com/lists/oss-security/2016/08/03/8 | mailing-list, x_refsource_MLIST | |
| http://bugs.ghostscript.com/show_bug.cgi?id=696954 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/92266 | vdb-entry, x_refsource_BID | |
| http://git.ghostscript.com/?p=mupdf.git%3Bh=39b0f07dd960f34e7e6bf230ffc3d87c41ef0f2e | x_refsource_CONFIRM | |
| https://security.gentoo.org/glsa/201702-12 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:29:20.214Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "DSA-3655", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3655", }, { name: "[oss-security] 20160803 Re: CVE request:Heap overflow vulns in MuPDF", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/08/03/8", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://bugs.ghostscript.com/show_bug.cgi?id=696954", }, { name: "92266", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/92266", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=39b0f07dd960f34e7e6bf230ffc3d87c41ef0f2e", }, { name: "GLSA-201702-12", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201702-12", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-08-02T00:00:00", descriptions: [ { lang: "en", value: "Heap-based buffer overflow in the pdf_load_mesh_params function in pdf/pdf-shade.c in MuPDF allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a large decode array.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-06-30T16:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "DSA-3655", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3655", }, { name: "[oss-security] 20160803 Re: CVE request:Heap overflow vulns in MuPDF", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/08/03/8", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://bugs.ghostscript.com/show_bug.cgi?id=696954", }, { name: "92266", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/92266", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=39b0f07dd960f34e7e6bf230ffc3d87c41ef0f2e", }, { name: "GLSA-201702-12", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201702-12", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-6525", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Heap-based buffer overflow in the pdf_load_mesh_params function in pdf/pdf-shade.c in MuPDF allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a large decode array.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "DSA-3655", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3655", }, { name: "[oss-security] 20160803 Re: CVE request:Heap overflow vulns in MuPDF", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2016/08/03/8", }, { name: "http://bugs.ghostscript.com/show_bug.cgi?id=696954", refsource: "CONFIRM", url: "http://bugs.ghostscript.com/show_bug.cgi?id=696954", }, { name: "92266", refsource: "BID", url: "http://www.securityfocus.com/bid/92266", }, { name: "http://git.ghostscript.com/?p=mupdf.git;h=39b0f07dd960f34e7e6bf230ffc3d87c41ef0f2e", refsource: "CONFIRM", url: "http://git.ghostscript.com/?p=mupdf.git;h=39b0f07dd960f34e7e6bf230ffc3d87c41ef0f2e", }, { name: "GLSA-201702-12", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201702-12", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-6525", datePublished: "2016-09-22T15:00:00", dateReserved: "2016-08-03T00:00:00", dateUpdated: "2024-08-06T01:29:20.214Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-17858
Vulnerability from cvelistv5
Published
2018-01-22 15:00
Modified
2024-08-05 21:06
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in the ensure_solid_xref function in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 allows a remote attacker to potentially execute arbitrary code via a crafted PDF file, because xref subsection object numbers are unrestricted.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.gentoo.org/glsa/201811-15 | vendor-advisory, x_refsource_GENTOO | |
| https://bugs.ghostscript.com/show_bug.cgi?id=698819 | x_refsource_MISC | |
| https://github.com/mzet-/Security-Advisories/blob/master/mzet-adv-2017-01.md | x_refsource_MISC | |
| http://git.ghostscript.com/?p=mupdf.git%3Ba=commit%3Bh=55c3f68d638ac1263a386e0aaa004bb6e8bde731 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T21:06:49.322Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "GLSA-201811-15", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201811-15", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698819", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/mzet-/Security-Advisories/blob/master/mzet-adv-2017-01.md", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commit%3Bh=55c3f68d638ac1263a386e0aaa004bb6e8bde731", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-01-22T00:00:00", descriptions: [ { lang: "en", value: "Heap-based buffer overflow in the ensure_solid_xref function in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 allows a remote attacker to potentially execute arbitrary code via a crafted PDF file, because xref subsection object numbers are unrestricted.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-11-27T10:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "GLSA-201811-15", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201811-15", }, { tags: [ "x_refsource_MISC", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698819", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/mzet-/Security-Advisories/blob/master/mzet-adv-2017-01.md", }, { tags: [ "x_refsource_MISC", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commit%3Bh=55c3f68d638ac1263a386e0aaa004bb6e8bde731", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-17858", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Heap-based buffer overflow in the ensure_solid_xref function in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 allows a remote attacker to potentially execute arbitrary code via a crafted PDF file, because xref subsection object numbers are unrestricted.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "GLSA-201811-15", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201811-15", }, { name: "https://bugs.ghostscript.com/show_bug.cgi?id=698819", refsource: "MISC", url: "https://bugs.ghostscript.com/show_bug.cgi?id=698819", }, { name: "https://github.com/mzet-/Security-Advisories/blob/master/mzet-adv-2017-01.md", refsource: "MISC", url: "https://github.com/mzet-/Security-Advisories/blob/master/mzet-adv-2017-01.md", }, { name: "http://git.ghostscript.com/?p=mupdf.git;a=commit;h=55c3f68d638ac1263a386e0aaa004bb6e8bde731", refsource: "MISC", url: "http://git.ghostscript.com/?p=mupdf.git;a=commit;h=55c3f68d638ac1263a386e0aaa004bb6e8bde731", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-17858", datePublished: "2018-01-22T15:00:00", dateReserved: "2017-12-22T00:00:00", dateUpdated: "2024-08-05T21:06:49.322Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-51105
Vulnerability from cvelistv5
Published
2023-12-26 00:00
Modified
2024-08-02 22:32
Severity ?
EPSS score ?
Summary
A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in function bmp_decompress_rle4() of load-bmp.c.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T22:32:09.130Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md", }, { tags: [ "x_transferred", ], url: "http://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=cee86dc519d5270a3b96476ad15809ceace64a26", }, { tags: [ "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=707622", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in function bmp_decompress_rle4() of load-bmp.c.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-11T17:44:20.899636", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md", }, { url: "http://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=cee86dc519d5270a3b96476ad15809ceace64a26", }, { url: "https://bugs.ghostscript.com/show_bug.cgi?id=707622", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-51105", datePublished: "2023-12-26T00:00:00", dateReserved: "2023-12-18T00:00:00", dateUpdated: "2024-08-02T22:32:09.130Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-24259
Vulnerability from cvelistv5
Published
2024-02-05 00:00
Modified
2024-08-01 23:19
Severity ?
EPSS score ?
Summary
freeglut through 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddMenuEntry function.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-01T23:19:52.064Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/yinluming13579/mupdf_defects/blob/main/mupdf_detect_2.md", }, { tags: [ "x_transferred", ], url: "https://github.com/freeglut/freeglut/pull/155", }, { name: "FEDORA-2024-b69a4d75a1", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T43DAHPIWMGN54E4I6ABLHNYHZSTX7H5/", }, { name: "FEDORA-2024-0356803680", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IBAWX3HMMZVAWJZ3U6VOAYYOYJCN3IS/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "freeglut through 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddMenuEntry function.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-02-21T03:06:30.124969", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/yinluming13579/mupdf_defects/blob/main/mupdf_detect_2.md", }, { url: "https://github.com/freeglut/freeglut/pull/155", }, { name: "FEDORA-2024-b69a4d75a1", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T43DAHPIWMGN54E4I6ABLHNYHZSTX7H5/", }, { name: "FEDORA-2024-0356803680", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IBAWX3HMMZVAWJZ3U6VOAYYOYJCN3IS/", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2024-24259", datePublished: "2024-02-05T00:00:00", dateReserved: "2024-01-25T00:00:00", dateUpdated: "2024-08-01T23:19:52.064Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-6060
Vulnerability from cvelistv5
Published
2017-03-15 14:00
Modified
2024-09-13 16:16
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in jstest_main.c in mujstest in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to have unspecified impact via a crafted image.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T15:18:49.660Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "96266", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/96266", }, { name: "[oss-security] 20170218 mupdf: mujstest: stack-based buffer overflow in main (jstest_main.c)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2017/02/18/1", }, { name: "GLSA-201706-08", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201706-08", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://blogs.gentoo.org/ago/2017/02/17/mupdf-mujstest-stack-based-buffer-overflow-in-main-jstest_main-c/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=697551", }, { name: "[debian-lts-announce] 20210923 [SECURITY] [DLA 2765-1] mupdf security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2017-6060", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-09-13T16:15:48.759814Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-13T16:16:00.325Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-02-17T00:00:00", descriptions: [ { lang: "en", value: "Stack-based buffer overflow in jstest_main.c in mujstest in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to have unspecified impact via a crafted image.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-11T16:25:06.332716", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "96266", tags: [ "vdb-entry", ], url: "http://www.securityfocus.com/bid/96266", }, { name: "[oss-security] 20170218 mupdf: mujstest: stack-based buffer overflow in main (jstest_main.c)", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2017/02/18/1", }, { name: "GLSA-201706-08", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/201706-08", }, { url: "https://blogs.gentoo.org/ago/2017/02/17/mupdf-mujstest-stack-based-buffer-overflow-in-main-jstest_main-c/", }, { url: "https://bugs.ghostscript.com/show_bug.cgi?id=697551", }, { name: "[debian-lts-announce] 20210923 [SECURITY] [DLA 2765-1] mupdf security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html", }, { url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=06a012a42c9884e3cd653e7826cff1ddec04eb6e", }, { url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=e089b2e2c1d38c5696c7dfd741e21f8f3ef22b14", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-6060", datePublished: "2017-03-15T14:00:00", dateReserved: "2017-02-17T00:00:00", dateUpdated: "2024-09-13T16:16:00.325Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-37220
Vulnerability from cvelistv5
Published
2021-07-21 21:02
Modified
2024-08-04 01:16
Severity ?
EPSS score ?
Summary
MuPDF through 1.18.1 has an out-of-bounds write because the cached color converter does not properly consider the maximum key size of a hash table. This can, for example, be seen with crafted "mutool draw" input.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.ghostscript.com/show_bug.cgi?id=703791 | x_refsource_MISC | |
| http://git.ghostscript.com/?p=mupdf.git%3Bh=f5712c9949d026e4b891b25837edd2edc166151f | x_refsource_MISC | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TKRMREIYUBGG2GV73CU7BJNW2Q34IP23/ | vendor-advisory, x_refsource_FEDORA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T01:16:03.758Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=703791", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=f5712c9949d026e4b891b25837edd2edc166151f", }, { name: "FEDORA-2021-e1d8a99caa", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TKRMREIYUBGG2GV73CU7BJNW2Q34IP23/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "MuPDF through 1.18.1 has an out-of-bounds write because the cached color converter does not properly consider the maximum key size of a hash table. This can, for example, be seen with crafted \"mutool draw\" input.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-11-04T03:06:34", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=703791", }, { tags: [ "x_refsource_MISC", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=f5712c9949d026e4b891b25837edd2edc166151f", }, { name: "FEDORA-2021-e1d8a99caa", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TKRMREIYUBGG2GV73CU7BJNW2Q34IP23/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-37220", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "MuPDF through 1.18.1 has an out-of-bounds write because the cached color converter does not properly consider the maximum key size of a hash table. This can, for example, be seen with crafted \"mutool draw\" input.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://bugs.ghostscript.com/show_bug.cgi?id=703791", refsource: "MISC", url: "https://bugs.ghostscript.com/show_bug.cgi?id=703791", }, { name: "http://git.ghostscript.com/?p=mupdf.git;h=f5712c9949d026e4b891b25837edd2edc166151f", refsource: "MISC", url: "http://git.ghostscript.com/?p=mupdf.git;h=f5712c9949d026e4b891b25837edd2edc166151f", }, { name: "FEDORA-2021-e1d8a99caa", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TKRMREIYUBGG2GV73CU7BJNW2Q34IP23/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-37220", datePublished: "2021-07-21T21:02:04", dateReserved: "2021-07-21T00:00:00", dateUpdated: "2024-08-04T01:16:03.758Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-10246
Vulnerability from cvelistv5
Published
2017-03-16 14:00
Modified
2024-09-16 15:22
Severity ?
EPSS score ?
Summary
Buffer overflow in the main function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T03:14:42.887Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20170313 Re: mupdf: mujstest: global-buffer-overflow in main (jstest_main.c)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2017/03/13/21", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://blogs.gentoo.org/ago/2016/09/24/mupdf-mujstest-global-buffer-overflow-in-main-jstest_main-c/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=cfe8f35bca61056363368c343be36812abde0a06", }, { name: "[debian-lts-announce] 20210923 [SECURITY] [DLA 2765-1] mupdf security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2016-10246", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-16T15:21:57.414376Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-16T15:22:15.618Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-08-05T00:00:00", descriptions: [ { lang: "en", value: "Buffer overflow in the main function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-12T16:54:21.377917", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "[oss-security] 20170313 Re: mupdf: mujstest: global-buffer-overflow in main (jstest_main.c)", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2017/03/13/21", }, { url: "https://blogs.gentoo.org/ago/2016/09/24/mupdf-mujstest-global-buffer-overflow-in-main-jstest_main-c/", }, { url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=cfe8f35bca61056363368c343be36812abde0a06", }, { name: "[debian-lts-announce] 20210923 [SECURITY] [DLA 2765-1] mupdf security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html", }, { url: "https://bugs.ghostscript.com/show_bug.cgi?id=697020", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-10246", datePublished: "2017-03-16T14:00:00", dateReserved: "2017-03-12T00:00:00", dateUpdated: "2024-09-16T15:22:15.618Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-1000037
Vulnerability from cvelistv5
Published
2018-05-24 13:00
Modified
2024-08-05 12:33
Severity ?
EPSS score ?
Summary
In Artifex MuPDF 1.12.0 and earlier, multiple reachable assertions in the PDF parser allow an attacker to cause a denial of service (assert crash) via a crafted file.
References
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:artifex:mupdf:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mupdf", vendor: "artifex", versions: [ { lessThanOrEqual: "1.12.0", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2018-1000037", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-07-12T15:42:03.988321Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-12T20:21:36.771Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-05T12:33:48.754Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "GLSA-201811-15", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/201811-15", }, { tags: [ "x_transferred", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=8a3257b01faa899dd9b5e35c6bb3403cd709c371%3Bhp=de39f005f12a1afc6973c1f5cec362d6545f70cb", }, { tags: [ "x_transferred", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5511", }, { name: "DSA-4334", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2018/dsa-4334", }, { tags: [ "x_transferred", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=b2e7d38e845c7d4922d05e6e41f3a2dc1bc1b14a%3Bhp=f51836b9732c38d945b87fda0770009a77ba680c", }, { tags: [ "x_transferred", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5503", }, { tags: [ "x_transferred", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5501", }, { tags: [ "x_transferred", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=71ceebcf56e682504da22c4035b39a2d451e8ffd%3Bhp=7f82c01523505052615492f8e220f4348ba46995", }, { tags: [ "x_transferred", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5490", }, { tags: [ "x_transferred", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5564", }, { tags: [ "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698888", }, { tags: [ "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698882", }, { tags: [ "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698886", }, { tags: [ "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698890", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], dateAssigned: "2018-05-18T00:00:00", datePublic: "2018-02-24T00:00:00", descriptions: [ { lang: "en", value: "In Artifex MuPDF 1.12.0 and earlier, multiple reachable assertions in the PDF parser allow an attacker to cause a denial of service (assert crash) via a crafted file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-15T20:17:53.017536", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "GLSA-201811-15", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/201811-15", }, { url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=8a3257b01faa899dd9b5e35c6bb3403cd709c371%3Bhp=de39f005f12a1afc6973c1f5cec362d6545f70cb", }, { url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5511", }, { name: "DSA-4334", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2018/dsa-4334", }, { url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=b2e7d38e845c7d4922d05e6e41f3a2dc1bc1b14a%3Bhp=f51836b9732c38d945b87fda0770009a77ba680c", }, { url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5503", }, { url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5501", }, { url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=71ceebcf56e682504da22c4035b39a2d451e8ffd%3Bhp=7f82c01523505052615492f8e220f4348ba46995", }, { url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5490", }, { url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5564", }, { url: "https://bugs.ghostscript.com/show_bug.cgi?id=698888", }, { url: "https://bugs.ghostscript.com/show_bug.cgi?id=698882", }, { url: "https://bugs.ghostscript.com/show_bug.cgi?id=698886", }, { url: "https://bugs.ghostscript.com/show_bug.cgi?id=698890", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-1000037", datePublished: "2018-05-24T13:00:00", dateReserved: "2018-02-02T00:00:00", dateUpdated: "2024-08-05T12:33:48.754Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-16600
Vulnerability from cvelistv5
Published
2020-12-09 21:06
Modified
2024-08-04 13:45
Severity ?
EPSS score ?
Summary
A Use After Free vulnerability exists in Artifex Software, Inc. MuPDF library 1.17.0-rc1 and earlier when a valid page was followed by a page with invalid pixmap dimensions, causing bander - a static - to point to previously freed memory instead of a newband_writer.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.ghostscript.com/show_bug.cgi?id=702253 | x_refsource_MISC | |
| http://git.ghostscript.com/?p=mupdf.git%3Bh=96751b25462f83d6e16a9afaf8980b0c3f979c8b | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T13:45:33.192Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=702253", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=96751b25462f83d6e16a9afaf8980b0c3f979c8b", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "A Use After Free vulnerability exists in Artifex Software, Inc. MuPDF library 1.17.0-rc1 and earlier when a valid page was followed by a page with invalid pixmap dimensions, causing bander - a static - to point to previously freed memory instead of a newband_writer.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-12-09T21:06:55", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=702253", }, { tags: [ "x_refsource_MISC", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=96751b25462f83d6e16a9afaf8980b0c3f979c8b", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-16600", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A Use After Free vulnerability exists in Artifex Software, Inc. MuPDF library 1.17.0-rc1 and earlier when a valid page was followed by a page with invalid pixmap dimensions, causing bander - a static - to point to previously freed memory instead of a newband_writer.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://bugs.ghostscript.com/show_bug.cgi?id=702253", refsource: "MISC", url: "https://bugs.ghostscript.com/show_bug.cgi?id=702253", }, { name: "http://git.ghostscript.com/?p=mupdf.git;h=96751b25462f83d6e16a9afaf8980b0c3f979c8b", refsource: "MISC", url: "http://git.ghostscript.com/?p=mupdf.git;h=96751b25462f83d6e16a9afaf8980b0c3f979c8b", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-16600", datePublished: "2020-12-09T21:06:55", dateReserved: "2020-08-03T00:00:00", dateUpdated: "2024-08-04T13:45:33.192Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-18662
Vulnerability from cvelistv5
Published
2018-10-26 13:00
Modified
2024-09-12 16:21
Severity ?
EPSS score ?
Summary
There is an out-of-bounds read in fz_run_t3_glyph in fitz/font.c in Artifex MuPDF 1.14.0, as demonstrated by mutool.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T11:16:00.257Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "105755", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/105755", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=700043", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/TeamSeri0us/pocs/tree/master/mupdf", }, { name: "[debian-lts-announce] 20200725 [SECURITY] [DLA 2289-1] mupdf security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00019.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-10-26T00:00:00", descriptions: [ { lang: "en", value: "There is an out-of-bounds read in fz_run_t3_glyph in fitz/font.c in Artifex MuPDF 1.14.0, as demonstrated by mutool.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-12T16:21:04.944116", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "105755", tags: [ "vdb-entry", ], url: "http://www.securityfocus.com/bid/105755", }, { url: "https://bugs.ghostscript.com/show_bug.cgi?id=700043", }, { url: "https://github.com/TeamSeri0us/pocs/tree/master/mupdf", }, { name: "[debian-lts-announce] 20200725 [SECURITY] [DLA 2289-1] mupdf security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00019.html", }, { url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=164ddc22ee0d5b63a81d5148f44c37dd132a9356", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-18662", datePublished: "2018-10-26T13:00:00", dateReserved: "2018-10-26T00:00:00", dateUpdated: "2024-09-12T16:21:04.944116", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-10289
Vulnerability from cvelistv5
Published
2018-04-22 05:00
Modified
2024-09-12 16:36
Severity ?
EPSS score ?
Summary
In MuPDF 1.13.0, there is an infinite loop in the fz_skip_space function of the pdf/pdf-xref.c file. A remote adversary could leverage this vulnerability to cause a denial of service via a crafted pdf file.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T07:32:01.624Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=699271", }, { name: "[debian-lts-announce] 20210923 [SECURITY] [DLA 2765-1] mupdf security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-04-22T00:00:00", descriptions: [ { lang: "en", value: "In MuPDF 1.13.0, there is an infinite loop in the fz_skip_space function of the pdf/pdf-xref.c file. A remote adversary could leverage this vulnerability to cause a denial of service via a crafted pdf file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-12T16:36:45.112388", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://bugs.ghostscript.com/show_bug.cgi?id=699271", }, { name: "[debian-lts-announce] 20210923 [SECURITY] [DLA 2765-1] mupdf security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html", }, { url: "http://www.ghostscript.com/cgi-bin/findgit.cgi?2e43685dc8a8a886fc9df9b3663cf199404f7637", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-10289", datePublished: "2018-04-22T05:00:00", dateReserved: "2018-04-21T00:00:00", dateUpdated: "2024-09-12T16:36:45.112388", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-51103
Vulnerability from cvelistv5
Published
2023-12-26 00:00
Modified
2024-08-02 22:32
Severity ?
EPSS score ?
Summary
A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in the function fz_new_pixmap_from_float_data() of pixmap.c.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T22:32:09.163Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md", }, { tags: [ "x_transferred", ], url: "http://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=f1b5f87edd2675d5c79301e4ef2e1139f67f904b", }, { tags: [ "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=707620", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in the function fz_new_pixmap_from_float_data() of pixmap.c.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-15T20:09:59.590886", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md", }, { url: "http://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=f1b5f87edd2675d5c79301e4ef2e1139f67f904b", }, { url: "https://bugs.ghostscript.com/show_bug.cgi?id=707620", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-51103", datePublished: "2023-12-26T00:00:00", dateReserved: "2023-12-18T00:00:00", dateUpdated: "2024-08-02T22:32:09.163Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-5991
Vulnerability from cvelistv5
Published
2017-02-15 06:11
Modified
2024-08-05 15:18
Severity ?
EPSS score ?
Summary
An issue was discovered in Artifex MuPDF before 1912de5f08e90af1d9d0a9791f58ba3afdb9d465. The pdf_run_xobject function in pdf-op-run.c encounters a NULL pointer dereference during a Fitz fz_paint_pixmap_with_mask painting operation. Versions 1.11 and later are unaffected.
References
| ▼ | URL | Tags |
|---|---|---|
| http://git.ghostscript.com/?p=mupdf.git%3Bh=1912de5f08e90af1d9d0a9791f58ba3afdb9d465 | x_refsource_CONFIRM | |
| http://www.debian.org/security/2017/dsa-3797 | vendor-advisory, x_refsource_DEBIAN | |
| https://bugs.ghostscript.com/show_bug.cgi?id=697500 | x_refsource_CONFIRM | |
| https://security.gentoo.org/glsa/201706-08 | vendor-advisory, x_refsource_GENTOO | |
| https://www.exploit-db.com/exploits/42138/ | exploit, x_refsource_EXPLOIT-DB | |
| http://www.securityfocus.com/bid/96213 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T15:18:48.984Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=1912de5f08e90af1d9d0a9791f58ba3afdb9d465", }, { name: "DSA-3797", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2017/dsa-3797", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=697500", }, { name: "GLSA-201706-08", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201706-08", }, { name: "42138", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/42138/", }, { name: "96213", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/96213", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-02-15T00:00:00", descriptions: [ { lang: "en", value: "An issue was discovered in Artifex MuPDF before 1912de5f08e90af1d9d0a9791f58ba3afdb9d465. The pdf_run_xobject function in pdf-op-run.c encounters a NULL pointer dereference during a Fitz fz_paint_pixmap_with_mask painting operation. Versions 1.11 and later are unaffected.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-10-15T12:55:59", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=1912de5f08e90af1d9d0a9791f58ba3afdb9d465", }, { name: "DSA-3797", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2017/dsa-3797", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=697500", }, { name: "GLSA-201706-08", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201706-08", }, { name: "42138", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/42138/", }, { name: "96213", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/96213", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-5991", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in Artifex MuPDF before 1912de5f08e90af1d9d0a9791f58ba3afdb9d465. The pdf_run_xobject function in pdf-op-run.c encounters a NULL pointer dereference during a Fitz fz_paint_pixmap_with_mask painting operation. Versions 1.11 and later are unaffected.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://git.ghostscript.com/?p=mupdf.git;h=1912de5f08e90af1d9d0a9791f58ba3afdb9d465", refsource: "CONFIRM", url: "http://git.ghostscript.com/?p=mupdf.git;h=1912de5f08e90af1d9d0a9791f58ba3afdb9d465", }, { name: "DSA-3797", refsource: "DEBIAN", url: "http://www.debian.org/security/2017/dsa-3797", }, { name: "https://bugs.ghostscript.com/show_bug.cgi?id=697500", refsource: "CONFIRM", url: "https://bugs.ghostscript.com/show_bug.cgi?id=697500", }, { name: "GLSA-201706-08", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201706-08", }, { name: "42138", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/42138/", }, { name: "96213", refsource: "BID", url: "http://www.securityfocus.com/bid/96213", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-5991", datePublished: "2017-02-15T06:11:00", dateReserved: "2017-02-15T00:00:00", dateUpdated: "2024-08-05T15:18:48.984Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-26683
Vulnerability from cvelistv5
Published
2023-08-22 00:00
Modified
2024-10-03 19:24
Severity ?
EPSS score ?
Summary
A memory leak issue discovered in /pdf/pdf-font-add.c in Artifex Software MuPDF 1.17.0 allows attackers to obtain sensitive information.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T15:56:05.029Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=702566", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-26683", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-03T19:24:27.977584Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-03T19:24:41.460Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "A memory leak issue discovered in /pdf/pdf-font-add.c in Artifex Software MuPDF 1.17.0 allows attackers to obtain sensitive information.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-11T15:41:12.590391", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://bugs.ghostscript.com/show_bug.cgi?id=702566", }, { url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=05720b4ee3dbae57e65546dc2eecc3021c08eeea", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-26683", datePublished: "2023-08-22T00:00:00", dateReserved: "2020-10-07T00:00:00", dateUpdated: "2024-10-03T19:24:41.460Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-14687
Vulnerability from cvelistv5
Published
2017-09-22 06:00
Modified
2024-08-05 19:34
Severity ?
EPSS score ?
Summary
Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016cb4f" on Windows. This occurs because of mishandling of XML tag name comparisons.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.debian.org/security/2017/dsa-4006 | vendor-advisory, x_refsource_DEBIAN | |
| http://git.ghostscript.com/?p=mupdf.git%3Bh=2b16dbd8f73269cb15ca61ece75cf8d2d196ed28 | x_refsource_MISC | |
| https://bugs.ghostscript.com/show_bug.cgi?id=698558 | x_refsource_MISC | |
| https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14687 | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2017/11/msg00007.html | mailing-list, x_refsource_MLIST |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:34:39.526Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "DSA-4006", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2017/dsa-4006", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=2b16dbd8f73269cb15ca61ece75cf8d2d196ed28", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698558", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14687", }, { name: "[debian-lts-announce] 20171107 [SECURITY] [DLA 1164-1] mupdf security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2017/11/msg00007.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-09-22T00:00:00", descriptions: [ { lang: "en", value: "Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to \"Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016cb4f\" on Windows. This occurs because of mishandling of XML tag name comparisons.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-02-02T10:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "DSA-4006", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2017/dsa-4006", }, { tags: [ "x_refsource_MISC", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=2b16dbd8f73269cb15ca61ece75cf8d2d196ed28", }, { tags: [ "x_refsource_MISC", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698558", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14687", }, { name: "[debian-lts-announce] 20171107 [SECURITY] [DLA 1164-1] mupdf security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2017/11/msg00007.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-14687", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to \"Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016cb4f\" on Windows. This occurs because of mishandling of XML tag name comparisons.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "DSA-4006", refsource: "DEBIAN", url: "http://www.debian.org/security/2017/dsa-4006", }, { name: "http://git.ghostscript.com/?p=mupdf.git;h=2b16dbd8f73269cb15ca61ece75cf8d2d196ed28", refsource: "MISC", url: "http://git.ghostscript.com/?p=mupdf.git;h=2b16dbd8f73269cb15ca61ece75cf8d2d196ed28", }, { name: "https://bugs.ghostscript.com/show_bug.cgi?id=698558", refsource: "MISC", url: "https://bugs.ghostscript.com/show_bug.cgi?id=698558", }, { name: "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14687", refsource: "MISC", url: "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14687", }, { name: "[debian-lts-announce] 20171107 [SECURITY] [DLA 1164-1] mupdf security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2017/11/msg00007.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-14687", datePublished: "2017-09-22T06:00:00", dateReserved: "2017-09-22T00:00:00", dateUpdated: "2024-08-05T19:34:39.526Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-13290
Vulnerability from cvelistv5
Published
2019-07-04 21:07
Modified
2024-08-04 23:49
Severity ?
EPSS score ?
Summary
Artifex MuPDF 1.15.0 has a heap-based buffer overflow in fz_append_display_node located at fitz/list-device.c, allowing remote attackers to execute arbitrary code via a crafted PDF file. This occurs with a large BDC property name that overflows the allocated size of a display list node.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.ghostscript.com/show_bug.cgi?id=701118 | x_refsource_MISC | |
| http://git.ghostscript.com/?p=mupdf.git%3Bh=aaf794439e40a2ef544f15b50c20e657414dec7a | x_refsource_MISC | |
| http://git.ghostscript.com/?p=mupdf.git%3Bh=ed19bc806809ad10c4ddce515d375581b86ede85 | x_refsource_MISC | |
| https://archive.today/oi6bm | x_refsource_MISC | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUXKCY35PKC32IFHN4RBUCZ75OWEYVJH/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.debian.org/debian-lts-announce/2020/07/msg00019.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2020/dsa-4753 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T23:49:24.593Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=701118", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=aaf794439e40a2ef544f15b50c20e657414dec7a", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=ed19bc806809ad10c4ddce515d375581b86ede85", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://archive.today/oi6bm", }, { name: "FEDORA-2019-10f02ad597", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUXKCY35PKC32IFHN4RBUCZ75OWEYVJH/", }, { name: "[debian-lts-announce] 20200725 [SECURITY] [DLA 2289-1] mupdf security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00019.html", }, { name: "DSA-4753", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4753", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Artifex MuPDF 1.15.0 has a heap-based buffer overflow in fz_append_display_node located at fitz/list-device.c, allowing remote attackers to execute arbitrary code via a crafted PDF file. This occurs with a large BDC property name that overflows the allocated size of a display list node.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-08-29T23:06:33", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=701118", }, { tags: [ "x_refsource_MISC", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=aaf794439e40a2ef544f15b50c20e657414dec7a", }, { tags: [ "x_refsource_MISC", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=ed19bc806809ad10c4ddce515d375581b86ede85", }, { tags: [ "x_refsource_MISC", ], url: "https://archive.today/oi6bm", }, { name: "FEDORA-2019-10f02ad597", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUXKCY35PKC32IFHN4RBUCZ75OWEYVJH/", }, { name: "[debian-lts-announce] 20200725 [SECURITY] [DLA 2289-1] mupdf security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00019.html", }, { name: "DSA-4753", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4753", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-13290", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Artifex MuPDF 1.15.0 has a heap-based buffer overflow in fz_append_display_node located at fitz/list-device.c, allowing remote attackers to execute arbitrary code via a crafted PDF file. This occurs with a large BDC property name that overflows the allocated size of a display list node.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://bugs.ghostscript.com/show_bug.cgi?id=701118", refsource: "MISC", url: "https://bugs.ghostscript.com/show_bug.cgi?id=701118", }, { name: "http://git.ghostscript.com/?p=mupdf.git;h=aaf794439e40a2ef544f15b50c20e657414dec7a", refsource: "MISC", url: "http://git.ghostscript.com/?p=mupdf.git;h=aaf794439e40a2ef544f15b50c20e657414dec7a", }, { name: "http://git.ghostscript.com/?p=mupdf.git;h=ed19bc806809ad10c4ddce515d375581b86ede85", refsource: "MISC", url: "http://git.ghostscript.com/?p=mupdf.git;h=ed19bc806809ad10c4ddce515d375581b86ede85", }, { name: "https://archive.today/oi6bm", refsource: "MISC", url: "https://archive.today/oi6bm", }, { name: "FEDORA-2019-10f02ad597", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VUXKCY35PKC32IFHN4RBUCZ75OWEYVJH/", }, { name: "[debian-lts-announce] 20200725 [SECURITY] [DLA 2289-1] mupdf security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00019.html", }, { name: "DSA-4753", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4753", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-13290", datePublished: "2019-07-04T21:07:14", dateReserved: "2019-07-04T00:00:00", dateUpdated: "2024-08-04T23:49:24.593Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-19882
Vulnerability from cvelistv5
Published
2018-12-06 00:00
Modified
2024-09-12 16:44
Severity ?
EPSS score ?
Summary
In Artifex MuPDF 1.14.0, the svg_run_image function in svg/svg-run.c allows remote attackers to cause a denial of service (href_att NULL pointer dereference and application crash) via a crafted svg file, as demonstrated by mupdf-gl.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T11:44:20.667Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=700342", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/TeamSeri0us/pocs/tree/master/mupdf/20181203", }, { name: "FEDORA-2019-befe3bd225", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SEK2EHVNREJ7XZMFF2MXRWKIF4IBHPNE/", }, { name: "FEDORA-2019-15af6a9a07", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNJNEX5EW6YH5OARXXSSXW4HHC5PIBSY/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-12-05T00:00:00", descriptions: [ { lang: "en", value: "In Artifex MuPDF 1.14.0, the svg_run_image function in svg/svg-run.c allows remote attackers to cause a denial of service (href_att NULL pointer dereference and application crash) via a crafted svg file, as demonstrated by mupdf-gl.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-12T16:44:07.268542", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://bugs.ghostscript.com/show_bug.cgi?id=700342", }, { url: "https://github.com/TeamSeri0us/pocs/tree/master/mupdf/20181203", }, { name: "FEDORA-2019-befe3bd225", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SEK2EHVNREJ7XZMFF2MXRWKIF4IBHPNE/", }, { name: "FEDORA-2019-15af6a9a07", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNJNEX5EW6YH5OARXXSSXW4HHC5PIBSY/", }, { url: "http://www.ghostscript.com/cgi-bin/findgit.cgi?a7f7d91cdff8d303c11d458fa8b802776f73c8cc", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-19882", datePublished: "2018-12-06T00:00:00", dateReserved: "2018-12-05T00:00:00", dateUpdated: "2024-09-12T16:44:07.268542", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-6187
Vulnerability from cvelistv5
Published
2018-01-24 10:00
Modified
2024-09-11 16:35
Severity ?
EPSS score ?
Summary
In Artifex MuPDF 1.12.0, there is a heap-based buffer overflow vulnerability in the do_pdf_save_document function in the pdf/pdf-write.c file. Remote attackers could leverage the vulnerability to cause a denial of service via a crafted pdf file.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T05:54:53.151Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "GLSA-201811-15", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201811-15", }, { name: "DSA-4334", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2018/dsa-4334", }, { name: "102823", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/102823", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698908", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-01-24T00:00:00", descriptions: [ { lang: "en", value: "In Artifex MuPDF 1.12.0, there is a heap-based buffer overflow vulnerability in the do_pdf_save_document function in the pdf/pdf-write.c file. Remote attackers could leverage the vulnerability to cause a denial of service via a crafted pdf file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-11T16:35:50.515647", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "GLSA-201811-15", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/201811-15", }, { name: "DSA-4334", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2018/dsa-4334", }, { name: "102823", tags: [ "vdb-entry", ], url: "http://www.securityfocus.com/bid/102823", }, { url: "https://bugs.ghostscript.com/show_bug.cgi?id=698908", }, { url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=3e30fbb7bf5efd88df431e366492356e7eb969ec", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-6187", datePublished: "2018-01-24T10:00:00", dateReserved: "2018-01-24T00:00:00", dateUpdated: "2024-09-11T16:35:50.515647", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-6544
Vulnerability from cvelistv5
Published
2018-02-02 09:00
Modified
2024-08-05 06:10
Severity ?
EPSS score ?
Summary
pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could reference the object stream recursively and therefore run out of error stack, which allows remote attackers to cause a denial of service via a crafted PDF document.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.gentoo.org/glsa/201811-15 | vendor-advisory, x_refsource_GENTOO | |
| https://bugs.ghostscript.com/show_bug.cgi?id=698965 | x_refsource_MISC | |
| https://www.debian.org/security/2018/dsa-4152 | vendor-advisory, x_refsource_DEBIAN | |
| http://git.ghostscript.com/?p=mupdf.git%3Bh=26527eef77b3e51c2258c8e40845bfbc015e405d | x_refsource_MISC | |
| http://git.ghostscript.com/?p=mupdf.git%3Bh=b03def134988da8c800adac1a38a41a1f09a1d89 | x_refsource_MISC | |
| https://bugs.ghostscript.com/show_bug.cgi?id=698830 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T06:10:10.104Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "GLSA-201811-15", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201811-15", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698965", }, { name: "DSA-4152", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2018/dsa-4152", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=26527eef77b3e51c2258c8e40845bfbc015e405d", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=b03def134988da8c800adac1a38a41a1f09a1d89", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698830", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-02-02T00:00:00", descriptions: [ { lang: "en", value: "pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could reference the object stream recursively and therefore run out of error stack, which allows remote attackers to cause a denial of service via a crafted PDF document.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-11-27T10:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "GLSA-201811-15", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201811-15", }, { tags: [ "x_refsource_MISC", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698965", }, { name: "DSA-4152", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2018/dsa-4152", }, { tags: [ "x_refsource_MISC", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=26527eef77b3e51c2258c8e40845bfbc015e405d", }, { tags: [ "x_refsource_MISC", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=b03def134988da8c800adac1a38a41a1f09a1d89", }, { tags: [ "x_refsource_MISC", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698830", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-6544", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could reference the object stream recursively and therefore run out of error stack, which allows remote attackers to cause a denial of service via a crafted PDF document.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "GLSA-201811-15", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201811-15", }, { name: "https://bugs.ghostscript.com/show_bug.cgi?id=698965", refsource: "MISC", url: "https://bugs.ghostscript.com/show_bug.cgi?id=698965", }, { name: "DSA-4152", refsource: "DEBIAN", url: "https://www.debian.org/security/2018/dsa-4152", }, { name: "http://git.ghostscript.com/?p=mupdf.git;h=26527eef77b3e51c2258c8e40845bfbc015e405d", refsource: "MISC", url: "http://git.ghostscript.com/?p=mupdf.git;h=26527eef77b3e51c2258c8e40845bfbc015e405d", }, { name: "http://git.ghostscript.com/?p=mupdf.git;h=b03def134988da8c800adac1a38a41a1f09a1d89", refsource: "MISC", url: "http://git.ghostscript.com/?p=mupdf.git;h=b03def134988da8c800adac1a38a41a1f09a1d89", }, { name: "https://bugs.ghostscript.com/show_bug.cgi?id=698830", refsource: "MISC", url: "https://bugs.ghostscript.com/show_bug.cgi?id=698830", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-6544", datePublished: "2018-02-02T09:00:00", dateReserved: "2018-02-02T00:00:00", dateUpdated: "2024-08-05T06:10:10.104Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-7264
Vulnerability from cvelistv5
Published
2017-03-26 05:47
Modified
2024-08-05 15:56
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in the fz_subsample_pixmap function in fitz/pixmap.c in Artifex MuPDF 1.10a allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted document.
References
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, }, { other: { content: { id: "CVE-2017-7264", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-07-16T13:19:03.790326Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-16T13:23:04.553Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-05T15:56:36.283Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://blogs.gentoo.org/ago/2017/02/09/mupdf-use-after-free-in-fz_subsample_pixmap-pixmap-c/", }, { tags: [ "x_transferred", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=2c4e5867ee699b1081527bc6c6ea0e99a35a5c27", }, { name: "97111", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securityfocus.com/bid/97111", }, { tags: [ "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=697515", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-03-26T00:00:00", descriptions: [ { lang: "en", value: "Use-after-free vulnerability in the fz_subsample_pixmap function in fitz/pixmap.c in Artifex MuPDF 1.10a allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted document.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-15T20:32:04.507514", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://blogs.gentoo.org/ago/2017/02/09/mupdf-use-after-free-in-fz_subsample_pixmap-pixmap-c/", }, { url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=2c4e5867ee699b1081527bc6c6ea0e99a35a5c27", }, { name: "97111", tags: [ "vdb-entry", ], url: "http://www.securityfocus.com/bid/97111", }, { url: "https://bugs.ghostscript.com/show_bug.cgi?id=697515", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-7264", datePublished: "2017-03-26T05:47:00", dateReserved: "2017-03-26T00:00:00", dateUpdated: "2024-08-05T15:56:36.283Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-8729
Vulnerability from cvelistv5
Published
2018-04-24 19:00
Modified
2024-09-16 17:24
Severity ?
EPSS score ?
Summary
An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. A specially crafted PDF can cause a negative number to be passed to a memset resulting in memory corruption and potential code execution. An attacker can specially craft a PDF and send to the victim to trigger this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0243 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Artifex Software Inc. | MuPDF |
Version: 1.9 Version: 1.10 RC2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-09-16T15:50:12.038Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { url: "https://bugs.ghostscript.com/show_bug.cgi?id=697395", }, { url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/jbig2dec.git/commit/?id=e698d5c11d27212aa1098bc5b1673a3378563092", }, { url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=1a7ef61410884daff8ff8391ddcecc3102acd989", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0243", }, ], title: "CVE Program Container", x_generator: { engine: "ADPogram 0.0.1", }, }, ], cna: { affected: [ { product: "MuPDF", vendor: "Artifex Software Inc.", versions: [ { status: "affected", version: "1.9", }, { status: "affected", version: "1.10 RC2", }, ], }, ], datePublic: "2017-05-15T00:00:00", descriptions: [ { lang: "en", value: "An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. A specially crafted PDF can cause a negative number to be passed to a memset resulting in memory corruption and potential code execution. An attacker can specially craft a PDF and send to the victim to trigger this vulnerability.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "remote code execution", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-19T19:17:04", orgId: "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", shortName: "talos", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0243", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "talos-cna@cisco.com", DATE_PUBLIC: "2017-05-15T00:00:00", ID: "CVE-2016-8729", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "MuPDF", version: { version_data: [ { version_value: "1.9", }, { version_value: "1.10 RC2", }, ], }, }, ], }, vendor_name: "Artifex Software Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. A specially crafted PDF can cause a negative number to be passed to a memset resulting in memory corruption and potential code execution. An attacker can specially craft a PDF and send to the victim to trigger this vulnerability.", }, ], }, impact: { cvss: { baseScore: 7.5, baseSeverity: "High", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "remote code execution", }, ], }, ], }, references: { reference_data: [ { name: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0243", refsource: "MISC", url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0243", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", assignerShortName: "talos", cveId: "CVE-2016-8729", datePublished: "2018-04-24T19:00:00Z", dateReserved: "2016-10-17T00:00:00", dateUpdated: "2024-09-16T17:24:06.366Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-1000051
Vulnerability from cvelistv5
Published
2018-02-09 23:00
Modified
2024-09-11 15:53
Severity ?
EPSS score ?
Summary
Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability in fz_keep_key_storable that can result in DOS / Possible code execution. This attack appear to be exploitable via Victim opens a specially crafted PDF.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T12:33:48.972Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "GLSA-201811-15", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201811-15", }, { name: "DSA-4152", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2018/dsa-4152", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698873", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698825", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], dateAssigned: "2018-02-01T00:00:00", datePublic: "2017-12-19T00:00:00", descriptions: [ { lang: "en", value: "Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability in fz_keep_key_storable that can result in DOS / Possible code execution. This attack appear to be exploitable via Victim opens a specially crafted PDF.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-11T15:53:13.232570", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "GLSA-201811-15", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/201811-15", }, { name: "DSA-4152", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2018/dsa-4152", }, { url: "https://bugs.ghostscript.com/show_bug.cgi?id=698873", }, { url: "https://bugs.ghostscript.com/show_bug.cgi?id=698825", }, { url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=321ba1de287016b0036bf4a56ce774ad11763384", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-1000051", datePublished: "2018-02-09T23:00:00", dateReserved: "2018-02-05T00:00:00", dateUpdated: "2024-09-11T15:53:13.232570", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-21896
Vulnerability from cvelistv5
Published
2023-08-22 00:00
Modified
2024-09-13 16:18
Severity ?
EPSS score ?
Summary
A Use After Free vulnerability in svg_dev_text_span_as_paths_defs function in source/fitz/svg-device.c in Artifex Software MuPDF 1.16.0 allows remote attackers to cause a denial of service via opening of a crafted PDF file.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T14:30:33.651Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=701294", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-21896", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-13T16:18:36.331207Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-13T16:18:45.919Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "A Use After Free vulnerability in svg_dev_text_span_as_paths_defs function in source/fitz/svg-device.c in Artifex Software MuPDF 1.16.0 allows remote attackers to cause a denial of service via opening of a crafted PDF file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-11T15:35:03.117043", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://bugs.ghostscript.com/show_bug.cgi?id=701294", }, { url: "http://www.ghostscript.com/cgi-bin/findgit.cgi?8719e07834d6a72b6b4131539e49ed1e8e2ff79e", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-21896", datePublished: "2023-08-22T00:00:00", dateReserved: "2020-08-13T00:00:00", dateUpdated: "2024-09-13T16:18:45.919Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-6192
Vulnerability from cvelistv5
Published
2018-01-24 21:00
Modified
2024-09-11 16:38
Severity ?
EPSS score ?
Summary
In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation violation and application crash) via a crafted pdf file.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T05:54:53.180Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "GLSA-201811-15", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201811-15", }, { name: "DSA-4334", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2018/dsa-4334", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698916", }, { name: "102822", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/102822", }, { name: "[debian-lts-announce] 20190628 [SECURITY] [DLA 1838-1] mupdf security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/06/msg00027.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-01-24T00:00:00", descriptions: [ { lang: "en", value: "In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation violation and application crash) via a crafted pdf file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-11T16:38:55.504739", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "GLSA-201811-15", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/201811-15", }, { name: "DSA-4334", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2018/dsa-4334", }, { url: "https://bugs.ghostscript.com/show_bug.cgi?id=698916", }, { name: "102822", tags: [ "vdb-entry", ], url: "http://www.securityfocus.com/bid/102822", }, { name: "[debian-lts-announce] 20190628 [SECURITY] [DLA 1838-1] mupdf security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2019/06/msg00027.html", }, { url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=5e411a99604ff6be5db9e273ee84737204113299", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-6192", datePublished: "2018-01-24T21:00:00", dateReserved: "2018-01-24T00:00:00", dateUpdated: "2024-09-11T16:38:55.504739", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-5896
Vulnerability from cvelistv5
Published
2017-02-15 19:00
Modified
2024-08-05 15:11
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in the fz_subsample_pixmap function in fitz/pixmap.c in MuPDF 1.10a allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted image.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2017/02/07/1 | mailing-list, x_refsource_MLIST | |
| https://bugs.ghostscript.com/show_bug.cgi?id=697515 | x_refsource_CONFIRM | |
| http://git.ghostscript.com/?p=mupdf.git%3Bh=2c4e5867ee699b1081527bc6c6ea0e99a35a5c27 | x_refsource_CONFIRM | |
| http://www.debian.org/security/2017/dsa-3797 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.securityfocus.com/bid/96139 | vdb-entry, x_refsource_BID | |
| http://www.openwall.com/lists/oss-security/2017/02/06/3 | mailing-list, x_refsource_MLIST | |
| https://security.gentoo.org/glsa/201702-12 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T15:11:48.873Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20170207 Re: mupdf: heap-based buffer overflow in fz_subsample_pixmap", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2017/02/07/1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=697515", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=2c4e5867ee699b1081527bc6c6ea0e99a35a5c27", }, { name: "DSA-3797", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2017/dsa-3797", }, { name: "96139", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/96139", }, { name: "[oss-security] 20170206 mupdf: heap-based buffer overflow in fz_subsample_pixmap", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2017/02/06/3", }, { name: "GLSA-201702-12", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201702-12", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-02-06T00:00:00", descriptions: [ { lang: "en", value: "Heap-based buffer overflow in the fz_subsample_pixmap function in fitz/pixmap.c in MuPDF 1.10a allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted image.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-11-03T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "[oss-security] 20170207 Re: mupdf: heap-based buffer overflow in fz_subsample_pixmap", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2017/02/07/1", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=697515", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=2c4e5867ee699b1081527bc6c6ea0e99a35a5c27", }, { name: "DSA-3797", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2017/dsa-3797", }, { name: "96139", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/96139", }, { name: "[oss-security] 20170206 mupdf: heap-based buffer overflow in fz_subsample_pixmap", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2017/02/06/3", }, { name: "GLSA-201702-12", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201702-12", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-5896", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Heap-based buffer overflow in the fz_subsample_pixmap function in fitz/pixmap.c in MuPDF 1.10a allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted image.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "[oss-security] 20170207 Re: mupdf: heap-based buffer overflow in fz_subsample_pixmap", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2017/02/07/1", }, { name: "https://bugs.ghostscript.com/show_bug.cgi?id=697515", refsource: "CONFIRM", url: "https://bugs.ghostscript.com/show_bug.cgi?id=697515", }, { name: "http://git.ghostscript.com/?p=mupdf.git;h=2c4e5867ee699b1081527bc6c6ea0e99a35a5c27", refsource: "CONFIRM", url: "http://git.ghostscript.com/?p=mupdf.git;h=2c4e5867ee699b1081527bc6c6ea0e99a35a5c27", }, { name: "DSA-3797", refsource: "DEBIAN", url: "http://www.debian.org/security/2017/dsa-3797", }, { name: "96139", refsource: "BID", url: "http://www.securityfocus.com/bid/96139", }, { name: "[oss-security] 20170206 mupdf: heap-based buffer overflow in fz_subsample_pixmap", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2017/02/06/3", }, { name: "GLSA-201702-12", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201702-12", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-5896", datePublished: "2017-02-15T19:00:00", dateReserved: "2017-02-07T00:00:00", dateUpdated: "2024-08-05T15:11:48.873Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-1000036
Vulnerability from cvelistv5
Published
2018-05-24 13:00
Modified
2024-09-13 16:11
Severity ?
EPSS score ?
Summary
In Artifex MuPDF 1.12.0 and earlier, multiple memory leaks in the PDF parser allow an attacker to cause a denial of service (memory leak) via a crafted file.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T12:33:48.627Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5502", }, { name: "GLSA-201811-15", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/201811-15", }, { name: "[debian-lts-announce] 20210923 [SECURITY] [DLA 2765-1] mupdf security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html", }, { tags: [ "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698887", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2018-1000036", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-13T16:10:54.412706Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-13T16:11:02.461Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], dateAssigned: "2018-05-18T00:00:00", datePublic: "2018-04-19T00:00:00", descriptions: [ { lang: "en", value: "In Artifex MuPDF 1.12.0 and earlier, multiple memory leaks in the PDF parser allow an attacker to cause a denial of service (memory leak) via a crafted file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-12T16:47:16.754782", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5502", }, { name: "GLSA-201811-15", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/201811-15", }, { name: "[debian-lts-announce] 20210923 [SECURITY] [DLA 2765-1] mupdf security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html", }, { url: "https://bugs.ghostscript.com/show_bug.cgi?id=698887", }, { url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=8aa2bd34065d2844aae778bd4cc20c74bbcd9406", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-1000036", datePublished: "2018-05-24T13:00:00", dateReserved: "2018-02-02T00:00:00", dateUpdated: "2024-09-13T16:11:02.461Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-14685
Vulnerability from cvelistv5
Published
2017-09-22 06:00
Modified
2024-08-05 19:34
Severity ?
EPSS score ?
Summary
Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016aa61" on Windows. This occurs because xps_load_links_in_glyphs in xps/xps-link.c does not verify that an xps font could be loaded.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14685 | x_refsource_MISC | |
| http://www.debian.org/security/2017/dsa-4006 | vendor-advisory, x_refsource_DEBIAN | |
| https://bugs.ghostscript.com/show_bug.cgi?id=698539 | x_refsource_MISC | |
| http://git.ghostscript.com/?p=mupdf.git%3Bh=ab1a420613dec93c686acbee2c165274e922f82a | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:34:39.406Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14685", }, { name: "DSA-4006", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2017/dsa-4006", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698539", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=ab1a420613dec93c686acbee2c165274e922f82a", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-09-22T00:00:00", descriptions: [ { lang: "en", value: "Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to \"Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016aa61\" on Windows. This occurs because xps_load_links_in_glyphs in xps/xps-link.c does not verify that an xps font could be loaded.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-11-04T09:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14685", }, { name: "DSA-4006", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2017/dsa-4006", }, { tags: [ "x_refsource_MISC", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698539", }, { tags: [ "x_refsource_MISC", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=ab1a420613dec93c686acbee2c165274e922f82a", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-14685", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to \"Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016aa61\" on Windows. This occurs because xps_load_links_in_glyphs in xps/xps-link.c does not verify that an xps font could be loaded.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14685", refsource: "MISC", url: "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14685", }, { name: "DSA-4006", refsource: "DEBIAN", url: "http://www.debian.org/security/2017/dsa-4006", }, { name: "https://bugs.ghostscript.com/show_bug.cgi?id=698539", refsource: "MISC", url: "https://bugs.ghostscript.com/show_bug.cgi?id=698539", }, { name: "http://git.ghostscript.com/?p=mupdf.git;h=ab1a420613dec93c686acbee2c165274e922f82a", refsource: "MISC", url: "http://git.ghostscript.com/?p=mupdf.git;h=ab1a420613dec93c686acbee2c165274e922f82a", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-14685", datePublished: "2017-09-22T06:00:00", dateReserved: "2017-09-22T00:00:00", dateUpdated: "2024-08-05T19:34:39.406Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-10247
Vulnerability from cvelistv5
Published
2017-03-16 14:00
Modified
2024-09-13 14:08
Severity ?
EPSS score ?
Summary
Buffer overflow in the my_getline function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T03:14:42.953Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "97099", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/97099", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=446097f97b71ce20fa8d1e45e070f2e62676003e", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://blogs.gentoo.org/ago/2016/09/24/mupdf-mujstest-global-buffer-overflow-in-my_getline-jstest_main-c/", }, { name: "[oss-security] 20170313 Re: mupdf: mujstest: global-buffer-overflow in my_getline (jstest_main.c)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2017/03/13/20", }, { name: "[debian-lts-announce] 20210923 [SECURITY] [DLA 2765-1] mupdf security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2016-10247", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-13T14:07:40.312203Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-13T14:08:06.881Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-08-05T00:00:00", descriptions: [ { lang: "en", value: "Buffer overflow in the my_getline function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-12T16:57:53.575741", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "97099", tags: [ "vdb-entry", ], url: "http://www.securityfocus.com/bid/97099", }, { url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=446097f97b71ce20fa8d1e45e070f2e62676003e", }, { url: "https://blogs.gentoo.org/ago/2016/09/24/mupdf-mujstest-global-buffer-overflow-in-my_getline-jstest_main-c/", }, { name: "[oss-security] 20170313 Re: mupdf: mujstest: global-buffer-overflow in my_getline (jstest_main.c)", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2017/03/13/20", }, { name: "[debian-lts-announce] 20210923 [SECURITY] [DLA 2765-1] mupdf security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html", }, { url: "https://bugs.ghostscript.com/show_bug.cgi?id=697021", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-10247", datePublished: "2017-03-16T14:00:00", dateReserved: "2017-03-12T00:00:00", dateUpdated: "2024-09-13T14:08:06.881Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-6130
Vulnerability from cvelistv5
Published
2019-01-11 05:00
Modified
2024-09-11 15:56
Severity ?
EPSS score ?
Summary
Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the fitz/document.c file, as demonstrated by mutool. This is related to page-number mishandling in cbz/mucbz.c, cbz/muimg.c, and svg/svg-doc.c.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:16:24.555Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=700446", }, { name: "106558", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/106558", }, { name: "FEDORA-2019-befe3bd225", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SEK2EHVNREJ7XZMFF2MXRWKIF4IBHPNE/", }, { name: "FEDORA-2019-15af6a9a07", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNJNEX5EW6YH5OARXXSSXW4HHC5PIBSY/", }, { name: "[debian-lts-announce] 20190628 [SECURITY] [DLA 1838-1] mupdf security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/06/msg00027.html", }, { name: "[debian-lts-announce] 20200725 [SECURITY] [DLA 2289-1] mupdf security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00019.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2019-01-10T00:00:00", descriptions: [ { lang: "en", value: "Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the fitz/document.c file, as demonstrated by mutool. This is related to page-number mishandling in cbz/mucbz.c, cbz/muimg.c, and svg/svg-doc.c.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-11T15:56:35.805877", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://bugs.ghostscript.com/show_bug.cgi?id=700446", }, { name: "106558", tags: [ "vdb-entry", ], url: "http://www.securityfocus.com/bid/106558", }, { name: "FEDORA-2019-befe3bd225", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SEK2EHVNREJ7XZMFF2MXRWKIF4IBHPNE/", }, { name: "FEDORA-2019-15af6a9a07", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNJNEX5EW6YH5OARXXSSXW4HHC5PIBSY/", }, { name: "[debian-lts-announce] 20190628 [SECURITY] [DLA 1838-1] mupdf security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2019/06/msg00027.html", }, { name: "[debian-lts-announce] 20200725 [SECURITY] [DLA 2289-1] mupdf security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00019.html", }, { url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=faf47b94e24314d74907f3f6bc874105f2c962ed", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-6130", datePublished: "2019-01-11T05:00:00", dateReserved: "2019-01-10T00:00:00", dateUpdated: "2024-09-11T15:56:35.805877", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-1000040
Vulnerability from cvelistv5
Published
2018-05-24 13:00
Modified
2024-08-05 12:33
Severity ?
EPSS score ?
Summary
In Artifex MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs in the PDF parser could allow an attacker to cause a denial of service (crash) or influence program flow via a crafted file.
References
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2018-1000040", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-07-23T18:25:21.913182Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-23T18:25:29.836Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-05T12:33:48.855Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "GLSA-201811-15", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/201811-15", }, { tags: [ "x_transferred", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5596", }, { tags: [ "x_transferred", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5600", }, { name: "DSA-4334", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2018/dsa-4334", }, { tags: [ "x_transferred", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5610", }, { tags: [ "x_transferred", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5609", }, { tags: [ "x_transferred", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=83d4dae44c71816c084a635550acc1a51529b881%3Bhp=f597300439e62f5e921f0d7b1e880b5c1a1f1607", }, { tags: [ "x_transferred", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5603", }, { tags: [ "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=699086", }, { tags: [ "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698904", }, { tags: [ "x_transferred", ], url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=ace9e69017c08e1e4ce5912014177414c0382004", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], dateAssigned: "2018-05-18T00:00:00", datePublic: "2018-02-24T00:00:00", descriptions: [ { lang: "en", value: "In Artifex MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs in the PDF parser could allow an attacker to cause a denial of service (crash) or influence program flow via a crafted file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-15T20:14:33.985028", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "GLSA-201811-15", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/201811-15", }, { url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5596", }, { url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5600", }, { name: "DSA-4334", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2018/dsa-4334", }, { url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5610", }, { url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5609", }, { url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=83d4dae44c71816c084a635550acc1a51529b881%3Bhp=f597300439e62f5e921f0d7b1e880b5c1a1f1607", }, { url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5603", }, { url: "https://bugs.ghostscript.com/show_bug.cgi?id=699086", }, { url: "https://bugs.ghostscript.com/show_bug.cgi?id=698904", }, { url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=ace9e69017c08e1e4ce5912014177414c0382004", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-1000040", datePublished: "2018-05-24T13:00:00", dateReserved: "2018-02-02T00:00:00", dateUpdated: "2024-08-05T12:33:48.855Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-8728
Vulnerability from cvelistv5
Published
2018-04-24 19:00
Modified
2024-09-16 18:13
Severity ?
EPSS score ?
Summary
An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. A specially crafted PDF file can cause a out of bounds write resulting in heap metadata and sensitive process memory corruption leading to potential code execution. Victim needs to open the specially crafted file in a vulnerable reader in order to trigger this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0242 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Artifex Software Inc. | MuPDF |
Version: 1.10-rc1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-09-12T17:04:07.312Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { url: "https://bugs.ghostscript.com/show_bug.cgi?id=697395", }, { url: "http://www.ghostscript.com/cgi-bin/findgit.cgi?0c86abf954ca4a5f00c26f6600acac93f9fc3538", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0242", }, ], title: "CVE Program Container", x_generator: { engine: "ADPogram 0.0.1", }, }, { metrics: [ { other: { content: { id: "CVE-2016-8728", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-09-13T14:17:22.432725Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-13T14:17:35.229Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "MuPDF", vendor: "Artifex Software Inc.", versions: [ { status: "affected", version: "1.10-rc1", }, ], }, ], datePublic: "2017-05-15T00:00:00", descriptions: [ { lang: "en", value: "An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. A specially crafted PDF file can cause a out of bounds write resulting in heap metadata and sensitive process memory corruption leading to potential code execution. Victim needs to open the specially crafted file in a vulnerable reader in order to trigger this vulnerability.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "Out of bounds Write", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-19T19:17:03", orgId: "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", shortName: "talos", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0242", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "talos-cna@cisco.com", DATE_PUBLIC: "2017-05-15T00:00:00", ID: "CVE-2016-8728", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "MuPDF", version: { version_data: [ { version_value: "1.10-rc1", }, ], }, }, ], }, vendor_name: "Artifex Software Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. A specially crafted PDF file can cause a out of bounds write resulting in heap metadata and sensitive process memory corruption leading to potential code execution. Victim needs to open the specially crafted file in a vulnerable reader in order to trigger this vulnerability.", }, ], }, impact: { cvss: { baseScore: 8.6, baseSeverity: "High", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Out of bounds Write", }, ], }, ], }, references: { reference_data: [ { name: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0242", refsource: "MISC", url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0242", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", assignerShortName: "talos", cveId: "CVE-2016-8728", datePublished: "2018-04-24T19:00:00Z", dateReserved: "2016-10-17T00:00:00", dateUpdated: "2024-09-16T18:13:38.660Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-19777
Vulnerability from cvelistv5
Published
2018-11-30 09:00
Modified
2024-09-12 16:40
Severity ?
EPSS score ?
Summary
In Artifex MuPDF 1.14.0, there is an infinite loop in the function svg_dev_end_tile in fitz/svg-device.c, as demonstrated by mutool.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T11:44:20.542Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=700301", }, { name: "FEDORA-2019-10f02ad597", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUXKCY35PKC32IFHN4RBUCZ75OWEYVJH/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-11-29T00:00:00", descriptions: [ { lang: "en", value: "In Artifex MuPDF 1.14.0, there is an infinite loop in the function svg_dev_end_tile in fitz/svg-device.c, as demonstrated by mutool.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-12T16:40:14.133869", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://bugs.ghostscript.com/show_bug.cgi?id=700301", }, { name: "FEDORA-2019-10f02ad597", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUXKCY35PKC32IFHN4RBUCZ75OWEYVJH/", }, { url: "http://www.ghostscript.com/cgi-bin/findgit.cgi?754ac68f119e0c25cd33c5d652d8aabd533a9fb3", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-19777", datePublished: "2018-11-30T09:00:00", dateReserved: "2018-11-29T00:00:00", dateUpdated: "2024-09-12T16:40:14.133869", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-51106
Vulnerability from cvelistv5
Published
2023-12-26 00:00
Modified
2024-08-02 22:32
Severity ?
EPSS score ?
Summary
A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in function pnm_binary_read_image() of load-pnm.c when fz_colorspace_n returns zero.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T22:32:09.075Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in function pnm_binary_read_image() of load-pnm.c when fz_colorspace_n returns zero.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-03-18T03:34:48.582703", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-51106", datePublished: "2023-12-26T00:00:00", dateReserved: "2023-12-18T00:00:00", dateUpdated: "2024-08-02T22:32:09.075Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-6131
Vulnerability from cvelistv5
Published
2019-01-11 05:00
Modified
2024-09-11 15:59
Severity ?
EPSS score ?
Summary
svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack consumption in svg_run_use_symbol, svg_run_element, and svg_run_use, as demonstrated by mutool.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:16:24.548Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=700442", }, { name: "106558", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/106558", }, { name: "FEDORA-2019-befe3bd225", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SEK2EHVNREJ7XZMFF2MXRWKIF4IBHPNE/", }, { name: "FEDORA-2019-15af6a9a07", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNJNEX5EW6YH5OARXXSSXW4HHC5PIBSY/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2019-01-10T00:00:00", descriptions: [ { lang: "en", value: "svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack consumption in svg_run_use_symbol, svg_run_element, and svg_run_use, as demonstrated by mutool.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-11T15:59:51.603081", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://bugs.ghostscript.com/show_bug.cgi?id=700442", }, { name: "106558", tags: [ "vdb-entry", ], url: "http://www.securityfocus.com/bid/106558", }, { name: "FEDORA-2019-befe3bd225", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SEK2EHVNREJ7XZMFF2MXRWKIF4IBHPNE/", }, { name: "FEDORA-2019-15af6a9a07", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNJNEX5EW6YH5OARXXSSXW4HHC5PIBSY/", }, { url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=c8f7e48ff74720a5e984ae19d978a5ab4d5dde5b", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-6131", datePublished: "2019-01-11T05:00:00", dateReserved: "2019-01-10T00:00:00", dateUpdated: "2024-09-11T15:59:51.603081", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-8674
Vulnerability from cvelistv5
Published
2017-02-15 21:00
Modified
2024-08-06 02:27
Severity ?
EPSS score ?
Summary
The pdf_to_num function in pdf-object.c in MuPDF before 1.10 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1385685 | x_refsource_CONFIRM | |
| https://bugs.ghostscript.com/show_bug.cgi?id=697019 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/93127 | vdb-entry, x_refsource_BID | |
| http://www.debian.org/security/2017/dsa-3797 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.openwall.com/lists/oss-security/2016/10/16/8 | mailing-list, x_refsource_MLIST | |
| https://bugs.ghostscript.com/show_bug.cgi?id=697015 | x_refsource_CONFIRM | |
| http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=1e03c06456d997435019fb3526fa2d4be7dbc6ec | x_refsource_CONFIRM | |
| https://blogs.gentoo.org/ago/2016/09/22/mupdf-use-after-free-in-pdf_to_num-pdf-object-c/ | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T02:27:41.259Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1385685", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=697019", }, { name: "93127", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/93127", }, { name: "DSA-3797", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2017/dsa-3797", }, { name: "[oss-security] 20161015 Re: mupdf: use-after-free in pdf_to_num (pdf-object.c)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/10/16/8", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=697015", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=1e03c06456d997435019fb3526fa2d4be7dbc6ec", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://blogs.gentoo.org/ago/2016/09/22/mupdf-use-after-free-in-pdf_to_num-pdf-object-c/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-10-15T00:00:00", descriptions: [ { lang: "en", value: "The pdf_to_num function in pdf-object.c in MuPDF before 1.10 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-11-03T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1385685", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=697019", }, { name: "93127", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/93127", }, { name: "DSA-3797", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2017/dsa-3797", }, { name: "[oss-security] 20161015 Re: mupdf: use-after-free in pdf_to_num (pdf-object.c)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/10/16/8", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=697015", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=1e03c06456d997435019fb3526fa2d4be7dbc6ec", }, { tags: [ "x_refsource_MISC", ], url: "https://blogs.gentoo.org/ago/2016/09/22/mupdf-use-after-free-in-pdf_to_num-pdf-object-c/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-8674", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The pdf_to_num function in pdf-object.c in MuPDF before 1.10 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1385685", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1385685", }, { name: "https://bugs.ghostscript.com/show_bug.cgi?id=697019", refsource: "CONFIRM", url: "https://bugs.ghostscript.com/show_bug.cgi?id=697019", }, { name: "93127", refsource: "BID", url: "http://www.securityfocus.com/bid/93127", }, { name: "DSA-3797", refsource: "DEBIAN", url: "http://www.debian.org/security/2017/dsa-3797", }, { name: "[oss-security] 20161015 Re: mupdf: use-after-free in pdf_to_num (pdf-object.c)", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2016/10/16/8", }, { name: "https://bugs.ghostscript.com/show_bug.cgi?id=697015", refsource: "CONFIRM", url: "https://bugs.ghostscript.com/show_bug.cgi?id=697015", }, { name: "http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=1e03c06456d997435019fb3526fa2d4be7dbc6ec", refsource: "CONFIRM", url: "http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=1e03c06456d997435019fb3526fa2d4be7dbc6ec", }, { name: "https://blogs.gentoo.org/ago/2016/09/22/mupdf-use-after-free-in-pdf_to_num-pdf-object-c/", refsource: "MISC", url: "https://blogs.gentoo.org/ago/2016/09/22/mupdf-use-after-free-in-pdf_to_num-pdf-object-c/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-8674", datePublished: "2017-02-15T21:00:00", dateReserved: "2016-10-15T00:00:00", dateUpdated: "2024-08-06T02:27:41.259Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-1000038
Vulnerability from cvelistv5
Published
2018-05-24 13:00
Modified
2024-08-05 12:33
Severity ?
EPSS score ?
Summary
In Artifex MuPDF 1.12.0 and earlier, a stack buffer overflow in function pdf_lookup_cmap_full in pdf/pdf-cmap.c could allow an attacker to execute arbitrary code via a crafted file.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T12:33:48.901Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "GLSA-201811-15", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/201811-15", }, { tags: [ "x_transferred", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=71ceebcf56e682504da22c4035b39a2d451e8ffd%3Bhp=7f82c01523505052615492f8e220f4348ba46995", }, { tags: [ "x_transferred", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5494", }, { tags: [ "x_transferred", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=f597300439e62f5e921f0d7b1e880b5c1a1f1607%3Bhp=093fc3b098dc5fadef5d8ad4b225db9fb124758b", }, { tags: [ "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698884", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], dateAssigned: "2018-05-18T00:00:00", datePublic: "2018-05-24T00:00:00", descriptions: [ { lang: "en", value: "In Artifex MuPDF 1.12.0 and earlier, a stack buffer overflow in function pdf_lookup_cmap_full in pdf/pdf-cmap.c could allow an attacker to execute arbitrary code via a crafted file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-15T20:28:19.253891", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "GLSA-201811-15", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/201811-15", }, { url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=71ceebcf56e682504da22c4035b39a2d451e8ffd%3Bhp=7f82c01523505052615492f8e220f4348ba46995", }, { url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5494", }, { url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=f597300439e62f5e921f0d7b1e880b5c1a1f1607%3Bhp=093fc3b098dc5fadef5d8ad4b225db9fb124758b", }, { url: "https://bugs.ghostscript.com/show_bug.cgi?id=698884", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-1000038", datePublished: "2018-05-24T13:00:00", dateReserved: "2018-02-02T00:00:00", dateUpdated: "2024-08-05T12:33:48.901Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-16647
Vulnerability from cvelistv5
Published
2018-09-06 23:00
Modified
2024-09-12 16:17
Severity ?
EPSS score ?
Summary
In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation fault in fz_write_data in fitz/output.c) via a crafted pdf file.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T10:32:53.557Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=699686", }, { name: "[debian-lts-announce] 20200725 [SECURITY] [DLA 2289-1] mupdf security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00019.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-09-06T00:00:00", descriptions: [ { lang: "en", value: "In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation fault in fz_write_data in fitz/output.c) via a crafted pdf file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-12T16:17:15.479381", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://bugs.ghostscript.com/show_bug.cgi?id=699686", }, { name: "[debian-lts-announce] 20200725 [SECURITY] [DLA 2289-1] mupdf security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00019.html", }, { url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=351c99d8ce23bbf7099dbd52771a095f67e45a2c", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-16647", datePublished: "2018-09-06T23:00:00", dateReserved: "2018-09-06T00:00:00", dateUpdated: "2024-09-12T16:17:15.479381", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-4216
Vulnerability from cvelistv5
Published
2022-08-26 15:25
Modified
2024-08-03 17:16
Severity ?
EPSS score ?
Summary
A Floating point exception (division-by-zero) flaw was found in Mupdf for zero width pages in muraster.c. It is fixed in Mupdf-1.20.0-rc1 upstream.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.ghostscript.com/show_bug.cgi?id=704834 | x_refsource_MISC | |
| https://github.com/ArtifexSoftware/mupdf/commit/22c47acbd52949421f8c7cb46ea1556827d0fcbf | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T17:16:04.307Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=704834", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/ArtifexSoftware/mupdf/commit/22c47acbd52949421f8c7cb46ea1556827d0fcbf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "mupdf", vendor: "n/a", versions: [ { status: "affected", version: "Fixed in v1.20.0-rc1", }, ], }, ], descriptions: [ { lang: "en", value: "A Floating point exception (division-by-zero) flaw was found in Mupdf for zero width pages in muraster.c. It is fixed in Mupdf-1.20.0-rc1 upstream.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-369", description: "CWE-369 - Divide By Zero", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-26T15:25:43", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=704834", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/ArtifexSoftware/mupdf/commit/22c47acbd52949421f8c7cb46ea1556827d0fcbf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2021-4216", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "mupdf", version: { version_data: [ { version_value: "Fixed in v1.20.0-rc1", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A Floating point exception (division-by-zero) flaw was found in Mupdf for zero width pages in muraster.c. It is fixed in Mupdf-1.20.0-rc1 upstream.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-369 - Divide By Zero", }, ], }, ], }, references: { reference_data: [ { name: "https://bugs.ghostscript.com/show_bug.cgi?id=704834", refsource: "MISC", url: "https://bugs.ghostscript.com/show_bug.cgi?id=704834", }, { name: "https://github.com/ArtifexSoftware/mupdf/commit/22c47acbd52949421f8c7cb46ea1556827d0fcbf", refsource: "MISC", url: "https://github.com/ArtifexSoftware/mupdf/commit/22c47acbd52949421f8c7cb46ea1556827d0fcbf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2021-4216", datePublished: "2022-08-26T15:25:43", dateReserved: "2022-01-27T00:00:00", dateUpdated: "2024-08-03T17:16:04.307Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-1000039
Vulnerability from cvelistv5
Published
2018-05-24 13:00
Modified
2024-08-05 12:33
Severity ?
EPSS score ?
Summary
In Artifex MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an attacker to execute arbitrary code, read memory, or cause a denial of service via a crafted file.
References
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, }, { other: { content: { id: "CVE-2018-1000039", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-07-12T14:08:09.932447Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-12T14:09:09.279Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-05T12:33:48.769Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "GLSA-201811-15", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/201811-15", }, { tags: [ "x_transferred", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=4dcc6affe04368461310a21238f7e1871a752a05%3Bhp=8ec561d1bccc46e9db40a9f61310cd8b3763914e", }, { tags: [ "x_transferred", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=71ceebcf56e682504da22c4035b39a2d451e8ffd%3Bhp=7f82c01523505052615492f8e220f4348ba46995", }, { tags: [ "x_transferred", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5492", }, { tags: [ "x_transferred", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5521", }, { tags: [ "x_transferred", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5604", }, { tags: [ "x_transferred", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=f597300439e62f5e921f0d7b1e880b5c1a1f1607%3Bhp=093fc3b098dc5fadef5d8ad4b225db9fb124758b", }, { tags: [ "x_transferred", ], url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5513", }, { tags: [ "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698883", }, { tags: [ "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698888", }, { tags: [ "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698891", }, { tags: [ "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698892", }, { tags: [ "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698901", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], dateAssigned: "2018-05-18T00:00:00", datePublic: "2018-02-24T00:00:00", descriptions: [ { lang: "en", value: "In Artifex MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an attacker to execute arbitrary code, read memory, or cause a denial of service via a crafted file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-15T20:16:08.711862", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "GLSA-201811-15", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/201811-15", }, { url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=4dcc6affe04368461310a21238f7e1871a752a05%3Bhp=8ec561d1bccc46e9db40a9f61310cd8b3763914e", }, { url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=71ceebcf56e682504da22c4035b39a2d451e8ffd%3Bhp=7f82c01523505052615492f8e220f4348ba46995", }, { url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5492", }, { url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5521", }, { url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5604", }, { url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=f597300439e62f5e921f0d7b1e880b5c1a1f1607%3Bhp=093fc3b098dc5fadef5d8ad4b225db9fb124758b", }, { url: "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5513", }, { url: "https://bugs.ghostscript.com/show_bug.cgi?id=698883", }, { url: "https://bugs.ghostscript.com/show_bug.cgi?id=698888", }, { url: "https://bugs.ghostscript.com/show_bug.cgi?id=698891", }, { url: "https://bugs.ghostscript.com/show_bug.cgi?id=698892", }, { url: "https://bugs.ghostscript.com/show_bug.cgi?id=698901", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-1000039", datePublished: "2018-05-24T13:00:00", dateReserved: "2018-02-02T00:00:00", dateUpdated: "2024-08-05T12:33:48.769Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-6265
Vulnerability from cvelistv5
Published
2016-09-22 15:00
Modified
2024-08-06 01:22
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in the pdf_load_xref function in pdf/pdf-xref.c in MuPDF allows remote attackers to cause a denial of service (crash) via a crafted PDF file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://git.ghostscript.com/?p=mupdf.git%3Bh=fa1936405b6a84e5c9bb440912c23d532772f958 | x_refsource_CONFIRM | |
| http://www.debian.org/security/2016/dsa-3655 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.securityfocus.com/bid/92071 | vdb-entry, x_refsource_BID | |
| http://lists.opensuse.org/opensuse-updates/2016-08/msg00007.html | vendor-advisory, x_refsource_SUSE | |
| http://bugs.ghostscript.com/show_bug.cgi?id=696941 | x_refsource_CONFIRM | |
| https://security.gentoo.org/glsa/201702-12 | vendor-advisory, x_refsource_GENTOO | |
| http://www.openwall.com/lists/oss-security/2016/07/21/7 | mailing-list, x_refsource_MLIST |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:22:20.646Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=fa1936405b6a84e5c9bb440912c23d532772f958", }, { name: "DSA-3655", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3655", }, { name: "92071", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/92071", }, { name: "openSUSE-SU-2016:1926", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2016-08/msg00007.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://bugs.ghostscript.com/show_bug.cgi?id=696941", }, { name: "GLSA-201702-12", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201702-12", }, { name: "[oss-security] 20160721 Re: mupdf library use after free", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/07/21/7", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-07-21T00:00:00", descriptions: [ { lang: "en", value: "Use-after-free vulnerability in the pdf_load_xref function in pdf/pdf-xref.c in MuPDF allows remote attackers to cause a denial of service (crash) via a crafted PDF file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-11-03T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=fa1936405b6a84e5c9bb440912c23d532772f958", }, { name: "DSA-3655", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3655", }, { name: "92071", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/92071", }, { name: "openSUSE-SU-2016:1926", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2016-08/msg00007.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://bugs.ghostscript.com/show_bug.cgi?id=696941", }, { name: "GLSA-201702-12", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201702-12", }, { name: "[oss-security] 20160721 Re: mupdf library use after free", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/07/21/7", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-6265", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Use-after-free vulnerability in the pdf_load_xref function in pdf/pdf-xref.c in MuPDF allows remote attackers to cause a denial of service (crash) via a crafted PDF file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://git.ghostscript.com/?p=mupdf.git;h=fa1936405b6a84e5c9bb440912c23d532772f958", refsource: "CONFIRM", url: "http://git.ghostscript.com/?p=mupdf.git;h=fa1936405b6a84e5c9bb440912c23d532772f958", }, { name: "DSA-3655", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3655", }, { name: "92071", refsource: "BID", url: "http://www.securityfocus.com/bid/92071", }, { name: "openSUSE-SU-2016:1926", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2016-08/msg00007.html", }, { name: "http://bugs.ghostscript.com/show_bug.cgi?id=696941", refsource: "CONFIRM", url: "http://bugs.ghostscript.com/show_bug.cgi?id=696941", }, { name: "GLSA-201702-12", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201702-12", }, { name: "[oss-security] 20160721 Re: mupdf library use after free", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2016/07/21/7", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-6265", datePublished: "2016-09-22T15:00:00", dateReserved: "2016-07-21T00:00:00", dateUpdated: "2024-08-06T01:22:20.646Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-15369
Vulnerability from cvelistv5
Published
2017-10-16 01:00
Modified
2024-09-17 01:35
Severity ?
EPSS score ?
Summary
The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF before 2017-09-25 mishandles a certain case where a variable may reside in a register, which allows remote attackers to cause a denial of service (Fitz fz_drop_imp use-after-free and application crash) or possibly have unspecified other impact via a crafted PDF document.
References
| ▼ | URL | Tags |
|---|---|---|
| http://git.ghostscript.com/?p=mupdf.git%3Bh=c2663e51238ec8256da7fc61ad580db891d9fe9a | x_refsource_CONFIRM | |
| https://bugs.ghostscript.com/show_bug.cgi?id=698592 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:57:25.619Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=c2663e51238ec8256da7fc61ad580db891d9fe9a", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698592", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF before 2017-09-25 mishandles a certain case where a variable may reside in a register, which allows remote attackers to cause a denial of service (Fitz fz_drop_imp use-after-free and application crash) or possibly have unspecified other impact via a crafted PDF document.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-16T01:00:00Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=c2663e51238ec8256da7fc61ad580db891d9fe9a", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698592", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-15369", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF before 2017-09-25 mishandles a certain case where a variable may reside in a register, which allows remote attackers to cause a denial of service (Fitz fz_drop_imp use-after-free and application crash) or possibly have unspecified other impact via a crafted PDF document.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://git.ghostscript.com/?p=mupdf.git;h=c2663e51238ec8256da7fc61ad580db891d9fe9a", refsource: "CONFIRM", url: "http://git.ghostscript.com/?p=mupdf.git;h=c2663e51238ec8256da7fc61ad580db891d9fe9a", }, { name: "https://bugs.ghostscript.com/show_bug.cgi?id=698592", refsource: "CONFIRM", url: "https://bugs.ghostscript.com/show_bug.cgi?id=698592", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-15369", datePublished: "2017-10-16T01:00:00Z", dateReserved: "2017-10-15T00:00:00Z", dateUpdated: "2024-09-17T01:35:48.232Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-3407
Vulnerability from cvelistv5
Published
2021-02-23 22:04
Modified
2025-02-13 16:28
Severity ?
EPSS score ?
Summary
A flaw was found in mupdf 1.18.0. Double free of object during linearization may lead to memory corruption and other potential consequences.
References
| ▼ | URL | Tags |
|---|---|---|
| http://git.ghostscript.com/?p=mupdf.git%3Bh=cee7cefc610d42fd383b3c80c12cbc675443176a | x_refsource_MISC | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LCADE3VSPWCGTE5BV4KL273R5VK3GDKM/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M44PNYCBL33OD7GC75XNE6CDS4VSGVWO/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.debian.org/debian-lts-announce/2021/03/msg00012.html | mailing-list, x_refsource_MLIST | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLC6MPH7YS6JPU427XOFRLF3KKZQUZJN/ | vendor-advisory, x_refsource_FEDORA | |
| https://security.gentoo.org/glsa/202105-30 | vendor-advisory, x_refsource_GENTOO | |
| https://bugs.ghostscript.com/show_bug.cgi?id=703366 |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:artifex:mupdf:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "mupdf", vendor: "artifex", versions: [ { lessThan: "1.18.0", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2021-3407", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-07-22T15:23:10.706114Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-22T15:24:31.305Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-03T16:53:17.534Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=cee7cefc610d42fd383b3c80c12cbc675443176a", }, { name: "FEDORA-2021-d8e6f014e5", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LCADE3VSPWCGTE5BV4KL273R5VK3GDKM/", }, { name: "FEDORA-2021-572bb0f886", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M44PNYCBL33OD7GC75XNE6CDS4VSGVWO/", }, { name: "[debian-lts-announce] 20210311 [SECURITY] [DLA 2589-1] mupdf security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00012.html", }, { name: "FEDORA-2021-baeaa7bccb", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLC6MPH7YS6JPU427XOFRLF3KKZQUZJN/", }, { name: "GLSA-202105-30", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202105-30", }, { tags: [ "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=703366", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "mupdf", vendor: "n/a", versions: [ { status: "affected", version: "mupdf 1.18.0", }, ], }, ], descriptions: [ { lang: "en", value: "A flaw was found in mupdf 1.18.0. Double free of object during linearization may lead to memory corruption and other potential consequences.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-415", description: "CWE-415", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-17T21:08:41.283Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=cee7cefc610d42fd383b3c80c12cbc675443176a", }, { name: "FEDORA-2021-d8e6f014e5", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LCADE3VSPWCGTE5BV4KL273R5VK3GDKM/", }, { name: "FEDORA-2021-572bb0f886", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M44PNYCBL33OD7GC75XNE6CDS4VSGVWO/", }, { name: "[debian-lts-announce] 20210311 [SECURITY] [DLA 2589-1] mupdf security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00012.html", }, { name: "FEDORA-2021-baeaa7bccb", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLC6MPH7YS6JPU427XOFRLF3KKZQUZJN/", }, { name: "GLSA-202105-30", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202105-30", }, { url: "https://bugs.ghostscript.com/show_bug.cgi?id=703366", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2021-3407", datePublished: "2021-02-23T22:04:15.000Z", dateReserved: "2021-02-09T00:00:00.000Z", dateUpdated: "2025-02-13T16:28:22.945Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2011-0341
Vulnerability from cvelistv5
Published
2011-05-13 17:00
Modified
2024-09-16 15:43
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in the pdfmoz_onmouse function in apps/mozilla/moz_main.c in the MuPDF plug-in 2008.09.02 for Firefox allows remote attackers to execute arbitrary code via a crafted web site.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.osvdb.org/72177 | vdb-entry, x_refsource_OSVDB | |
| http://secunia.com/secunia_research/2011-38/ | x_refsource_MISC | |
| http://secunia.com/advisories/43739 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2011/1191 | vdb-entry, x_refsource_VUPEN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/67298 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/47739 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-09-16T15:43:03.955Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { url: "https://bugs.ghostscript.com/show_bug.cgi?id=708029", }, { url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=d2de9cee6036b997e536a0c0384b88b38e523e56", }, { name: "72177", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/72177", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://secunia.com/secunia_research/2011-38/", }, { name: "43739", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/43739", }, { name: "ADV-2011-1191", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2011/1191", }, { name: "mupdf-pdfmozonmouse-bo(67298)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/67298", }, { name: "47739", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/47739", }, ], title: "CVE Program Container", x_generator: { engine: "ADPogram 0.0.1", }, }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2011-05-06T00:00:00", descriptions: [ { lang: "en", value: "Stack-based buffer overflow in the pdfmoz_onmouse function in apps/mozilla/moz_main.c in the MuPDF plug-in 2008.09.02 for Firefox allows remote attackers to execute arbitrary code via a crafted web site.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-16T14:57:01", orgId: "44d08088-2bea-4760-83a6-1e9be26b15ab", shortName: "flexera", }, references: [ { name: "72177", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/72177", }, { tags: [ "x_refsource_MISC", ], url: "http://secunia.com/secunia_research/2011-38/", }, { name: "43739", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/43739", }, { name: "ADV-2011-1191", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2011/1191", }, { name: "mupdf-pdfmozonmouse-bo(67298)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/67298", }, { name: "47739", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/47739", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "PSIRT-CNA@flexerasoftware.com", ID: "CVE-2011-0341", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Stack-based buffer overflow in the pdfmoz_onmouse function in apps/mozilla/moz_main.c in the MuPDF plug-in 2008.09.02 for Firefox allows remote attackers to execute arbitrary code via a crafted web site.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "72177", refsource: "OSVDB", url: "http://www.osvdb.org/72177", }, { name: "http://secunia.com/secunia_research/2011-38/", refsource: "MISC", url: "http://secunia.com/secunia_research/2011-38/", }, { name: "43739", refsource: "SECUNIA", url: "http://secunia.com/advisories/43739", }, { name: "ADV-2011-1191", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2011/1191", }, { name: "mupdf-pdfmozonmouse-bo(67298)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/67298", }, { name: "47739", refsource: "BID", url: "http://www.securityfocus.com/bid/47739", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "44d08088-2bea-4760-83a6-1e9be26b15ab", assignerShortName: "flexera", cveId: "CVE-2011-0341", datePublished: "2011-05-13T17:00:00", dateReserved: "2011-01-06T00:00:00", dateUpdated: "2024-09-16T15:43:03.955Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-51107
Vulnerability from cvelistv5
Published
2023-12-26 00:00
Modified
2024-09-09 19:51
Severity ?
EPSS score ?
Summary
A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in functon compute_color() of jquant2.c. NOTE: this is disputed by the supplier because there was not reasonable evidence to determine the existence of a vulnerability or identify the affected product.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T22:32:09.178Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-51107", options: [ { Exploitation: "poc", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-03-04T20:53:13.214882Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-369", description: "CWE-369 Divide By Zero", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-09T19:51:58.956Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in functon compute_color() of jquant2.c. NOTE: this is disputed by the supplier because there was not reasonable evidence to determine the existence of a vulnerability or identify the affected product.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-12T12:35:10.922946", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md", }, ], tags: [ "disputed", ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-51107", datePublished: "2023-12-26T00:00:00", dateReserved: "2023-12-18T00:00:00", dateUpdated: "2024-09-09T19:51:58.956Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-31794
Vulnerability from cvelistv5
Published
2023-10-31 00:00
Modified
2024-09-05 20:10
Severity ?
EPSS score ?
Summary
MuPDF v1.21.1 was discovered to contain an infinite recursion in the component pdf_mark_list_push. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:56:35.558Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=706506", }, { tags: [ "x_transferred", ], url: "https://git.ghostscript.com/?p=mupdf.git%3Bh=c0015401693b58e2deb5d75c39f27bc1216e47c6", }, { tags: [ "x_transferred", ], url: "https://gist.github.com/spookhorror/c770d118767b1b0d89fdfe2845169d06", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-31794", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-05T20:09:53.180816Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-05T20:10:31.097Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "MuPDF v1.21.1 was discovered to contain an infinite recursion in the component pdf_mark_list_push. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-31T00:44:26.807148", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://bugs.ghostscript.com/show_bug.cgi?id=706506", }, { url: "https://git.ghostscript.com/?p=mupdf.git%3Bh=c0015401693b58e2deb5d75c39f27bc1216e47c6", }, { url: "https://gist.github.com/spookhorror/c770d118767b1b0d89fdfe2845169d06", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-31794", datePublished: "2023-10-31T00:00:00", dateReserved: "2023-04-29T00:00:00", dateUpdated: "2024-09-05T20:10:31.097Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-14686
Vulnerability from cvelistv5
Published
2017-09-22 06:00
Modified
2024-08-05 19:34
Severity ?
EPSS score ?
Summary
Artifex MuPDF 1.11 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV near NULL starting at wow64!Wow64NotifyDebugger+0x000000000000001d" on Windows. This occurs because read_zip_dir_imp in fitz/unzip.c does not check whether size fields in a ZIP entry are negative numbers.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.debian.org/security/2017/dsa-4006 | vendor-advisory, x_refsource_DEBIAN | |
| http://git.ghostscript.com/?p=mupdf.git%3Bh=0f0fbc07d9be31f5e83ec5328d7311fdfd8328b1 | x_refsource_MISC | |
| https://bugs.ghostscript.com/show_bug.cgi?id=698540 | x_refsource_MISC | |
| https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14686 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:34:39.459Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "DSA-4006", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2017/dsa-4006", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=0f0fbc07d9be31f5e83ec5328d7311fdfd8328b1", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698540", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14686", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-09-22T00:00:00", descriptions: [ { lang: "en", value: "Artifex MuPDF 1.11 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a \"User Mode Write AV near NULL starting at wow64!Wow64NotifyDebugger+0x000000000000001d\" on Windows. This occurs because read_zip_dir_imp in fitz/unzip.c does not check whether size fields in a ZIP entry are negative numbers.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-11-04T09:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "DSA-4006", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2017/dsa-4006", }, { tags: [ "x_refsource_MISC", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Bh=0f0fbc07d9be31f5e83ec5328d7311fdfd8328b1", }, { tags: [ "x_refsource_MISC", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698540", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14686", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-14686", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Artifex MuPDF 1.11 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a \"User Mode Write AV near NULL starting at wow64!Wow64NotifyDebugger+0x000000000000001d\" on Windows. This occurs because read_zip_dir_imp in fitz/unzip.c does not check whether size fields in a ZIP entry are negative numbers.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "DSA-4006", refsource: "DEBIAN", url: "http://www.debian.org/security/2017/dsa-4006", }, { name: "http://git.ghostscript.com/?p=mupdf.git;h=0f0fbc07d9be31f5e83ec5328d7311fdfd8328b1", refsource: "MISC", url: "http://git.ghostscript.com/?p=mupdf.git;h=0f0fbc07d9be31f5e83ec5328d7311fdfd8328b1", }, { name: "https://bugs.ghostscript.com/show_bug.cgi?id=698540", refsource: "MISC", url: "https://bugs.ghostscript.com/show_bug.cgi?id=698540", }, { name: "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14686", refsource: "MISC", url: "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14686", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-14686", datePublished: "2017-09-22T06:00:00", dateReserved: "2017-09-22T00:00:00", dateUpdated: "2024-08-05T19:34:39.459Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-19881
Vulnerability from cvelistv5
Published
2018-12-06 00:00
Modified
2024-09-16 15:58
Severity ?
EPSS score ?
Summary
In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote attackers to cause a denial of service (recursive calls followed by a fitz/xml.c fz_xml_att crash from excessive stack consumption) via a crafted svg file, as demonstrated by mupdf-gl.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T11:44:20.817Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=700342", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/TeamSeri0us/pocs/tree/master/mupdf/20181203", }, { name: "FEDORA-2019-befe3bd225", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SEK2EHVNREJ7XZMFF2MXRWKIF4IBHPNE/", }, { name: "FEDORA-2019-15af6a9a07", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNJNEX5EW6YH5OARXXSSXW4HHC5PIBSY/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-12-05T00:00:00", descriptions: [ { lang: "en", value: "In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote attackers to cause a denial of service (recursive calls followed by a fitz/xml.c fz_xml_att crash from excessive stack consumption) via a crafted svg file, as demonstrated by mupdf-gl.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-16T15:58:50.373564", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://bugs.ghostscript.com/show_bug.cgi?id=700442", }, { url: "https://github.com/TeamSeri0us/pocs/tree/master/mupdf/20181203", }, { name: "FEDORA-2019-befe3bd225", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SEK2EHVNREJ7XZMFF2MXRWKIF4IBHPNE/", }, { name: "FEDORA-2019-15af6a9a07", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNJNEX5EW6YH5OARXXSSXW4HHC5PIBSY/", }, { url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=c8f7e48ff74720a5e984ae19d978a5ab4d5dde5b", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-19881", datePublished: "2018-12-06T00:00:00", dateReserved: "2018-12-05T00:00:00", dateUpdated: "2024-09-16T15:58:50.373564", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-2013
Vulnerability from cvelistv5
Published
2014-03-03 16:00
Modified
2024-08-06 09:58
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in the xps_parse_color function in xps/xps-common.c in MuPDF 1.3 and earlier allows remote attackers to execute arbitrary code via a large number of entries in the ContextColor value of the Fill attribute in a Path element.
References
| ▼ | URL | Tags |
|---|---|---|
| http://seclists.org/oss-sec/2014/q1/375 | mailing-list, x_refsource_MLIST | |
| http://lists.opensuse.org/opensuse-updates/2014-02/msg00088.html | vendor-advisory, x_refsource_SUSE | |
| http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=60dabde18d7fe12b19da8b509bdfee9cc886aafc | x_refsource_CONFIRM | |
| http://www.osvdb.org/102340 | vdb-entry, x_refsource_OSVDB | |
| http://www.hdwsec.fr/blog/mupdf.html | x_refsource_MISC | |
| http://www.debian.org/security/2014/dsa-2951 | vendor-advisory, x_refsource_DEBIAN | |
| http://bugs.ghostscript.com/show_bug.cgi?id=694957 | x_refsource_CONFIRM | |
| http://seclists.org/fulldisclosure/2014/Jan/130 | mailing-list, x_refsource_FULLDISC | |
| http://secunia.com/advisories/58904 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/65036 | vdb-entry, x_refsource_BID | |
| http://www.exploit-db.com/exploits/31090 | exploit, x_refsource_EXPLOIT-DB |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T09:58:16.235Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20140218 Re: CVE request: MuPDF Stack-based Buffer Overflow in xps_parse_color()", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://seclists.org/oss-sec/2014/q1/375", }, { name: "openSUSE-SU-2014:0309", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2014-02/msg00088.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=60dabde18d7fe12b19da8b509bdfee9cc886aafc", }, { name: "102340", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/102340", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.hdwsec.fr/blog/mupdf.html", }, { name: "DSA-2951", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-2951", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://bugs.ghostscript.com/show_bug.cgi?id=694957", }, { name: "20140120 0day - MuPDF Stack-based Buffer Overflow in xps_parse_color()", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2014/Jan/130", }, { name: "58904", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58904", }, { name: "65036", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/65036", }, { name: "31090", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "http://www.exploit-db.com/exploits/31090", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-01-20T00:00:00", descriptions: [ { lang: "en", value: "Stack-based buffer overflow in the xps_parse_color function in xps/xps-common.c in MuPDF 1.3 and earlier allows remote attackers to execute arbitrary code via a large number of entries in the ContextColor value of the Fill attribute in a Path element.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-12-28T19:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "[oss-security] 20140218 Re: CVE request: MuPDF Stack-based Buffer Overflow in xps_parse_color()", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://seclists.org/oss-sec/2014/q1/375", }, { name: "openSUSE-SU-2014:0309", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2014-02/msg00088.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=60dabde18d7fe12b19da8b509bdfee9cc886aafc", }, { name: "102340", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/102340", }, { tags: [ "x_refsource_MISC", ], url: "http://www.hdwsec.fr/blog/mupdf.html", }, { name: "DSA-2951", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-2951", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://bugs.ghostscript.com/show_bug.cgi?id=694957", }, { name: "20140120 0day - MuPDF Stack-based Buffer Overflow in xps_parse_color()", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2014/Jan/130", }, { name: "58904", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58904", }, { name: "65036", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/65036", }, { name: "31090", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "http://www.exploit-db.com/exploits/31090", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-2013", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Stack-based buffer overflow in the xps_parse_color function in xps/xps-common.c in MuPDF 1.3 and earlier allows remote attackers to execute arbitrary code via a large number of entries in the ContextColor value of the Fill attribute in a Path element.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "[oss-security] 20140218 Re: CVE request: MuPDF Stack-based Buffer Overflow in xps_parse_color()", refsource: "MLIST", url: "http://seclists.org/oss-sec/2014/q1/375", }, { name: "openSUSE-SU-2014:0309", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2014-02/msg00088.html", }, { name: "http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=60dabde18d7fe12b19da8b509bdfee9cc886aafc", refsource: "CONFIRM", url: "http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=60dabde18d7fe12b19da8b509bdfee9cc886aafc", }, { name: "102340", refsource: "OSVDB", url: "http://www.osvdb.org/102340", }, { name: "http://www.hdwsec.fr/blog/mupdf.html", refsource: "MISC", url: "http://www.hdwsec.fr/blog/mupdf.html", }, { name: "DSA-2951", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-2951", }, { name: "http://bugs.ghostscript.com/show_bug.cgi?id=694957", refsource: "CONFIRM", url: "http://bugs.ghostscript.com/show_bug.cgi?id=694957", }, { name: "20140120 0day - MuPDF Stack-based Buffer Overflow in xps_parse_color()", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2014/Jan/130", }, { name: "58904", refsource: "SECUNIA", url: "http://secunia.com/advisories/58904", }, { name: "65036", refsource: "BID", url: "http://www.securityfocus.com/bid/65036", }, { name: "31090", refsource: "EXPLOIT-DB", url: "http://www.exploit-db.com/exploits/31090", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-2013", datePublished: "2014-03-03T16:00:00", dateReserved: "2014-02-17T00:00:00", dateUpdated: "2024-08-06T09:58:16.235Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-24258
Vulnerability from cvelistv5
Published
2024-02-05 00:00
Modified
2024-08-01 23:19
Severity ?
EPSS score ?
Summary
freeglut 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddSubMenu function.
References
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-24258", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-02-07T15:30:52.703759Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-05T17:21:37.220Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T23:19:51.927Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/yinluming13579/mupdf_defects/blob/main/mupdf_detect_1.md", }, { tags: [ "x_transferred", ], url: "https://github.com/freeglut/freeglut/pull/155", }, { name: "FEDORA-2024-b69a4d75a1", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T43DAHPIWMGN54E4I6ABLHNYHZSTX7H5/", }, { name: "FEDORA-2024-0356803680", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IBAWX3HMMZVAWJZ3U6VOAYYOYJCN3IS/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "freeglut 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddSubMenu function.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-02-21T03:06:28.321905", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/yinluming13579/mupdf_defects/blob/main/mupdf_detect_1.md", }, { url: "https://github.com/freeglut/freeglut/pull/155", }, { name: "FEDORA-2024-b69a4d75a1", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T43DAHPIWMGN54E4I6ABLHNYHZSTX7H5/", }, { name: "FEDORA-2024-0356803680", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IBAWX3HMMZVAWJZ3U6VOAYYOYJCN3IS/", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2024-24258", datePublished: "2024-02-05T00:00:00", dateReserved: "2024-01-25T00:00:00", dateUpdated: "2024-08-01T23:19:51.927Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-16648
Vulnerability from cvelistv5
Published
2018-09-06 23:00
Modified
2024-09-12 16:13
Severity ?
EPSS score ?
Summary
In Artifex MuPDF 1.13.0, the fz_append_byte function in fitz/buffer.c allows remote attackers to cause a denial of service (segmentation fault) via a crafted pdf file. This is caused by a pdf/pdf-device.c pdf_dev_alpha array-index underflow.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T10:32:53.517Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=699685", }, { name: "[debian-lts-announce] 20200725 [SECURITY] [DLA 2289-1] mupdf security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00019.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-09-06T00:00:00", descriptions: [ { lang: "en", value: "In Artifex MuPDF 1.13.0, the fz_append_byte function in fitz/buffer.c allows remote attackers to cause a denial of service (segmentation fault) via a crafted pdf file. This is caused by a pdf/pdf-device.c pdf_dev_alpha array-index underflow.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-12T16:13:55.443181", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://bugs.ghostscript.com/show_bug.cgi?id=699685", }, { name: "[debian-lts-announce] 20200725 [SECURITY] [DLA 2289-1] mupdf security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00019.html", }, { url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=38f883fe129a5e89306252a4676eaaf4bc968824", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-16648", datePublished: "2018-09-06T23:00:00", dateReserved: "2018-09-06T00:00:00", dateUpdated: "2024-09-12T16:13:55.443181", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-17866
Vulnerability from cvelistv5
Published
2017-12-23 17:00
Modified
2024-08-05 21:06
Severity ?
EPSS score ?
Summary
pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain length changes when a repair operation occurs during a clean operation, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted PDF document.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.debian.org/security/2018/dsa-4334 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.ghostscript.com/cgi-bin/findgit.cgi?520cc26d18c9ee245b56e9e91f9d4fcae02be5f0 | x_refsource_CONFIRM | |
| https://bugs.ghostscript.com/show_bug.cgi?id=698699 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T21:06:49.375Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "DSA-4334", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2018/dsa-4334", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.ghostscript.com/cgi-bin/findgit.cgi?520cc26d18c9ee245b56e9e91f9d4fcae02be5f0", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698699", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-12-23T00:00:00", descriptions: [ { lang: "en", value: "pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain length changes when a repair operation occurs during a clean operation, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted PDF document.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-11-05T10:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "DSA-4334", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2018/dsa-4334", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.ghostscript.com/cgi-bin/findgit.cgi?520cc26d18c9ee245b56e9e91f9d4fcae02be5f0", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=698699", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-17866", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain length changes when a repair operation occurs during a clean operation, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted PDF document.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "DSA-4334", refsource: "DEBIAN", url: "https://www.debian.org/security/2018/dsa-4334", }, { name: "http://www.ghostscript.com/cgi-bin/findgit.cgi?520cc26d18c9ee245b56e9e91f9d4fcae02be5f0", refsource: "CONFIRM", url: "http://www.ghostscript.com/cgi-bin/findgit.cgi?520cc26d18c9ee245b56e9e91f9d4fcae02be5f0", }, { name: "https://bugs.ghostscript.com/show_bug.cgi?id=698699", refsource: "CONFIRM", url: "https://bugs.ghostscript.com/show_bug.cgi?id=698699", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-17866", datePublished: "2017-12-23T17:00:00", dateReserved: "2017-12-23T00:00:00", dateUpdated: "2024-08-05T21:06:49.375Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-51104
Vulnerability from cvelistv5
Published
2023-12-26 00:00
Modified
2024-08-02 22:32
Severity ?
EPSS score ?
Summary
A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in function pnm_binary_read_image() of load-pnm.c when span equals zero.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T22:32:09.182Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md", }, { tags: [ "x_transferred", ], url: "http://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=0c06a4e51519515615f6ab2d5b1f25da6771e1f4", }, { tags: [ "x_transferred", ], url: "https://bugs.ghostscript.com/show_bug.cgi?id=707621", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in function pnm_binary_read_image() of load-pnm.c when span equals zero.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-11T17:30:53.355494", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md", }, { url: "http://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=0c06a4e51519515615f6ab2d5b1f25da6771e1f4", }, { url: "https://bugs.ghostscript.com/show_bug.cgi?id=707621", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-51104", datePublished: "2023-12-26T00:00:00", dateReserved: "2023-12-18T00:00:00", dateUpdated: "2024-08-02T22:32:09.182Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
var-202001-0062
Vulnerability from variot
SumatraPDF 2.1.1/MuPDF 1.0 allows remote attackers to cause an Integer Overflow in the lex_number() function via a corrupt PDF file. SumatraPDF and MuPDF Contains an integer overflow vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Sumatra PDF and MuPDF are prone to an integer-overflow vulnerability because they fail to properly validate user-supplied input. An attacker can exploit this issue to execute arbitrary malicious code in the context of the affected application. Failed exploit attempts will likely crash the application. The following versions are vulnerable: MuPDF 1.0 MuPDF for iOS 1.1 Sumatra 2.1.1. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: MuPDF "pdf_repair_obj_stm()" Signedness Vulnerability
SECUNIA ADVISORY ID: SA51544
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/51544/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=51544
RELEASE DATE: 2012-12-12
DISCUSS ADVISORY: http://secunia.com/advisories/51544/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/51544/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=51544
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been discovered in MuPDF, which can be exploited by malicious people to potentially compromise a user's system.
The vulnerability is caused due to a signedness error in the "pdf_repair_obj_stm()" function (pdf/pdf_repair.c) when processing a stream and can be exploited to corrupt memory via a specially crafted length number.
Successful exploitation may allow execution of arbitrary code, but requires tricking a user into opening a malicious PDF document.
The vulnerability is confirmed in version 1.0. Prior versions may also be affected.
SOLUTION: Update to version 1.1.
PROVIDED AND/OR DISCOVERED BY: beford
ORIGINAL ADVISORY: beford: http://www.exploit-db.com/exploits/23246/
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202001-0062", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "mupdf", scope: "eq", trust: 1.8, vendor: "artifex", version: "1.0", }, { model: "sumatrapdf", scope: "eq", trust: 1, vendor: "sumatrapdfreader", version: "2.1.1", }, { model: "mupdf", scope: "eq", trust: 1, vendor: "artifex", version: "1.1", }, { model: "sumatrapdf", scope: "eq", trust: 0.8, vendor: "krzysztof kowalczyk", version: "2.1.1", }, { model: "pdf sumatra pdf", scope: "eq", trust: 0.3, vendor: "sumatra", version: "2.1.1", }, { model: "for ios", scope: "eq", trust: 0.3, vendor: "mupdf", version: "1.1", }, { model: "mupdf", scope: "eq", trust: 0.3, vendor: "mupdf", version: "1.0", }, { model: "mupdf", scope: "ne", trust: 0.3, vendor: "mupdf", version: "1.1", }, ], sources: [ { db: "BID", id: "56875", }, { db: "JVNDB", id: "JVNDB-2012-006573", }, { db: "NVD", id: "CVE-2012-5340", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "beford", sources: [ { db: "BID", id: "56875", }, { db: "CNNVD", id: "CNNVD-201212-132", }, ], trust: 0.9, }, cve: "CVE-2012-5340", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, id: "CVE-2012-5340", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 1.8, vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "LOCAL", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.8, id: "CVE-2012-5340", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Local", author: "NVD", availabilityImpact: "High", baseScore: 7.8, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2012-5340", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2012-5340", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2012-5340", trust: 0.8, value: "High", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2012-006573", }, { db: "NVD", id: "CVE-2012-5340", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "SumatraPDF 2.1.1/MuPDF 1.0 allows remote attackers to cause an Integer Overflow in the lex_number() function via a corrupt PDF file. SumatraPDF and MuPDF Contains an integer overflow vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Sumatra PDF and MuPDF are prone to an integer-overflow vulnerability because they fail to properly validate user-supplied input. \nAn attacker can exploit this issue to execute arbitrary malicious code in the context of the affected application. Failed exploit attempts will likely crash the application. \nThe following versions are vulnerable:\nMuPDF 1.0\nMuPDF for iOS 1.1\nSumatra 2.1.1. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nMuPDF \"pdf_repair_obj_stm()\" Signedness Vulnerability\n\nSECUNIA ADVISORY ID:\nSA51544\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/51544/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory&vuln_id=51544\n\nRELEASE DATE:\n2012-12-12\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/51544/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/51544/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory&vuln_id=51544\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been discovered in MuPDF, which can be exploited\nby malicious people to potentially compromise a user's system. \n\nThe vulnerability is caused due to a signedness error in the\n\"pdf_repair_obj_stm()\" function (pdf/pdf_repair.c) when processing a\nstream and can be exploited to corrupt memory via a specially crafted\nlength number. \n\nSuccessful exploitation may allow execution of arbitrary code, but\nrequires tricking a user into opening a malicious PDF document. \n\nThe vulnerability is confirmed in version 1.0. Prior versions may\nalso be affected. \n\nSOLUTION:\nUpdate to version 1.1. \n\nPROVIDED AND/OR DISCOVERED BY:\nbeford\n\nORIGINAL ADVISORY:\nbeford:\nhttp://www.exploit-db.com/exploits/23246/\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n", sources: [ { db: "NVD", id: "CVE-2012-5340", }, { db: "JVNDB", id: "JVNDB-2012-006573", }, { db: "BID", id: "56875", }, { db: "PACKETSTORM", id: "118778", }, { db: "PACKETSTORM", id: "118777", }, ], trust: 2.07, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2012-5340", trust: 2.7, }, { db: "EXPLOIT-DB", id: "23246", trust: 2.6, }, { db: "JVNDB", id: "JVNDB-2012-006573", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201212-132", trust: 0.6, }, { db: "BID", id: "56875", trust: 0.3, }, { db: "SECUNIA", id: "51544", trust: 0.2, }, { db: "SECUNIA", id: "51511", trust: 0.2, }, { db: "PACKETSTORM", id: "118778", trust: 0.1, }, { db: "PACKETSTORM", id: "118777", trust: 0.1, }, ], sources: [ { db: "BID", id: "56875", }, { db: "JVNDB", id: "JVNDB-2012-006573", }, { db: "PACKETSTORM", id: "118778", }, { db: "PACKETSTORM", id: "118777", }, { db: "CNNVD", id: "CNNVD-201212-132", }, { db: "NVD", id: "CVE-2012-5340", }, ], }, id: "VAR-202001-0062", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.16666667, }, last_update_date: "2024-09-13T23:17:49.693000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Artifex Software Krzysztof KowalczykSumatra PDF", trust: 0.8, url: "https://artifex.com/products-mupdf-overview/", }, { title: "Sumatra PDF/MuPDF lex_number() Fixes for function integer overflow vulnerability", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=108035", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2012-006573", }, { db: "CNNVD", id: "CNNVD-201212-132", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-190", trust: 1, }, { problemtype: "Integer overflow or wraparound (CWE-190) [NVD Evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2012-006573", }, { db: "NVD", id: "CVE-2012-5340", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.4, url: "http://www.exploit-db.com/exploits/23246", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2012-5340", }, { trust: 1, url: "https://bugs.ghostscript.com/show_bug.cgi?id=693371", }, { trust: 1, url: "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=f919270b6a732ff45c3ba2d0c105e2b39e9c9bc9", }, { trust: 0.3, url: "http://blog.kowalczyk.info/software/sumatrapdf/prerelease.html", }, { trust: 0.3, url: "https://www.mupdf.com/", }, { trust: 0.3, url: "http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=f919270b6a732ff45c3ba2d0c105e2b39e9c9bc9", }, { trust: 0.3, url: "http://blog.kowalczyk.info/software/sumatrapdf/free-pdf-reader.html", }, { trust: 0.2, url: "http://secunia.com/vulnerability_intelligence/", }, { trust: 0.2, url: "http://www.exploit-db.com/exploits/23246/", }, { trust: 0.2, url: "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/", }, { trust: 0.2, url: "http://secunia.com/advisories/secunia_security_advisories/", }, { trust: 0.2, url: "http://secunia.com/vulnerability_scanning/personal/", }, { trust: 0.2, url: "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org", }, { trust: 0.2, url: "http://secunia.com/blog/325/", }, { trust: 0.2, url: "http://secunia.com/advisories/about_secunia_advisories/", }, { trust: 0.1, url: "https://ca.secunia.com/?page=viewadvisory&vuln_id=51544", }, { trust: 0.1, url: "http://secunia.com/advisories/51544/#comments", }, { trust: 0.1, url: "http://secunia.com/advisories/51544/", }, { trust: 0.1, url: "https://ca.secunia.com/?page=viewadvisory&vuln_id=51511", }, { trust: 0.1, url: "http://secunia.com/advisories/51511/", }, { trust: 0.1, url: "http://secunia.com/advisories/51511/#comments", }, ], sources: [ { db: "BID", id: "56875", }, { db: "JVNDB", id: "JVNDB-2012-006573", }, { db: "PACKETSTORM", id: "118778", }, { db: "PACKETSTORM", id: "118777", }, { db: "CNNVD", id: "CNNVD-201212-132", }, { db: "NVD", id: "CVE-2012-5340", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "BID", id: "56875", }, { db: "JVNDB", id: "JVNDB-2012-006573", }, { db: "PACKETSTORM", id: "118778", }, { db: "PACKETSTORM", id: "118777", }, { db: "CNNVD", id: "CNNVD-201212-132", }, { db: "NVD", id: "CVE-2012-5340", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2012-12-09T00:00:00", db: "BID", id: "56875", }, { date: "2020-02-10T00:00:00", db: "JVNDB", id: "JVNDB-2012-006573", }, { date: "2012-12-12T10:00:36", db: "PACKETSTORM", id: "118778", }, { date: "2012-12-12T10:00:33", db: "PACKETSTORM", id: "118777", }, { date: "2012-12-12T00:00:00", db: "CNNVD", id: "CNNVD-201212-132", }, { date: "2020-01-23T22:15:09.683000", db: "NVD", id: "CVE-2012-5340", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2012-12-09T00:00:00", db: "BID", id: "56875", }, { date: "2020-02-10T00:00:00", db: "JVNDB", id: "JVNDB-2012-006573", }, { date: "2020-05-26T00:00:00", db: "CNNVD", id: "CNNVD-201212-132", }, { date: "2024-09-12T18:15:05.503000", db: "NVD", id: "CVE-2012-5340", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201212-132", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "SumatraPDF and MuPDF Vulnerable to integer overflow", sources: [ { db: "JVNDB", id: "JVNDB-2012-006573", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "input validation error", sources: [ { db: "CNNVD", id: "CNNVD-201212-132", }, ], trust: 0.6, }, }
var-201609-0097
Vulnerability from variot
Heap-based buffer overflow in the pdf_load_mesh_params function in pdf/pdf-shade.c in MuPDF allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a large decode array. MuPDF is prone to a denial-of-service vulnerability. Attackers can exploit this issue to crash the affected application, resulting in denial-of-service conditions. Due to the nature of this issue, code execution may be possible but this has not been confirmed.
Gentoo Linux Security Advisory GLSA 201702-12
https://security.gentoo.org/
Severity: Normal Title: MuPDF: Multiple vulnerabilities Date: February 19, 2017 Bugs: #589826, #590480, #608702, #608712 ID: 201702-12
Synopsis
Multiple vulnerabilities have been found in MuPDF, the worst of which allows remote attackers to execute arbitrary code.
Background
A lightweight PDF, XPS, and E-book viewer.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/mupdf < 1.10a-r1 >= 1.10a-r1
Description
Multiple vulnerabilities have been discovered in MuPDF. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open a specially crafted PDF document using MuPDF possibly resulting in the execution of arbitrary code, with the privileges of the process, or a Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All MuPDF users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/mupdf-1.10a-r1"
References
[ 1 ] CVE-2016-6265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6265 [ 2 ] CVE-2016-6525 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6525 [ 3 ] CVE-2017-5896 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5896
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201702-12
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
--SOUkjTn8b7jo7ow0H6Cwm8HAJCjaRpMjo--
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201609-0097", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "linux", scope: "eq", trust: 1.6, vendor: "debian", version: "8.0", }, { model: "mupdf", scope: "lte", trust: 1, vendor: "artifex", version: "1.9", }, { model: "mupdf", scope: null, trust: 0.8, vendor: "artifex", version: null, }, { model: "gnu/linux", scope: "eq", trust: 0.8, vendor: "debian", version: "8.0", }, { model: "mupdf", scope: "eq", trust: 0.3, vendor: "mupdf", version: "1.9", }, { model: "linux", scope: null, trust: 0.3, vendor: "gentoo", version: null, }, ], sources: [ { db: "BID", id: "92266", }, { db: "JVNDB", id: "JVNDB-2016-004846", }, { db: "CNNVD", id: "CNNVD-201608-239", }, { db: "NVD", id: "CVE-2016-6525", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:artifex:mupdf", vulnerable: true, }, { cpe22Uri: "cpe:/o:debian:debian_linux", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2016-004846", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "redrain root.", sources: [ { db: "BID", id: "92266", }, { db: "CNNVD", id: "CNNVD-201608-239", }, ], trust: 0.9, }, cve: "CVE-2016-6525", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2016-6525", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 1.8, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2016-6525", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1.8, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2016-6525", trust: 1, value: "CRITICAL", }, { author: "NVD", id: "CVE-2016-6525", trust: 0.8, value: "Critical", }, { author: "CNNVD", id: "CNNVD-201608-239", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2016-004846", }, { db: "CNNVD", id: "CNNVD-201608-239", }, { db: "NVD", id: "CVE-2016-6525", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Heap-based buffer overflow in the pdf_load_mesh_params function in pdf/pdf-shade.c in MuPDF allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a large decode array. MuPDF is prone to a denial-of-service vulnerability. \nAttackers can exploit this issue to crash the affected application, resulting in denial-of-service conditions. Due to the nature of this issue, code execution may be possible but this has not been confirmed. \n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201702-12\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: MuPDF: Multiple vulnerabilities\n Date: February 19, 2017\n Bugs: #589826, #590480, #608702, #608712\n ID: 201702-12\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in MuPDF, the worst of which\nallows remote attackers to execute arbitrary code. \n\nBackground\n==========\n\nA lightweight PDF, XPS, and E-book viewer. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/mupdf < 1.10a-r1 >= 1.10a-r1\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in MuPDF. Please review\nthe CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could entice a user to open a specially crafted PDF\ndocument using MuPDF possibly resulting in the execution of arbitrary\ncode, with the privileges of the process, or a Denial of Service\ncondition. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll MuPDF users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-text/mupdf-1.10a-r1\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-6265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6265\n[ 2 ] CVE-2016-6525\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6525\n[ 3 ] CVE-2017-5896\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5896\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201702-12\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users' machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2017 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n--SOUkjTn8b7jo7ow0H6Cwm8HAJCjaRpMjo--\n\n", sources: [ { db: "NVD", id: "CVE-2016-6525", }, { db: "JVNDB", id: "JVNDB-2016-004846", }, { db: "BID", id: "92266", }, { db: "PACKETSTORM", id: "141172", }, ], trust: 1.98, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2016-6525", trust: 2.8, }, { db: "BID", id: "92266", trust: 1.9, }, { db: "OPENWALL", id: "OSS-SECURITY/2016/08/03/8", trust: 1.6, }, { db: "JVNDB", id: "JVNDB-2016-004846", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201608-239", trust: 0.6, }, { db: "PACKETSTORM", id: "141172", trust: 0.1, }, ], sources: [ { db: "BID", id: "92266", }, { db: "JVNDB", id: "JVNDB-2016-004846", }, { db: "PACKETSTORM", id: "141172", }, { db: "CNNVD", id: "CNNVD-201608-239", }, { db: "NVD", id: "CVE-2016-6525", }, ], }, id: "VAR-201609-0097", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.16666667, }, last_update_date: "2024-11-23T21:54:28.110000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Bug 696954", trust: 0.8, url: "http://bugs.ghostscript.com/show_bug.cgi?id=696954", }, { title: "DSA-3655", trust: 0.8, url: "https://www.debian.org/security/2016/dsa-3655", }, { title: "Make sure that number of colors in mesh params is valid.", trust: 0.8, url: "http://git.ghostscript.com/?p=mupdf.git;h=39b0f07dd960f34e7e6bf230ffc3d87c41ef0f2e", }, { title: "Artifex MuPDF Remediation measures for denial of service vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=63625", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2016-004846", }, { db: "CNNVD", id: "CNNVD-201608-239", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-119", trust: 1.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2016-004846", }, { db: "NVD", id: "CVE-2016-6525", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.9, url: "http://bugs.ghostscript.com/show_bug.cgi?id=696954", }, { trust: 1.6, url: "http://www.openwall.com/lists/oss-security/2016/08/03/8", }, { trust: 1.6, url: "http://www.debian.org/security/2016/dsa-3655", }, { trust: 1.6, url: "http://www.securityfocus.com/bid/92266", }, { trust: 1.1, url: "https://security.gentoo.org/glsa/201702-12", }, { trust: 1, url: "http://git.ghostscript.com/?p=mupdf.git%3bh=39b0f07dd960f34e7e6bf230ffc3d87c41ef0f2e", }, { trust: 0.9, url: "http://git.ghostscript.com/?p=mupdf.git;h=39b0f07dd960f34e7e6bf230ffc3d87c41ef0f2e", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6525", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6525", }, { trust: 0.3, url: "http://www.mupdf.com/", }, { trust: 0.3, url: "http://seclists.org/oss-sec/2016/q3/241", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6525", }, { trust: 0.1, url: "http://creativecommons.org/licenses/by-sa/2.5", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6265", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2016-6525", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-5896", }, { trust: 0.1, url: "https://security.gentoo.org/", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2016-6265", }, { trust: 0.1, url: "https://bugs.gentoo.org.", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2017-5896", }, ], sources: [ { db: "BID", id: "92266", }, { db: "JVNDB", id: "JVNDB-2016-004846", }, { db: "PACKETSTORM", id: "141172", }, { db: "CNNVD", id: "CNNVD-201608-239", }, { db: "NVD", id: "CVE-2016-6525", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "BID", id: "92266", }, { db: "JVNDB", id: "JVNDB-2016-004846", }, { db: "PACKETSTORM", id: "141172", }, { db: "CNNVD", id: "CNNVD-201608-239", }, { db: "NVD", id: "CVE-2016-6525", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2016-08-02T00:00:00", db: "BID", id: "92266", }, { date: "2016-09-27T00:00:00", db: "JVNDB", id: "JVNDB-2016-004846", }, { date: "2017-02-20T22:47:02", db: "PACKETSTORM", id: "141172", }, { date: "2016-08-11T00:00:00", db: "CNNVD", id: "CNNVD-201608-239", }, { date: "2016-09-22T15:59:04.977000", db: "NVD", id: "CVE-2016-6525", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2017-03-07T02:05:00", db: "BID", id: "92266", }, { date: "2016-09-27T00:00:00", db: "JVNDB", id: "JVNDB-2016-004846", }, { date: "2016-09-23T00:00:00", db: "CNNVD", id: "CNNVD-201608-239", }, { date: "2024-11-21T02:56:17.617000", db: "NVD", id: "CVE-2016-6525", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "PACKETSTORM", id: "141172", }, { db: "CNNVD", id: "CNNVD-201608-239", }, ], trust: 0.7, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "MuPDF of pdf/pdf-shade.c of pdf_load_mesh_params Heap-based buffer overflow vulnerability in functions", sources: [ { db: "JVNDB", id: "JVNDB-2016-004846", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer overflow", sources: [ { db: "CNNVD", id: "CNNVD-201608-239", }, ], trust: 0.6, }, }