Vulnerability Details : CVE-2018-1000040
Potential exploit
In Artifex MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs in the PDF parser could allow an attacker to cause a denial of service (crash) or influence program flow via a crafted file.
Vulnerability category: Denial of service
Products affected by CVE-2018-1000040
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:artifex:mupdf:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-1000040
0.21%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 59 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-1000040
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:N/A:P |
8.6
|
2.9
|
NIST | |
5.5
|
MEDIUM | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
1.8
|
3.6
|
NIST |
CWE ids for CVE-2018-1000040
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-1000040
-
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5610
5610 - mupdf/pdf_fuzzer: Use-of-uninitialized-value in pdf_lex - oss-fuzz - MonorailExploit;Issue Tracking
-
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5596
5596 - mupdf/pdf_fuzzer: Use-of-uninitialized-value in fz_adjust_ft_glyph_width - oss-fuzz - MonorailExploit;Issue Tracking
-
https://security.gentoo.org/glsa/201811-15
MuPDF: Multiple vulnerabilities (GLSA 201811-15) — Gentoo securityThird Party Advisory
-
https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=ace9e69017c08e1e4ce5912014177414c0382004
mupdf.git - MuPDF library
-
https://www.debian.org/security/2018/dsa-4334
Debian -- Security Information -- DSA-4334-1 mupdfThird Party Advisory
-
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5609
5609 - mupdf/pdf_fuzzer: Use-of-uninitialized-value in fz_drop_hash_table - oss-fuzz - MonorailExploit;Issue Tracking;Patch;Third Party Advisory
-
https://bugs.ghostscript.com/show_bug.cgi?id=699086
699086 – oss-fuzz 5596: Use-of-uninitialized-value in fz_adjust_ft_glyph_width
-
http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=83d4dae44c71816c084a635550acc1a51529b881;hp=f597300439e62f5e921f0d7b1e880b5c1a1f1607
git.ghostscript.com Git - mupdf.git/commitdiffPatch
-
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5600
5600 - mupdf/pdf_fuzzer: Use-of-uninitialized-value in pdf_lex - oss-fuzz - MonorailExploit;Issue Tracking
-
https://bugs.ghostscript.com/show_bug.cgi?id=698904
698904 – oss-fuzz 5609: Claimed use-of-uninitialized value in fz_drop_hash_table()
-
http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=83d4dae44c71816c084a635550acc1a51529b881%3Bhp=f597300439e62f5e921f0d7b1e880b5c1a1f1607
git.ghostscript.com Git
-
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5603
5603 - mupdf/pdf_fuzzer: Use-of-uninitialized-value in sfnt_open_font - oss-fuzz - MonorailExploit;Issue Tracking
Jump to