pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain length changes when a repair operation occurs during a clean operation, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted PDF document.
Max CVSS
7.8
EPSS Score
0.63%
Published
2017-12-27
Updated
2019-03-11
In MuPDF 1.12.0, there is an infinite loop vulnerability and application hang in the pdf_parse_array function (pdf/pdf-parse.c) because EOF is not considered. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file.
Max CVSS
5.5
EPSS Score
0.30%
Published
2018-01-14
Updated
2020-01-30
In Artifex MuPDF 1.12.0, there is a heap-based buffer overflow vulnerability in the do_pdf_save_document function in the pdf/pdf-write.c file. Remote attackers could leverage the vulnerability to cause a denial of service via a crafted pdf file.
Max CVSS
5.5
EPSS Score
0.13%
Published
2018-01-24
Updated
2020-08-24
In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation violation and application crash) via a crafted pdf file.
Max CVSS
5.5
EPSS Score
0.27%
Published
2018-01-24
Updated
2019-06-28
In MuPDF 1.12.0 and earlier, multiple reachable assertions in the PDF parser allow an attacker to cause a denial of service (assert crash) via a crafted file.
Max CVSS
5.5
EPSS Score
0.22%
Published
2018-05-24
Updated
2019-03-14
In MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs in the PDF parser could allow an attacker to cause a denial of service (crash) or influence program flow via a crafted file.
Max CVSS
5.5
EPSS Score
0.22%
Published
2018-05-24
Updated
2019-03-14
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!