MuPDF through 1.18.1 has an out-of-bounds write because the cached color converter does not properly consider the maximum key size of a hash table. This can, for example, be seen with crafted "mutool draw" input.
Max CVSS
5.5
EPSS Score
0.12%
Published
2021-07-21
Updated
2021-11-28
A flaw was found in mupdf 1.18.0. Double free of object during linearization may lead to memory corruption and other potential consequences.
Max CVSS
5.5
EPSS Score
0.11%
Published
2021-02-23
Updated
2023-02-12
Artifex MuPDF before 1.18.0 has a heap based buffer over-write when parsing JBIG2 files allowing attackers to cause a denial of service.
Max CVSS
5.5
EPSS Score
0.14%
Published
2020-10-02
Updated
2022-01-06
A Use After Free vulnerability in svg_dev_text_span_as_paths_defs function in source/fitz/svg-device.c in Artifex Software MuPDF 1.16.0 allows remote attackers to cause a denial of service via opening of a crafted PDF file.
Max CVSS
5.5
EPSS Score
0.07%
Published
2023-08-22
Updated
2023-08-25
Artifex MuPDF before 1.18.0 has a heap based buffer over-write in tiff_expand_colormap() function when parsing TIFF files allowing attackers to cause a denial of service.
Max CVSS
5.5
EPSS Score
0.10%
Published
2021-07-21
Updated
2021-12-14
A Use After Free vulnerability exists in Artifex Software, Inc. MuPDF library 1.17.0-rc1 and earlier when a valid page was followed by a page with invalid pixmap dimensions, causing bander - a static - to point to previously freed memory instead of a newband_writer.
Max CVSS
7.8
EPSS Score
0.08%
Published
2020-12-09
Updated
2020-12-14
Artifex MuPDF 1.15.0 has a heap-based buffer overflow in fz_append_display_node located at fitz/list-device.c, allowing remote attackers to execute arbitrary code via a crafted PDF file. This occurs with a large BDC property name that overflows the allocated size of a display list node.
Max CVSS
7.8
EPSS Score
1.07%
Published
2019-07-04
Updated
2020-08-30
Usage of an uninitialized variable in the function fz_load_jpeg in Artifex MuPDF 1.14 can result in a heap overflow vulnerability that allows an attacker to execute arbitrary code.
Max CVSS
9.8
EPSS Score
0.45%
Published
2019-06-13
Updated
2020-08-24
Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability in fz_keep_key_storable that can result in DOS / Possible code execution. This attack appear to be exploitable via Victim opens a specially crafted PDF.
Max CVSS
7.8
EPSS Score
0.23%
Published
2018-02-09
Updated
2019-03-14
In MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an attacker to execute arbitrary code, read memory, or cause a denial of service via a crafted file.
Max CVSS
7.8
EPSS Score
0.36%
Published
2018-05-24
Updated
2019-03-14
In MuPDF 1.12.0 and earlier, a stack buffer overflow in function pdf_lookup_cmap_full in pdf/pdf-cmap.c could allow an attacker to execute arbitrary code via a crafted file.
Max CVSS
7.8
EPSS Score
0.43%
Published
2018-05-24
Updated
2020-08-24
In Artifex MuPDF 1.14.0, the svg_run_image function in svg/svg-run.c allows remote attackers to cause a denial of service (href_att NULL pointer dereference and application crash) via a crafted svg file, as demonstrated by mupdf-gl.
Max CVSS
5.5
EPSS Score
0.25%
Published
2018-12-06
Updated
2019-05-25
In Artifex MuPDF 1.13.0, the fz_append_byte function in fitz/buffer.c allows remote attackers to cause a denial of service (segmentation fault) via a crafted pdf file. This is caused by a pdf/pdf-device.c pdf_dev_alpha array-index underflow.
Max CVSS
5.5
EPSS Score
0.10%
Published
2018-09-06
Updated
2020-07-26
In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation fault in fz_write_data in fitz/output.c) via a crafted pdf file.
Max CVSS
5.5
EPSS Score
0.09%
Published
2018-09-06
Updated
2020-07-26
In Artifex MuPDF 1.12.0, there is a heap-based buffer overflow vulnerability in the do_pdf_save_document function in the pdf/pdf-write.c file. Remote attackers could leverage the vulnerability to cause a denial of service via a crafted pdf file.
Max CVSS
5.5
EPSS Score
0.13%
Published
2018-01-24
Updated
2020-08-24
The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF before 2017-09-25 mishandles a certain case where a variable may reside in a register, which allows remote attackers to cause a denial of service (Fitz fz_drop_imp use-after-free and application crash) or possibly have unspecified other impact via a crafted PDF document.
Max CVSS
7.8
EPSS Score
0.16%
Published
2017-10-16
Updated
2017-11-07
Use-after-free vulnerability in the fz_subsample_pixmap function in fitz/pixmap.c in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted document.
Max CVSS
7.8
EPSS Score
0.23%
Published
2017-03-26
Updated
2017-03-29
Stack-based buffer overflow in jstest_main.c in mujstest in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to have unspecified impact via a crafted image.
Max CVSS
7.8
EPSS Score
1.70%
Published
2017-03-15
Updated
2022-04-18
An issue was discovered in Artifex MuPDF before 1912de5f08e90af1d9d0a9791f58ba3afdb9d465. The pdf_run_xobject function in pdf-op-run.c encounters a NULL pointer dereference during a Fitz fz_paint_pixmap_with_mask painting operation. Versions 1.11 and later are unaffected.
Max CVSS
7.5
EPSS Score
2.45%
Published
2017-02-15
Updated
2022-04-18
Buffer overflow in the my_getline function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.
Max CVSS
5.5
EPSS Score
0.43%
Published
2017-03-16
Updated
2021-12-14
Buffer overflow in the main function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.
Max CVSS
5.5
EPSS Score
0.23%
Published
2017-03-16
Updated
2021-12-14
An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. A specially crafted PDF can cause a negative number to be passed to a memset resulting in memory corruption and potential code execution. An attacker can specially craft a PDF and send to the victim to trigger this vulnerability.
Max CVSS
7.8
EPSS Score
0.08%
Published
2018-04-24
Updated
2022-12-13
An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. A specially crafted PDF file can cause a out of bounds write resulting in heap metadata and sensitive process memory corruption leading to potential code execution. Victim needs to open the specially crafted file in a vulnerable reader in order to trigger this vulnerability.
Max CVSS
8.6
EPSS Score
0.08%
Published
2018-04-24
Updated
2022-12-13
The pdf_to_num function in pdf-object.c in MuPDF before 1.10 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted file.
Max CVSS
5.5
EPSS Score
0.75%
Published
2017-02-15
Updated
2017-11-04
Use-after-free vulnerability in the pdf_load_xref function in pdf/pdf-xref.c in MuPDF allows remote attackers to cause a denial of service (crash) via a crafted PDF file.
Max CVSS
5.5
EPSS Score
1.03%
Published
2016-09-22
Updated
2018-10-30
25 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!