CVE-2017-17858
- EPSS 2.73%
- Veröffentlicht 22.01.2018 15:29:00
- Zuletzt bearbeitet 21.11.2024 03:18:50
Heap-based buffer overflow in the ensure_solid_xref function in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 allows a remote attacker to potentially execute arbitrary code via a crafted PDF file, because xref subsection object numbers are unrestricted.
CVE-2018-5686
- EPSS 1.47%
- Veröffentlicht 14.01.2018 02:29:05
- Zuletzt bearbeitet 21.11.2024 04:09:10
In MuPDF 1.12.0, there is an infinite loop vulnerability and application hang in the pdf_parse_array function (pdf/pdf-parse.c) because EOF is not considered. Remote attackers could leverage this vulnerability to cause a denial of service via a craft...
CVE-2017-17866
- EPSS 1.58%
- Veröffentlicht 27.12.2017 17:08:20
- Zuletzt bearbeitet 13.05.2026 00:24:29
pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain length changes when a repair operation occurs during a clean operation, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly h...
CVE-2017-15587
- EPSS 1%
- Veröffentlicht 18.10.2017 08:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
An integer overflow was discovered in pdf_read_new_xref_section in pdf/pdf-xref.c in Artifex MuPDF 1.11.
CVE-2017-15369
- EPSS 1.23%
- Veröffentlicht 16.10.2017 01:29:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF before 2017-09-25 mishandles a certain case where a variable may reside in a register, which allows remote attackers to cause a denial of service (Fitz fz_drop_imp use-after-free an...
CVE-2017-14687
- EPSS 1.32%
- Veröffentlicht 22.09.2017 06:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016cb4f" on Windows. Thi...
CVE-2017-14686
- EPSS 1.86%
- Veröffentlicht 22.09.2017 06:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Artifex MuPDF 1.11 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV near NULL starting at wow64!Wow64NotifyDebugger+0x000000000000001d" on Windows. This occurs because r...
CVE-2017-14685
- EPSS 1.32%
- Veröffentlicht 22.09.2017 06:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016aa61" on Windows. Thi...
CVE-2016-10221
- EPSS 1.38%
- Veröffentlicht 03.04.2017 05:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The count_entries function in pdf-layer.c in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted PDF document.
CVE-2017-7264
- EPSS 1.44%
- Veröffentlicht 26.03.2017 05:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Use-after-free vulnerability in the fz_subsample_pixmap function in fitz/pixmap.c in Artifex MuPDF 1.10a allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted document.