Artifex

Mupdf

69 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2018-5686

Exploit
  • EPSS 0.22%
  • Veröffentlicht 14.01.2018 02:29:05
  • Zuletzt bearbeitet 21.11.2024 04:09:10

In MuPDF 1.12.0, there is an infinite loop vulnerability and application hang in the pdf_parse_array function (pdf/pdf-parse.c) because EOF is not considered. Remote attackers could leverage this vulnerability to cause a denial of service via a craft...

7.8

CVE-2017-17866

  • EPSS 0.15%
  • Veröffentlicht 27.12.2017 17:08:20
  • Zuletzt bearbeitet 13.05.2026 00:24:29

pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain length changes when a repair operation occurs during a clean operation, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly h...

7.8

CVE-2017-15587

  • EPSS 0.13%
  • Veröffentlicht 18.10.2017 08:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

An integer overflow was discovered in pdf_read_new_xref_section in pdf/pdf-xref.c in Artifex MuPDF 1.11.

7.8

CVE-2017-15369

  • EPSS 0.11%
  • Veröffentlicht 16.10.2017 01:29:01
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF before 2017-09-25 mishandles a certain case where a variable may reside in a register, which allows remote attackers to cause a denial of service (Fitz fz_drop_imp use-after-free an...

7.8

CVE-2017-14687

Exploit
  • EPSS 0.14%
  • Veröffentlicht 22.09.2017 06:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016cb4f" on Windows. Thi...

7.8

CVE-2017-14686

Exploit
  • EPSS 0.35%
  • Veröffentlicht 22.09.2017 06:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Artifex MuPDF 1.11 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV near NULL starting at wow64!Wow64NotifyDebugger+0x000000000000001d" on Windows. This occurs because r...

7.8

CVE-2017-14685

Exploit
  • EPSS 0.12%
  • Veröffentlicht 22.09.2017 06:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016aa61" on Windows. Thi...

5.5

CVE-2016-10221

Exploit
  • EPSS 0.2%
  • Veröffentlicht 03.04.2017 05:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The count_entries function in pdf-layer.c in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted PDF document.

7.8

CVE-2017-7264

  • EPSS 0.19%
  • Veröffentlicht 26.03.2017 05:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Use-after-free vulnerability in the fz_subsample_pixmap function in fitz/pixmap.c in Artifex MuPDF 1.10a allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted document.

5.5

CVE-2016-10247

  • EPSS 0.31%
  • Veröffentlicht 16.03.2017 14:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Buffer overflow in the my_getline function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.