Artifex

Mupdf

70 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 2.73%
  • Veröffentlicht 22.01.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:18:50

Heap-based buffer overflow in the ensure_solid_xref function in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 allows a remote attacker to potentially execute arbitrary code via a crafted PDF file, because xref subsection object numbers are unrestricted.

Exploit
  • EPSS 1.47%
  • Veröffentlicht 14.01.2018 02:29:05
  • Zuletzt bearbeitet 21.11.2024 04:09:10

In MuPDF 1.12.0, there is an infinite loop vulnerability and application hang in the pdf_parse_array function (pdf/pdf-parse.c) because EOF is not considered. Remote attackers could leverage this vulnerability to cause a denial of service via a craft...

  • EPSS 1.58%
  • Veröffentlicht 27.12.2017 17:08:20
  • Zuletzt bearbeitet 13.05.2026 00:24:29

pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain length changes when a repair operation occurs during a clean operation, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly h...

  • EPSS 1%
  • Veröffentlicht 18.10.2017 08:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

An integer overflow was discovered in pdf_read_new_xref_section in pdf/pdf-xref.c in Artifex MuPDF 1.11.

  • EPSS 1.23%
  • Veröffentlicht 16.10.2017 01:29:01
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF before 2017-09-25 mishandles a certain case where a variable may reside in a register, which allows remote attackers to cause a denial of service (Fitz fz_drop_imp use-after-free an...

Exploit
  • EPSS 1.32%
  • Veröffentlicht 22.09.2017 06:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016cb4f" on Windows. Thi...

Exploit
  • EPSS 1.86%
  • Veröffentlicht 22.09.2017 06:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Artifex MuPDF 1.11 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV near NULL starting at wow64!Wow64NotifyDebugger+0x000000000000001d" on Windows. This occurs because r...

Exploit
  • EPSS 1.32%
  • Veröffentlicht 22.09.2017 06:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016aa61" on Windows. Thi...

Exploit
  • EPSS 1.38%
  • Veröffentlicht 03.04.2017 05:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The count_entries function in pdf-layer.c in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted PDF document.

  • EPSS 1.44%
  • Veröffentlicht 26.03.2017 05:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Use-after-free vulnerability in the fz_subsample_pixmap function in fitz/pixmap.c in Artifex MuPDF 1.10a allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted document.