Artifex

Mupdf

66 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2017-15369

  • EPSS 0.2%
  • Veröffentlicht 16.10.2017 01:29:01
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF before 2017-09-25 mishandles a certain case where a variable may reside in a register, which allows remote attackers to cause a denial of service (Fitz fz_drop_imp use-after-free an...

7.8

CVE-2017-14687

Exploit
  • EPSS 0.27%
  • Veröffentlicht 22.09.2017 06:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016cb4f" on Windows. Thi...

7.8

CVE-2017-14686

Exploit
  • EPSS 0.71%
  • Veröffentlicht 22.09.2017 06:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Artifex MuPDF 1.11 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV near NULL starting at wow64!Wow64NotifyDebugger+0x000000000000001d" on Windows. This occurs because r...

7.8

CVE-2017-14685

Exploit
  • EPSS 0.25%
  • Veröffentlicht 22.09.2017 06:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016aa61" on Windows. Thi...

5.5

CVE-2016-10221

Exploit
  • EPSS 0.2%
  • Veröffentlicht 03.04.2017 05:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The count_entries function in pdf-layer.c in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted PDF document.

7.8

CVE-2017-7264

  • EPSS 0.19%
  • Veröffentlicht 26.03.2017 05:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Use-after-free vulnerability in the fz_subsample_pixmap function in fitz/pixmap.c in Artifex MuPDF 1.10a allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted document.

5.5

CVE-2016-10247

  • EPSS 0.31%
  • Veröffentlicht 16.03.2017 14:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Buffer overflow in the my_getline function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.

5.5

CVE-2016-10246

  • EPSS 0.29%
  • Veröffentlicht 16.03.2017 14:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Buffer overflow in the main function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.

7.8

CVE-2017-6060

Exploit
  • EPSS 2.92%
  • Veröffentlicht 15.03.2017 14:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Stack-based buffer overflow in jstest_main.c in mujstest in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to have unspecified impact via a crafted image.

5.5

CVE-2016-8674

  • EPSS 0.23%
  • Veröffentlicht 15.02.2017 21:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The pdf_to_num function in pdf-object.c in MuPDF before 1.10 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted file.