Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
artifex mupdf 1.12.0 vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2017-17858
Heap-based buffer overflow in the ensure_solid_xref function in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 allows a remote malicious user to potentially execute arbitrary code via a crafted PDF file, because xref subsection object numbers are unrestricted.
Artifex Mupdf 1.12.0
1 Github repository
5.5
CVSSv3
CVE-2018-6187
In Artifex MuPDF 1.12.0, there is a heap-based buffer overflow vulnerability in the do_pdf_save_document function in the pdf/pdf-write.c file. Remote attackers could leverage the vulnerability to cause a denial of service via a crafted pdf file.
Artifex Mupdf 1.12.0
Debian Debian Linux 9.0
5.5
CVSSv3
CVE-2018-6192
In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in pdf/pdf-xref.c allows remote malicious users to cause a denial of service (segmentation violation and application crash) via a crafted pdf file.
Artifex Mupdf 1.12.0
Debian Debian Linux 9.0
7.8
CVSSv3
CVE-2018-1000051
Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability in fz_keep_key_storable that can result in DOS / Possible code execution. This attack appear to be exploitable via Victim opens a specially crafted PDF.
Artifex Mupdf 1.12.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
5.5
CVSSv3
CVE-2018-5686
In MuPDF 1.12.0, there is an infinite loop vulnerability and application hang in the pdf_parse_array function (pdf/pdf-parse.c) because EOF is not considered. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file.
Artifex Mupdf 1.12.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
5.5
CVSSv3
CVE-2018-6544
pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could reference the object stream recursively and therefore run out of error stack, which allows remote malicious users to cause a denial of service via a crafted PDF document.
Artifex Mupdf 1.12.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.8
CVSSv3
CVE-2018-1000038
In MuPDF 1.12.0 and previous versions, a stack buffer overflow in function pdf_lookup_cmap_full in pdf/pdf-cmap.c could allow an malicious user to execute arbitrary code via a crafted file.
Artifex Mupdf
7.8
CVSSv3
CVE-2018-1000039
In MuPDF 1.12.0 and previous versions, multiple heap use after free bugs in the PDF parser could allow an malicious user to execute arbitrary code, read memory, or cause a denial of service via a crafted file.
Artifex Mupdf
5.5
CVSSv3
CVE-2018-1000036
In MuPDF 1.12.0 and previous versions, multiple memory leaks in the PDF parser allow an malicious user to cause a denial of service (memory leak) via a crafted file.
Artifex Mupdf
Debian Debian Linux 9.0
5.5
CVSSv3
CVE-2018-1000037
In MuPDF 1.12.0 and previous versions, multiple reachable assertions in the PDF parser allow an malicious user to cause a denial of service (assert crash) via a crafted file.
Artifex Mupdf
Debian Debian Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »