Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
artifex mupdf vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2017-17858
Heap-based buffer overflow in the ensure_solid_xref function in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 allows a remote malicious user to potentially execute arbitrary code via a crafted PDF file, because xref subsection object numbers are unrestricted.
Artifex Mupdf 1.12.0
1 Github repository
4.3
CVSSv2
CVE-2018-5686
In MuPDF 1.12.0, there is an infinite loop vulnerability and application hang in the pdf_parse_array function (pdf/pdf-parse.c) because EOF is not considered. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file.
Artifex Mupdf 1.12.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
6.8
CVSSv2
CVE-2017-17866
pdf/pdf-write.c in Artifex MuPDF prior to 1.12.0 mishandles certain length changes when a repair operation occurs during a clean operation, which allows remote malicious users to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other ...
Artifex Mupdf
Debian Debian Linux 9.0
6.8
CVSSv2
CVE-2017-15587
An integer overflow exists in pdf_read_new_xref_section in pdf/pdf-xref.c in Artifex MuPDF 1.11.
Artifex Mupdf 1.11
6.8
CVSSv2
CVE-2017-15369
The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF prior to 2017-09-25 mishandles a certain case where a variable may reside in a register, which allows remote malicious users to cause a denial of service (Fitz fz_drop_imp use-after-free and application crash) o...
Artifex Mupdf
6.8
CVSSv2
CVE-2017-14685
Artifex MuPDF 1.11 allows malicious users to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016aa61" on Windows. This occurs becau...
Artifex Mupdf 1.11
6.8
CVSSv2
CVE-2017-14687
Artifex MuPDF 1.11 allows malicious users to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016cb4f" on Windows. This occurs becau...
Artifex Mupdf 1.11
6.8
CVSSv2
CVE-2017-14686
Artifex MuPDF 1.11 allows malicious users to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV near NULL starting at wow64!Wow64NotifyDebugger+0x000000000000001d" on Windows. This occurs because read_zip_dir_im...
Artifex Mupdf 1.11
4.3
CVSSv2
CVE-2017-9216
libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and Ghostscript, has a NULL pointer dereference in the jbig2_huffman_get function in jbig2_huffman.c. For example, the jbig2dec utility will crash (segmentation fault) when parsing an invalid file.
Artifex Jbig2dec 0.13
Debian Debian Linux 9.0
4.3
CVSSv2
CVE-2016-10221
The count_entries function in pdf-layer.c in Artifex Software, Inc. MuPDF 1.10a allows remote malicious users to cause a denial of service (stack consumption and application crash) via a crafted PDF document.
Artifex Mupdf 1.10a
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »