Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2018-5686  

In MuPDF 1.12.0, there is an infinite loop vulnerability and application hang in the pdf_parse_array function (pdf/pdf-parse.c) because EOF is not considered. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file.

Source
Severity Medium

Remote No

Type Denial of service

Description 

In MuPDF 1.12.0, there is an infinite loop vulnerability and application hang in the pdf_parse_array function (pdf/pdf-parse.c) because EOF is not considered. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file.

AVG-691 zathura-pdf-mupdf 0.3.3-2 0.3.3-3 High Fixed FS#57486

AVG-690 llpp 27-1 27-2 High Fixed FS#57486

AVG-689 libmupdf 1.12.0-2 1.13.0-1 High Fixed FS#57486

AVG-688 mupdf-tools 1.12.0-2 1.13.0-1 High Fixed FS#57486

AVG-687 mupdf-gl 1.12.0-2 1.13.0-1 High Fixed FS#57486

AVG-609 mupdf 1.12.0-2 1.13.0-1 High Fixed FS#57486

10 May 2018 ASA-201805-8 AVG-690 llpp High multiple issues

10 May 2018 ASA-201805-7 AVG-688 mupdf-tools High multiple issues

10 May 2018 ASA-201805-6 AVG-689 libmupdf High multiple issues

10 May 2018 ASA-201805-5 AVG-687 mupdf-gl High multiple issues

09 May 2018 ASA-201805-4 AVG-609 mupdf High multiple issues

16 May 2018 ASA-201805-12 AVG-691 zathura-pdf-mupdf High multiple issues 

https://bugs.ghostscript.com/show_bug.cgi?id=698860
https://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=b70eb93f6936c03d8af52040bbca4d4a7db39079

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started