Published: 24/05/2018 Updated: 07/11/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

In MuPDF 1.12.0 and previous versions, multiple use of uninitialized value bugs in the PDF parser could allow an malicious user to cause a denial of service (crash) or influence program flow via a crafted file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
artifex mupdf
debian debian linux 9.0

Multiple vulnerabilities were discovered in MuPDF, a PDF, XPS, and e-book viewer which could result in denial of service or the execution of arbitrary code if malformed documents are opened For the stable distribution (stretch), these problems have been fixed in version 19a+ds1-4+deb9u4 We recommend that you upgrade your mupdf packages For the ...

CWE-20 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5610 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5609 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5603 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5600 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5596 https://www.debian.org/security/2018/dsa-4334 https://security.gentoo.org/glsa/201811-15 http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=83d4dae44c71816c084a635550acc1a51529b881%3Bhp=f597300439e62f5e921f0d7b1e880b5c1a1f1607 https://nvd.nist.gov https://www.debian.org/security/./dsa-4334

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-1000040

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect