Published: 26/10/2018 Updated: 26/07/2020

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

There is an out-of-bounds read in fz_run_t3_glyph in fitz/font.c in Artifex MuPDF 1.14.0, as demonstrated by mutool.

Vulnerable Product	Search on Vulmon	Subscribe to Product
artifex mupdf 1.14.0

Debian Bug report logs - #918971 mupdf: CVE-2019-6130 Package: src:mupdf; Maintainer for src:mupdf is Kan-Ru Chen (陳侃如) <koster@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 11 Jan 2019 08:36:04 UTC Severity: important Tags: fixed-upstream, patch, security, upstream Found in ver ...

Debian Bug report logs - #912013 mupdf: CVE-2018-18662 Package: src:mupdf; Maintainer for src:mupdf is Kan-Ru Chen (陳侃如) <koster@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 27 Oct 2018 09:27:01 UTC Severity: important Tags: fixed-upstream, security, upstream Found in version m ...

Debian Bug report logs - #918970 mupdf: CVE-2019-6131 Package: src:mupdf; Maintainer for src:mupdf is Kan-Ru Chen (陳侃如) <koster@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 11 Jan 2019 08:36:02 UTC Severity: important Tags: fixed-upstream, patch, security, upstream Found in ver ...

CWE-125 https://github.com/TeamSeri0us/pocs/tree/master/mupdf https://bugs.ghostscript.com/show_bug.cgi?id=700043 http://www.securityfocus.com/bid/105755 https://lists.debian.org/debian-lts-announce/2020/07/msg00019.html https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918971

CVE-2018-18662

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect