← Volver a CVEs

CVE-2017-14685

N/A

Descripcion

Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016aa61" on Windows. This occurs because xps_load_links_in_glyphs in xps/xps-link.c does not verify that an xps font could be loaded.

Detalles CVE

Puntuacion CVSS v3.1N/A

Publicado9/22/2017

Ultima modificacion4/20/2025

Fuentenvd

Avistamientos honeypot0

Productos afectados

artifex:mupdfmicrosoft:windows

Debilidades (CWE)

CWE-119

Referencias

http://git.ghostscript.com/?p=mupdf.git%3Bh=ab1a420613dec93c686acbee2c165274e922f82a(cve@mitre.org)

http://www.debian.org/security/2017/dsa-4006(cve@mitre.org)

https://bugs.ghostscript.com/show_bug.cgi?id=698539(cve@mitre.org)

https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14685(cve@mitre.org)

http://git.ghostscript.com/?p=mupdf.git%3Bh=ab1a420613dec93c686acbee2c165274e922f82a(af854a3a-2127-422b-91ae-364da2661108)

http://www.debian.org/security/2017/dsa-4006(af854a3a-2127-422b-91ae-364da2661108)

https://bugs.ghostscript.com/show_bug.cgi?id=698539(af854a3a-2127-422b-91ae-364da2661108)

https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14685(af854a3a-2127-422b-91ae-364da2661108)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.