TROYANOSYVIRUS
Zuruck zu CVEs

CVE-2018-1000039

MEDIUM
6.3

Beschreibung

In Artifex MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an attacker to execute arbitrary code, read memory, or cause a denial of service via a crafted file.

CVE Details

CVSS v3.1 Bewertung6.3
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht5/24/2018
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0

Betroffene Produkte

artifex:mupdf

Schwachen (CWE)

CWE-416

Referenzen

http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=4dcc6affe04368461310a21238f7e1871a752a05%3Bhp=8ec561d1bccc46e9db40a9f61310cd8b3763914e(cve@mitre.org)
http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=71ceebcf56e682504da22c4035b39a2d451e8ffd%3Bhp=7f82c01523505052615492f8e220f4348ba46995(cve@mitre.org)
http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=f597300439e62f5e921f0d7b1e880b5c1a1f1607%3Bhp=093fc3b098dc5fadef5d8ad4b225db9fb124758b(cve@mitre.org)
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5492(cve@mitre.org)
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5513(cve@mitre.org)
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5521(cve@mitre.org)
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5604(cve@mitre.org)
https://bugs.ghostscript.com/show_bug.cgi?id=698883(cve@mitre.org)
https://bugs.ghostscript.com/show_bug.cgi?id=698888(cve@mitre.org)
https://bugs.ghostscript.com/show_bug.cgi?id=698891(cve@mitre.org)
https://bugs.ghostscript.com/show_bug.cgi?id=698892(cve@mitre.org)
https://bugs.ghostscript.com/show_bug.cgi?id=698901(cve@mitre.org)
https://security.gentoo.org/glsa/201811-15(cve@mitre.org)
http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=4dcc6affe04368461310a21238f7e1871a752a05%3Bhp=8ec561d1bccc46e9db40a9f61310cd8b3763914e(af854a3a-2127-422b-91ae-364da2661108)
http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=71ceebcf56e682504da22c4035b39a2d451e8ffd%3Bhp=7f82c01523505052615492f8e220f4348ba46995(af854a3a-2127-422b-91ae-364da2661108)
http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=f597300439e62f5e921f0d7b1e880b5c1a1f1607%3Bhp=093fc3b098dc5fadef5d8ad4b225db9fb124758b(af854a3a-2127-422b-91ae-364da2661108)
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5492(af854a3a-2127-422b-91ae-364da2661108)
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5513(af854a3a-2127-422b-91ae-364da2661108)
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5521(af854a3a-2127-422b-91ae-364da2661108)
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5604(af854a3a-2127-422b-91ae-364da2661108)
https://bugs.ghostscript.com/show_bug.cgi?id=698883(af854a3a-2127-422b-91ae-364da2661108)
https://bugs.ghostscript.com/show_bug.cgi?id=698888(af854a3a-2127-422b-91ae-364da2661108)
https://bugs.ghostscript.com/show_bug.cgi?id=698891(af854a3a-2127-422b-91ae-364da2661108)
https://bugs.ghostscript.com/show_bug.cgi?id=698892(af854a3a-2127-422b-91ae-364da2661108)
https://bugs.ghostscript.com/show_bug.cgi?id=698901(af854a3a-2127-422b-91ae-364da2661108)
https://security.gentoo.org/glsa/201811-15(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.