← Back to CVEs

CVE-2017-14687

N/A

Description

Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016cb4f" on Windows. This occurs because of mishandling of XML tag name comparisons.

CVE Details

CVSS v3.1 ScoreN/A

Published9/22/2017

Last Modified4/20/2025

Sourcenvd

Honeypot Sightings0

Affected Products

artifex:mupdfmicrosoft:windows

Weaknesses (CWE)

CWE-119

References

http://git.ghostscript.com/?p=mupdf.git%3Bh=2b16dbd8f73269cb15ca61ece75cf8d2d196ed28(cve@mitre.org)

http://www.debian.org/security/2017/dsa-4006(cve@mitre.org)

https://bugs.ghostscript.com/show_bug.cgi?id=698558(cve@mitre.org)

https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14687(cve@mitre.org)

https://lists.debian.org/debian-lts-announce/2017/11/msg00007.html(cve@mitre.org)

http://git.ghostscript.com/?p=mupdf.git%3Bh=2b16dbd8f73269cb15ca61ece75cf8d2d196ed28(af854a3a-2127-422b-91ae-364da2661108)

http://www.debian.org/security/2017/dsa-4006(af854a3a-2127-422b-91ae-364da2661108)

https://bugs.ghostscript.com/show_bug.cgi?id=698558(af854a3a-2127-422b-91ae-364da2661108)

https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14687(af854a3a-2127-422b-91ae-364da2661108)

https://lists.debian.org/debian-lts-announce/2017/11/msg00007.html(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.