CVE-2016-8729

Опубликовано: 24 апр. 2018

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 6.8

CVSS3: 7.8

Описание

An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. A specially crafted PDF can cause a negative number to be passed to a memset resulting in memory corruption and potential code execution. An attacker can specially craft a PDF and send to the victim to trigger this vulnerability.

Релиз	Статус	Примечание
artful	not-affected	0.13-4.1
bionic	not-affected	0.13-4.1
cosmic	not-affected	0.13-4.1
devel	not-affected	0.13-4.1
disco	not-affected	0.13-4.1
eoan	not-affected	0.13-4.1
esm-infra-legacy/trusty	released	0.11+20120125-1ubuntu1.1
esm-infra/bionic	not-affected	0.13-4.1
esm-infra/focal	not-affected	0.13-4.1
esm-infra/xenial	released	0.12+20150918-1ubuntu0.1

Показывать по

Релиз	Статус	Примечание
artful	not-affected	uses system jbig2dec
bionic	not-affected	uses system jbig2dec
cosmic	not-affected	uses system jbig2dec
devel	not-affected	uses system jbig2dec
disco	not-affected	uses system jbig2dec
eoan	not-affected	uses system jbig2dec
esm-apps/bionic	not-affected	uses system jbig2dec
esm-apps/focal	not-affected	uses system jbig2dec
esm-apps/xenial	not-affected	uses system jbig2dec
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was not-affected [uses system jbig2dec]]

Показывать по

Ссылки на источники

EPSS

Процентиль: 67%

0.00532

Низкий

6.8 Medium

CVSS2

7.8 High

CVSS3

Связанные уязвимости

CVE-2016-8729

CVSS3: 7.8

nvd

почти 8 лет назад

CVE-2016-8729

CVSS3: 7.8

debian

почти 8 лет назад

An exploitable memory corruption vulnerability exists in the JBIG2 par ...

GHSA-2cj5-5xv9-px48

CVSS3: 7.8

github

больше 3 лет назад

openSUSE-SU-2017:3064-1

suse-cvrf

около 8 лет назад

Security update for mupdf

EPSS

Процентиль: 67%

0.00532

Низкий

6.8 Medium

CVSS2

7.8 High

CVSS3

CVE-2016-8729

Описание

Пакет jbig2dec

Пакет mupdf

Ссылки на источники

Связанные уязвимости