Описание
The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF before 2017-09-25 mishandles a certain case where a variable may reside in a register, which allows remote attackers to cause a denial of service (Fitz fz_drop_imp use-after-free and application crash) or possibly have unspecified other impact via a crafted PDF document.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 1.12.0+ds1-1 |
| cosmic | not-affected | 1.12.0+ds1-1 |
| devel | not-affected | 1.12.0+ds1-1 |
| disco | not-affected | 1.12.0+ds1-1 |
| eoan | not-affected | 1.12.0+ds1-1 |
| esm-apps/bionic | not-affected | 1.12.0+ds1-1 |
| esm-apps/focal | not-affected | 1.12.0+ds1-1 |
| esm-apps/jammy | not-affected | 1.12.0+ds1-1 |
| esm-apps/noble | not-affected | 1.12.0+ds1-1 |
Показывать по
EPSS
6.8 Medium
CVSS2
7.8 High
CVSS3
Связанные уязвимости
The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF before 2017-09-25 mishandles a certain case where a variable may reside in a register, which allows remote attackers to cause a denial of service (Fitz fz_drop_imp use-after-free and application crash) or possibly have unspecified other impact via a crafted PDF document.
The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF b ...
The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF before 2017-09-25 mishandles a certain case where a variable may reside in a register, which allows remote attackers to cause a denial of service (Fitz fz_drop_imp use-after-free and application crash) or possibly have unspecified other impact via a crafted PDF document.
EPSS
6.8 Medium
CVSS2
7.8 High
CVSS3