Vulnerabilities > CVE-2019-7321 - Use of Uninitialized Resource vulnerability in Artifex Mupdf 1.14.0

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

artifex

CWE-908

NVD

Published: 2019-06-13

Updated: 2020-08-24

Summary

Usage of an uninitialized variable in the function fz_load_jpeg in Artifex MuPDF 1.14 can result in a heap overflow vulnerability that allows an attacker to execute arbitrary code.

Vulnerable Configurations

Part	Description	Count
Application	Artifex Artifex Mupdf 1.14.0	1

Common Weakness Enumeration (CWE)

CWE-908 - Use of Uninitialized Resource

References

https://github.com/ereisr00/bagofbugz/tree/master/MuPDF/700560