Vulnerabilities > Artifex > Mupdf > 1.10
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-05-24 | CVE-2018-1000036 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In Artifex MuPDF 1.12.0 and earlier, multiple memory leaks in the PDF parser allow an attacker to cause a denial of service (memory leak) via a crafted file. | 5.5 |
2018-04-24 | CVE-2016-8728 | Out-of-bounds Write vulnerability in Artifex Mupdf 1.10 An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. | 7.8 |
2017-12-27 | CVE-2017-17866 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain length changes when a repair operation occurs during a clean operation, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted PDF document. | 7.8 |
2017-10-16 | CVE-2017-15369 | Use After Free vulnerability in Artifex Mupdf The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF before 2017-09-25 mishandles a certain case where a variable may reside in a register, which allows remote attackers to cause a denial of service (Fitz fz_drop_imp use-after-free and application crash) or possibly have unspecified other impact via a crafted PDF document. | 7.8 |
2017-03-16 | CVE-2016-10247 | Out-of-bounds Write vulnerability in multiple products Buffer overflow in the my_getline function in jstest_main.c in Mujstest in Artifex Software, Inc. | 5.5 |
2017-03-16 | CVE-2016-10246 | Out-of-bounds Write vulnerability in multiple products Buffer overflow in the main function in jstest_main.c in Mujstest in Artifex Software, Inc. | 5.5 |
2017-02-15 | CVE-2017-5896 | Out-of-bounds Read vulnerability in Artifex Mupdf Heap-based buffer overflow in the fz_subsample_pixmap function in fitz/pixmap.c in MuPDF 1.10a allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted image. | 5.5 |
2017-02-15 | CVE-2017-5991 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in Artifex MuPDF before 1912de5f08e90af1d9d0a9791f58ba3afdb9d465. | 7.5 |