Vulnerabilities > Artifex > Mupdf
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-16 | CVE-2016-10246 | Out-of-bounds Write vulnerability in multiple products Buffer overflow in the main function in jstest_main.c in Mujstest in Artifex Software, Inc. | 5.5 |
| 2017-03-15 | CVE-2017-6060 | Out-of-bounds Write vulnerability in multiple products Stack-based buffer overflow in jstest_main.c in mujstest in Artifex Software, Inc. | 6.8 |
| 2017-02-15 | CVE-2016-8674 | Use After Free vulnerability in Artifex Mupdf The pdf_to_num function in pdf-object.c in MuPDF before 1.10 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted file. | 5.5 |
| 2017-02-15 | CVE-2017-5896 | Out-of-bounds Read vulnerability in Artifex Mupdf Heap-based buffer overflow in the fz_subsample_pixmap function in fitz/pixmap.c in MuPDF 1.10a allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted image. | 5.5 |
| 2017-02-15 | CVE-2017-5991 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in Artifex MuPDF before 1912de5f08e90af1d9d0a9791f58ba3afdb9d465. | 7.5 |
| 2016-09-22 | CVE-2016-6525 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the pdf_load_mesh_params function in pdf/pdf-shade.c in MuPDF allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a large decode array. | 9.8 |
| 2016-09-22 | CVE-2016-6265 | Use After Free vulnerability in multiple products Use-after-free vulnerability in the pdf_load_xref function in pdf/pdf-xref.c in MuPDF allows remote attackers to cause a denial of service (crash) via a crafted PDF file. | 5.5 |
| 2011-05-13 | CVE-2011-0341 | Buffer Errors vulnerability in Artifex Mupdf 2008.09.02 Stack-based buffer overflow in the pdfmoz_onmouse function in apps/mozilla/moz_main.c in the MuPDF plug-in 2008.09.02 for Firefox allows remote attackers to execute arbitrary code via a crafted web site. | 9.3 |