Vulnerabilities > Artifex
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-24 | CVE-2016-8728 | Out-of-bounds Write vulnerability in Artifex Mupdf 1.10 An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. | 7.8 |
| 2018-04-24 | CVE-2016-9601 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2_decode_gray_scale_image function which is used to decode halftone segments in a JBIG2 image. | 5.5 |
| 2018-04-22 | CVE-2018-10289 | Infinite Loop vulnerability in multiple products In MuPDF 1.13.0, there is an infinite loop in the fz_skip_space function of the pdf/pdf-xref.c file. | 5.5 |
| 2018-04-18 | CVE-2018-10194 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document. | 7.8 |
| 2018-02-09 | CVE-2018-1000051 | Use After Free vulnerability in multiple products Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability in fz_keep_key_storable that can result in DOS / Possible code execution. | 7.8 |
| 2018-02-02 | CVE-2018-6544 | Uncontrolled Recursion vulnerability in multiple products pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could reference the object stream recursively and therefore run out of error stack, which allows remote attackers to cause a denial of service via a crafted PDF document. | 5.5 |
| 2018-01-24 | CVE-2018-6192 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation violation and application crash) via a crafted pdf file. | 5.5 |
| 2018-01-24 | CVE-2018-6191 | Integer Overflow or Wraparound vulnerability in Artifex Mujs 1.0.0/1.0.1/1.0.2 The js_strtod function in jsdtoa.c in Artifex MuJS through 1.0.2 has an integer overflow because of incorrect exponent validation. | 5.5 |
| 2018-01-24 | CVE-2018-5759 | Uncontrolled Recursion vulnerability in Artifex Mujs 1.0.0/1.0.1/1.0.2 jsparse.c in Artifex MuJS through 1.0.2 does not properly maintain the AST depth for binary expressions, which allows remote attackers to cause a denial of service (excessive recursion) via a crafted file. | 5.5 |
| 2018-01-24 | CVE-2018-6187 | Out-of-bounds Write vulnerability in multiple products In Artifex MuPDF 1.12.0, there is a heap-based buffer overflow vulnerability in the do_pdf_save_document function in the pdf/pdf-write.c file. | 5.5 |