Vulnerabilities > Artifex > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-24 | CVE-2018-6191 | Integer Overflow or Wraparound vulnerability in Artifex Mujs 1.0.0/1.0.1/1.0.2 The js_strtod function in jsdtoa.c in Artifex MuJS through 1.0.2 has an integer overflow because of incorrect exponent validation. | 5.5 |
| 2018-01-24 | CVE-2018-5759 | Uncontrolled Recursion vulnerability in Artifex Mujs 1.0.0/1.0.1/1.0.2 jsparse.c in Artifex MuJS through 1.0.2 does not properly maintain the AST depth for binary expressions, which allows remote attackers to cause a denial of service (excessive recursion) via a crafted file. | 5.5 |
| 2018-01-24 | CVE-2018-6187 | Out-of-bounds Write vulnerability in multiple products In Artifex MuPDF 1.12.0, there is a heap-based buffer overflow vulnerability in the do_pdf_save_document function in the pdf/pdf-write.c file. | 5.5 |
| 2018-01-14 | CVE-2018-5686 | Infinite Loop vulnerability in multiple products In MuPDF 1.12.0, there is an infinite loop vulnerability and application hang in the pdf_parse_array function (pdf/pdf-parse.c) because EOF is not considered. | 5.5 |
| 2017-12-27 | CVE-2017-17866 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain length changes when a repair operation occurs during a clean operation, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted PDF document. | 6.8 |
| 2017-09-30 | CVE-2017-14947 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Artifex Gsview 6.0 Artifex GSView 6.0 Beta on Windows allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "Read Access Violation on Block Data Move starting at mupdfnet64!mIncrementalSaveFile+0x0000000000193359." | 6.8 |
| 2017-09-30 | CVE-2017-14946 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Artifex Gsview 6.0 Artifex GSView 6.0 Beta on Windows allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faulting Address controls Branch Selection starting at mupdfnet64!mIncrementalSaveFile+0x000000000000344e." | 6.8 |
| 2017-09-30 | CVE-2017-14945 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Artifex Gsview 6.0 Artifex GSView 6.0 Beta on Windows allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Possible Stack Corruption starting at KERNELBASE!RaiseException+0x0000000000000068." | 6.8 |
| 2017-05-24 | CVE-2017-9216 | NULL Pointer Dereference vulnerability in multiple products libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and Ghostscript, has a NULL pointer dereference in the jbig2_huffman_get function in jbig2_huffman.c. | 6.5 |
| 2017-05-23 | CVE-2016-7977 | Information Exposure vulnerability in Artifex Ghostscript Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document. | 5.5 |