DSA-4006-1 mupdf -- mupdfID: oval:org.secpod.oval:def:603138 | Date: (C)2017-11-09 (M)2023-12-20 |
Class: PATCH | Family: unix |
Multiple vulnerabilities have been found in MuPDF, a PDF file viewer, which may result in denial of service or the execution of arbitrary code. CVE-2017-14685, CVE-2017-14686, and CVE-2017-14687 WangLin discovered that a crafted .xps file can crash MuPDF and potentially execute arbitrary code in several ways, since the application makes unchecked assumptions on the entry format. CVE-2017-15587 Terry Chia and Jeremy Heng discovered an integer overflow that can cause arbitrary code execution via a crafted .pdf file.
Product: |
mupdf |
libmupdf-dev |