[Forgot Password]
Login  Register Subscribe

23631

 
 

115084

 
 

97147

 
 

909

 
 

78730

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-4006-1 mupdf -- mupdf

ID: oval:org.secpod.oval:def:603138Date: (C)2017-11-09   (M)2017-11-18
Class: PATCHFamily: unix




Multiple vulnerabilities have been found in MuPDF, a PDF file viewer, which may result in denial of service or the execution of arbitrary code. CVE-2017-14685, CVE-2017-14686, and CVE-2017-14687 WangLin discovered that a crafted .xps file can crash MuPDF and potentially execute arbitrary code in several ways, since the application makes unchecked assumptions on the entry format. CVE-2017-15587 Terry Chia and Jeremy Heng discovered an integer overflow that can cause arbitrary code execution via a crafted .pdf file.

Platform:
Debian 9.x
Product:
mupdf
Reference:
DSA-4006-1
CVE-2017-14685
CVE-2017-14686
CVE-2017-14687
CVE-2017-15587
CVE    4
CVE-2017-14687
CVE-2017-14686
CVE-2017-14685
CVE-2017-15587
...
CPE    2
cpe:/o:debian:debian_linux:9.x
cpe:/a:artifex:mupdf

© 2013 SecPod Technologies