[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-3655-1 mupdf -- mupdf

ID: oval:org.secpod.oval:def:602598Date: (C)2016-08-30   (M)2023-12-20
Class: PATCHFamily: unix




Two vulnerabilities were discovered in MuPDF, a lightweight PDF viewer. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-6265 Marco Grassi discovered a use-after-free vulnerability in MuPDF. An attacker can take advantage of this flaw to cause an application crash , or potentially to execute arbitrary code with the privileges of the user running MuPDF, if a specially crafted PDF file is processed. CVE-2016-6525 Yu Hong and Zheng Jihong discovered a heap overflow vulnerability within the pdf_load_mesh_params function, allowing an attacker to cause an application crash , or potentially to execute arbitrary code with the privileges of the user running MuPDF, if a specially crafted PDF file is processed.

Platform:
Debian 8.x
Product:
mupdf
Reference:
DSA-3655-1
CVE-2016-6265
CVE-2016-6525
CVE    2
CVE-2016-6525
CVE-2016-6265
CPE    2
cpe:/a:artifex:mupdf
cpe:/o:debian:debian_linux:8.x

© SecPod Technologies