Artifex

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-1000040 2Artifex Debian 2Debian Linux Mupdf Nov 21, 2024 May 24, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In Artifex MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs in the PDF parser could allow an attacker to cause a denial of service (crash) or influence program flow via a crafted file.
CVE-2018-1000039 1Artifex 1Mupdf Nov 21, 2024 May 24, 2018 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 In Artifex MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an attacker to execute arbitrary code, read memory, or cause a denial of service via a crafted file.
CVE-2018-1000038 1Artifex 1Mupdf Nov 21, 2024 May 24, 2018 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 In Artifex MuPDF 1.12.0 and earlier, a stack buffer overflow in function pdf_lookup_cmap_full in pdf/pdf-cmap.c could allow an attacker to execute arbitrary code via a crafted file.
CVE-2018-1000037 2Artifex Debian 2Debian Linux Mupdf Nov 21, 2024 May 24, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In Artifex MuPDF 1.12.0 and earlier, multiple reachable assertions in the PDF parser allow an attacker to cause a denial of service (assert crash) via a crafted file.
CVE-2018-1000036 2Artifex Debian 2Debian Linux Mupdf Nov 21, 2024 May 24, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In Artifex MuPDF 1.12.0 and earlier, multiple memory leaks in the PDF parser allow an attacker to cause a denial of service (memory leak) via a crafted file.
CVE-2016-8729 1Artifex 1Mupdf Nov 21, 2024 Apr 24, 2018 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. A specially crafted PDF can cause a negative number to be passed to a memset resulting in memory corruption and potential co...Show more An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. A specially crafted PDF can cause a negative number to be passed to a memset resulting in memory corruption and potential code execution. An attacker can specially craft a PDF and send to the victim to trigger this vulnerability.Show less
CVE-2016-8728 1Artifex 1Mupdf Nov 21, 2024 Apr 24, 2018 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. A specially crafted PDF file can cause a out of bounds write resulting in heap metadata and sensitive...Show more An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. A specially crafted PDF file can cause a out of bounds write resulting in heap metadata and sensitive process memory corruption leading to potential code execution. Victim needs to open the specially crafted file in a vulnerable reader in order to trigger this vulnerability.Show less
CVE-2016-9601 2Artifex Debian 3Debian Linux Gpl GhostscriptJbig2dec Nov 21, 2024 Apr 24, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2_decode_gray_scale_image function which is used to decode halftone segments in a JBIG2 image. A documen...Show more ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2_decode_gray_scale_image function which is used to decode halftone segments in a JBIG2 image. A document (PostScript or PDF) with an embedded, specially crafted, jbig2 image could trigger a segmentation fault in ghostscript.Show less
CVE-2018-10289 2Artifex Debian 2Debian Linux Mupdf Nov 21, 2024 Apr 22, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In MuPDF 1.13.0, there is an infinite loop in the fz_skip_space function of the pdf/pdf-xref.c file. A remote adversary could leverage this vulnerability to cause a denial of service via a crafted pdf file.
CVE-2018-10194 4Artifex CanonicalDebian+1 more 9Debian Linux Enterprise Linux DesktopEnterprise Linux Server+6 more Nov 21, 2024 Apr 18, 2018 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause...Show more The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document.Show less
CVE-2018-1000051 2Artifex Debian 2Debian Linux Mupdf Nov 21, 2024 Feb 9, 2018 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability in fz_keep_key_storable that can result in DOS / Possible code execution. This attack appear to be exploitable via Victim opens a specially crafted PDF...Show more Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability in fz_keep_key_storable that can result in DOS / Possible code execution. This attack appear to be exploitable via Victim opens a specially crafted PDF.Show less
CVE-2018-6544 2Artifex Debian 2Debian Linux Mupdf Nov 21, 2024 Feb 2, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could reference the object stream recursively and therefore run out of error stack, which allows remote attackers to cause a denial of service via a crafted PDF...Show more pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could reference the object stream recursively and therefore run out of error stack, which allows remote attackers to cause a denial of service via a crafted PDF document.Show less
CVE-2018-6192 2Artifex Debian 2Debian Linux Mupdf Nov 21, 2024 Jan 24, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation violation and application crash) via a crafted pdf file.
CVE-2018-6191 1Artifex 1Mujs Nov 21, 2024 Jan 24, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The js_strtod function in jsdtoa.c in Artifex MuJS through 1.0.2 has an integer overflow because of incorrect exponent validation.
CVE-2018-5759 1Artifex 1Mujs Nov 21, 2024 Jan 24, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 jsparse.c in Artifex MuJS through 1.0.2 does not properly maintain the AST depth for binary expressions, which allows remote attackers to cause a denial of service (excessive recursion) via a crafted file.
CVE-2018-6187 2Artifex Debian 2Debian Linux Mupdf Nov 21, 2024 Jan 24, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In Artifex MuPDF 1.12.0, there is a heap-based buffer overflow vulnerability in the do_pdf_save_document function in the pdf/pdf-write.c file. Remote attackers could leverage the vulnerability to cause a denial of servic...Show more In Artifex MuPDF 1.12.0, there is a heap-based buffer overflow vulnerability in the do_pdf_save_document function in the pdf/pdf-write.c file. Remote attackers could leverage the vulnerability to cause a denial of service via a crafted pdf file.Show less
CVE-2017-17858 1Artifex 1Mupdf Nov 21, 2024 Jan 22, 2018 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Heap-based buffer overflow in the ensure_solid_xref function in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 allows a remote attacker to potentially execute arbitrary code via a crafted PDF file, because xref subsection object...Show more Heap-based buffer overflow in the ensure_solid_xref function in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 allows a remote attacker to potentially execute arbitrary code via a crafted PDF file, because xref subsection object numbers are unrestricted.Show less
CVE-2018-5686 2Artifex Debian 2Debian Linux Mupdf Nov 21, 2024 Jan 14, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In MuPDF 1.12.0, there is an infinite loop vulnerability and application hang in the pdf_parse_array function (pdf/pdf-parse.c) because EOF is not considered. Remote attackers could leverage this vulnerability to cause a...Show more In MuPDF 1.12.0, there is an infinite loop vulnerability and application hang in the pdf_parse_array function (pdf/pdf-parse.c) because EOF is not considered. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file.Show less
CVE-2017-17866 2Artifex Debian 2Debian Linux Mupdf May 13, 2026 Dec 27, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain length changes when a repair operation occurs during a clean operation, which allows remote attackers to cause a denial of service (buffer overflow and ap...Show more pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain length changes when a repair operation occurs during a clean operation, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted PDF document.Show less
CVE-2017-15587 1Artifex 1Mupdf May 13, 2026 Oct 18, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 An integer overflow was discovered in pdf_read_new_xref_section in pdf/pdf-xref.c in Artifex MuPDF 1.11.

Previous 1...8910...13 Next