Note:
This project will be discontinued after December 13, 2021. [more]
2018-09-06
In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation fault in fz_write_data in fitz/output.c) via a crafted pdf file.
| Products | Mupdf |
| Type | Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) |
| First patch | - None (likely due to unavailable code) |
| Links | https://bugs.ghostscript.com/show_bug.cgi?id=699686 |