Note:
This project will be discontinued after December 13, 2021. [more]
2018-09-06
In Artifex MuPDF 1.13.0, the fz_append_byte function in fitz/buffer.c allows remote attackers to cause a denial of service (segmentation fault) via a crafted pdf file. This is caused by a pdf/pdf-device.c pdf_dev_alpha array-index underflow.
Products | Mupdf |
Type | Improper Validation of Array Index (CWE-129) |
First patch | - None (likely due to unavailable code) |
Links | https://bugs.ghostscript.com/show_bug.cgi?id=699685 |