pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain length changes when a repair operation occurs during a clean operation, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted PDF document.
CPE | Name | Operator | Version |
---|---|---|---|
mupdf | lt | 1.12.0 | |
debian_linux | eq | 9.0 |