MuPDF 'pdf-object.c' UAF Denial of Service Vulnerability

MuPDF is a PDF format analyzer used to read PDF files and create Fitz tree diagrams. A denial of service vulnerability exists in MuPDF, which can be exploited by an attacker to cause a denial of service...

DEBIAN-CVE-2016-6525

Heap-based buffer overflow in the pdfloadmeshparams function in pdf/pdf-shade.c in MuPDF allows remote attackers to cause a denial of service crash or execute arbitrary code via a large decode array...

CVE-2016-6525

Heap-based buffer overflow in the pdfloadmeshparams function in pdf/pdf-shade.c in MuPDF allows remote attackers to cause a denial of service crash or execute arbitrary code via a large decode array...

CVE-2016-6525

Heap-based buffer overflow in the pdfloadmeshparams function in pdf/pdf-shade.c in MuPDF allows remote attackers to cause a denial of service crash or execute arbitrary code via a large decode array...

DEBIAN-CVE-2016-6265

Use-after-free vulnerability in the pdfloadxref function in pdf/pdf-xref.c in MuPDF allows remote attackers to cause a denial of service crash via a crafted PDF file...

CVE-2016-6265

Use-after-free vulnerability in the pdfloadxref function in pdf/pdf-xref.c in MuPDF allows remote attackers to cause a denial of service crash via a crafted PDF file...

CVE-2016-6265

Use-after-free vulnerability in the pdfloadxref function in pdf/pdf-xref.c in MuPDF allows remote attackers to cause a denial of service crash via a crafted PDF file...

CVE-2016-6525

Heap-based buffer overflow in the pdfloadmeshparams function in pdf/pdf-shade.c in MuPDF allows remote attackers to cause a denial of service crash or execute arbitrary code via a large decode array...

Design/Logic Flaw

Use-after-free vulnerability in the pdfloadxref function in pdf/pdf-xref.c in MuPDF allows remote attackers to cause a denial of service crash via a crafted PDF file...

CVE-2016-6265

Use-after-free vulnerability in the pdfloadxref function in pdf/pdf-xref.c in MuPDF allows remote attackers to cause a denial of service crash via a crafted PDF file...

Heap overflow

Heap-based buffer overflow in the pdfloadmeshparams function in pdf/pdf-shade.c in MuPDF allows remote attackers to cause a denial of service crash or execute arbitrary code via a large decode array...

UBUNTU-CVE-2016-6525

Heap-based buffer overflow in the pdfloadmeshparams function in pdf/pdf-shade.c in MuPDF allows remote attackers to cause a denial of service crash or execute arbitrary code via a large decode array...

UBUNTU-CVE-2016-6265

Use-after-free vulnerability in the pdfloadxref function in pdf/pdf-xref.c in MuPDF allows remote attackers to cause a denial of service crash via a crafted PDF file...

CVE-2016-6525

MuPDF is affected by CVE-2016-6525 due to a heap overflow in pdf_load_mesh_params inside pdf/pdf-shade.c. A large decode array can trigger an out-of-bounds write, leading to a crash or arbitrary code execution. Public reports and advisories (Debian DSA-3655-1; Mageia MGASA-2016-0286; Gentoo GLSA ...

CVE-2016-6265

MuPDF contains a use-after-free in pdf_load_xref.c (pdf/pdf-xref.c) that can be triggered by a crafted PDF, enabling a remote attacker to crash the process (DoS). Public reports indicate this affects MuPDF and prompted security advisories; Debian notes CVE-2016-6265 along with CVE-2016-6525 and p...

CVE-2016-6525

Heap-based buffer overflow in the pdfloadmeshparams function in pdf/pdf-shade.c in MuPDF allows remote attackers to cause a denial of service crash or execute arbitrary code via a large decode array...

CVE-2016-6265

Use-after-free vulnerability in the pdfloadxref function in pdf/pdf-xref.c in MuPDF allows remote attackers to cause a denial of service crash via a crafted PDF file...

CVE-2016-6265

Use-after-free vulnerability in the pdfloadxref function in pdf/pdf-xref.c in MuPDF allows remote attackers to cause a denial of service crash via a crafted PDF file...

CVE-2016-6525

Heap-based buffer overflow in the pdfloadmeshparams function in pdf/pdf-shade.c in MuPDF allows remote attackers to cause a denial of service crash or execute arbitrary code via a large decode array...

MGASA-2016-0286 Updated mupdf packages fix security vulnerability

A flaw was discovered in the pdfloadmeshparams function allowing out-of-bounds write access to memory locations. With carefully crafted input, that could trigger a heap overflow, resulting in application crash or possibly having other unspecified impact CVE-2016-6525. Also, mupdf already containe...