SUSE CVE-2016-8729

An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. A specially crafted PDF can cause a negative number to be passed to a memset resulting in memory corruption and potential code execution. An attacker can specially craft a PDF and send to the victim to...

SUSE CVE-2016-8728

An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. A specially crafted PDF file can cause a out of bounds write resulting in heap metadata and sensitive process memory corruption leading to potential code execution. Victim needs ...

SUSE CVE-2016-10221

The countentries function in pdf-layer.c in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to cause a denial of service stack consumption and application crash via a crafted PDF document...

SUSE CVE-2016-10246

Buffer overflow in the main function in jstestmain.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service out-of-bounds write via a crafted file...

SUSE CVE-2016-10247

Buffer overflow in the mygetline function in jstestmain.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service out-of-bounds write via a crafted file...

SUSE CVE-2017-5896

Heap-based buffer overflow in the fzsubsamplepixmap function in fitz/pixmap.c in MuPDF 1.10a allows remote attackers to cause a denial of service out-of-bounds read and crash via a crafted image...

SUSE CVE-2017-6060

Stack-based buffer overflow in jstestmain.c in mujstest in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to have unspecified impact via a crafted image...

SUSE CVE-2017-9216

libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and Ghostscript, has a NULL pointer dereference in the jbig2huffmanget function in jbig2huffman.c. For example, the jbig2dec utility will crash segmentation fault when parsing an invalid file...

SUSE CVE-2017-14686

Artifex MuPDF 1.11 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV near NULL starting at wow64!Wow64NotifyDebugger+0x000000000000001d" on Windows. This occurs because readzipdirimp in fitz/unzip.c does not check...

SUSE CVE-2017-14687

Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016cb4f" on Windows. This occurs because of mishandling of XML tag name...

SUSE CVE-2017-15369

The buildfilterchain function in pdf/pdf-stream.c in Artifex MuPDF before 2017-09-25 mishandles a certain case where a variable may reside in a register, which allows remote attackers to cause a denial of service Fitz fzdropimp use-after-free and application crash or possibly have unspecified oth...

SUSE CVE-2017-17858

Heap-based buffer overflow in the ensuresolidxref function in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 allows a remote attacker to potentially execute arbitrary code via a crafted PDF file, because xref subsection object numbers are unrestricted...

SUSE CVE-2017-17866

pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain length changes when a repair operation occurs during a clean operation, which allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted PDF...

SUSE CVE-2018-5686

In MuPDF 1.12.0, there is an infinite loop vulnerability and application hang in the pdfparsearray function pdf/pdf-parse.c because EOF is not considered. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file...

SUSE CVE-2018-6187

In Artifex MuPDF 1.12.0, there is a heap-based buffer overflow vulnerability in the dopdfsavedocument function in the pdf/pdf-write.c file. Remote attackers could leverage the vulnerability to cause a denial of service via a crafted pdf file...

SUSE CVE-2018-6192

In Artifex MuPDF 1.12.0, the pdfreadnewxref function in pdf/pdf-xref.c allows remote attackers to cause a denial of service segmentation violation and application crash via a crafted pdf file...

SUSE CVE-2018-6544

pdfloadobjstm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could reference the object stream recursively and therefore run out of error stack, which allows remote attackers to cause a denial of service via a crafted PDF document...

SUSE CVE-2018-10289

In MuPDF 1.13.0, there is an infinite loop in the fzskipspace function of the pdf/pdf-xref.c file. A remote adversary could leverage this vulnerability to cause a denial of service via a crafted pdf file...

SUSE CVE-2018-16648

In Artifex MuPDF 1.13.0, the fzappendbyte function in fitz/buffer.c allows remote attackers to cause a denial of service segmentation fault via a crafted pdf file. This is caused by a pdf/pdf-device.c pdfdevalpha array-index underflow...

SUSE CVE-2018-16647

In Artifex MuPDF 1.13.0, the pdfgetxrefentry function in pdf/pdf-xref.c allows remote attackers to cause a denial of service segmentation fault in fzwritedata in fitz/output.c via a crafted pdf file...