Fedora 30 : mupdf (2019-10f02ad597)

rebase to 1.16.1 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network Security, Inc...

Fedora Update for mupdf FEDORA-2019-10f02ad597

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

mupdf:pdf_fuzzer: Use-of-uninitialized-value in fz_hash_find

Project: git://git.ghostscript.com/mupdf.git Detailed Report: https://oss-fuzz.com/testcase?key=5761352991244288 Project: mupdf Fuzzing Engine: libFuzzer Fuzz Target: pdffuzzer Job Type: libfuzzermsanmupdf Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State:...

Artifex Software MuPDF Buffer Overflow Vulnerability (CNVD-2020-54480)

Artifex Software MuPDF is a free, lightweight PDF reader from Artifex Software, USA. A buffer error vulnerability exists in the 'fzchartorune' function of the fitz/string.c file in Artifex Software MuPDF versions prior to 1.16.0. The vulnerability stems from a networked system or product performi...

CVE-2019-14975

Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fzchartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string...

CVE-2019-14975

Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fzchartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string...

CVE-2019-14975

Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fzchartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string...

Heap overflow

Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fzchartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string...

CVE-2019-14975

Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fz_chartorune (fitz/string.c) due to missing string validation in pdf-op-filter.c. Affected: MuPDF versions prior to 1.16.0. Impact: potential memory read/write issues; CVEs show elevated severity. Mitigation: upgrade to MuPDF 1.16....

CVE-2019-14975

Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fzchartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string...

CVE-2019-14975

Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fzchartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string...

PT-2019-13905 · Artifex +1 · Mupdf +1

Name of the Vulnerable Software and Affected Versions: Artifex MuPDF versions prior to 1.16.0 Description: The issue is related to a heap-based buffer over-read in the fz chartorune function in fitz/string.c. This occurs because pdf/pdf-op-filter.c does not check for a missing string, leading to...

The vulnerability of the fz AppendDisplayNode function in the Artifex MuPDF PDF viewer software arises from a buffer overflow in the dynamic memory; this allows an attacker to execute arbitrary code.

The vulnerability of the fz AppendDisplayNode function in the Artifex MuPDF PDF viewer program is caused by a buffer overflow in the dynamic memory. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary code using a specially created PDF file...

Artifex MuPDF Heap Buffer Overflow Vulnerability (CNVD-2019-21458)

Artifex Software MuPDF is a free, lightweight PDF reader from Artifex Software, USA. A heap buffer overflow vulnerability exists in 'fzappenddisplaynode' in the fitz/list-device.c file in Artifex Software MuPDF version 1.15.0. The vulnerability stems from a networked system or product performing...

DEBIAN-CVE-2019-13290

Artifex MuPDF 1.15.0 has a heap-based buffer overflow in fzappenddisplaynode located at fitz/list-device.c, allowing remote attackers to execute arbitrary code via a crafted PDF file. This occurs with a large BDC property name that overflows the allocated size of a display list node...

CVE-2019-13290

Artifex MuPDF 1.15.0 has a heap-based buffer overflow in fzappenddisplaynode located at fitz/list-device.c, allowing remote attackers to execute arbitrary code via a crafted PDF file. This occurs with a large BDC property name that overflows the allocated size of a display list node...

CVE-2019-13290

Artifex MuPDF 1.15.0 has a heap-based buffer overflow in fzappenddisplaynode located at fitz/list-device.c, allowing remote attackers to execute arbitrary code via a crafted PDF file. This occurs with a large BDC property name that overflows the allocated size of a display list node...

CVE-2019-13290

Artifex MuPDF 1.15.0 has a heap-based buffer overflow in fzappenddisplaynode located at fitz/list-device.c, allowing remote attackers to execute arbitrary code via a crafted PDF file. This occurs with a large BDC property name that overflows the allocated size of a display list node...

Heap overflow

Artifex MuPDF 1.15.0 has a heap-based buffer overflow in fzappenddisplaynode located at fitz/list-device.c, allowing remote attackers to execute arbitrary code via a crafted PDF file. This occurs with a large BDC property name that overflows the allocated size of a display list node...

UBUNTU-CVE-2019-13290

Artifex MuPDF 1.15.0 has a heap-based buffer overflow in fzappenddisplaynode located at fitz/list-device.c, allowing remote attackers to execute arbitrary code via a crafted PDF file. This occurs with a large BDC property name that overflows the allocated size of a display list node...