Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1345 matches found

ossfuzz
ossfuzzadded 2018/01/23 12:35 p.m.12 views

mupdf/pdf_fuzzer: Use-of-uninitialized-value in sfnt_open_font

Project: git://git.ghostscript.com/mupdf.git Detailed report: https://oss-fuzz.com/testcase?key=4704233950543872 Project: mupdf Fuzzer: libFuzzermupdfpdffuzzer Fuzz target binary: pdffuzzer Job Type: libfuzzermsanmupdf Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash...

6.7AI score
Exploits0Affected Software1
ossfuzz
ossfuzzadded 2018/01/23 10:59 a.m.14 views

mupdf/pdf_fuzzer: Use-of-uninitialized-value in pdf_lex

Project: git://git.ghostscript.com/mupdf.git Detailed report: https://oss-fuzz.com/testcase?key=5164048585850880 Project: mupdf Fuzzer: libFuzzermupdfpdffuzzer Fuzz target binary: pdffuzzer Job Type: libfuzzermsanmupdf Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash...

6.7AI score
Exploits0Affected Software1
ossfuzz
ossfuzzadded 2018/01/23 9:26 a.m.13 views

mupdf/pdf_fuzzer: Use-of-uninitialized-value in fz_adjust_ft_glyph_width

Project: git://git.ghostscript.com/mupdf.git Detailed report: https://oss-fuzz.com/testcase?key=5817553579409408 Project: mupdf Fuzzer: libFuzzermupdfpdffuzzer Fuzz target binary: pdffuzzer Job Type: libfuzzermsanmupdf Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash...

6.7AI score
Exploits0Affected Software1
Veracode
Veracodeadded 2018/01/23 2:31 a.m.23 views

Denial Of Service (DoS)

MuPDF is vulnerable to denial of service DoS attacks. Using a pdf file, attackers can user xref subsection object numbers to cause a heap-based buffer overflow...

7.8CVSS7.2AI score0.02785EPSS
Exploits1References5Affected Software1
CNVD
CNVDadded 2018/01/23 12:0 a.m.3 views

Artifex MuPDF Heap Buffer Overflow Vulnerability

Artifex MuPDF is a free, lightweight PDF reader from Artifex Software. A heap buffer overflow vulnerability exists in the 'ensuresolidxref' function in the pdf/pdf-xref.c file in Artifex MuPDF version 1.12.0. A remote attacker can exploit this vulnerability to execute arbitrary code with the help...

7.8CVSS8.2AI score0.02785EPSS
Exploits1References1
UbuntuCve
UbuntuCveadded 2018/01/22 3:29 p.m.28 views

CVE-2017-17858

Heap-based buffer overflow in the ensuresolidxref function in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 allows a remote attacker to potentially execute arbitrary code via a crafted PDF file, because xref subsection object numbers are unrestricted...

7.8CVSS7.6AI score0.02785EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2018/01/22 3:29 p.m.2 views

CVE-2017-17858

Heap-based buffer overflow in the ensuresolidxref function in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 allows a remote attacker to potentially execute arbitrary code via a crafted PDF file, because xref subsection object numbers are unrestricted...

7.8CVSS6.4AI score0.02785EPSS
Exploits1References6
NVD
NVDadded 2018/01/22 3:29 p.m.11 views

CVE-2017-17858

Heap-based buffer overflow in the ensuresolidxref function in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 allows a remote attacker to potentially execute arbitrary code via a crafted PDF file, because xref subsection object numbers are unrestricted...

7.8CVSS7.9AI score0.02785EPSS
Exploits1References4
Prion
Prionadded 2018/01/22 3:29 p.m.21 views

Heap overflow

Heap-based buffer overflow in the ensuresolidxref function in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 allows a remote attacker to potentially execute arbitrary code via a crafted PDF file, because xref subsection object numbers are unrestricted...

6.8CVSS7.8AI score0.02785EPSS
Exploits1References4Affected Software1
OSV
OSVadded 2018/01/22 3:29 p.m.2 views

ALPINE-CVE-2017-17858

Heap-based buffer overflow in the ensuresolidxref function in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 allows a remote attacker to potentially execute arbitrary code via a crafted PDF file, because xref subsection object numbers are unrestricted...

7.8CVSS8.2AI score0.02785EPSS
Exploits1References1
OSV
OSVadded 2018/01/22 3:29 p.m.21 views

CVE-2017-17858

Heap-based buffer overflow in the ensuresolidxref function in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 allows a remote attacker to potentially execute arbitrary code via a crafted PDF file, because xref subsection object numbers are unrestricted...

7.8CVSS8.2AI score
Exploits0References4
Cvelist
Cvelistadded 2018/01/22 3:0 p.m.28 views

CVE-2017-17858

Heap-based buffer overflow in the ensuresolidxref function in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 allows a remote attacker to potentially execute arbitrary code via a crafted PDF file, because xref subsection object numbers are unrestricted...

6.8AI score0.02785EPSS
Exploits1References4
CVE
CVEadded 2018/01/22 3:0 p.m.95 views

CVE-2017-17858

MuPDF 1.12.0 contains a heap-based buffer overflow in ensure_solid_xref (pdf/pdf-xref.c) that permits arbitrary code execution via a crafted PDF, due to unrestricted xref subsection object numbers. The vulnerability affects MuPDF 1.12.0; remediation per linked advisories includes upgrading to ver...

7.8CVSS6.8AI score0.02785EPSS
Exploits1References4Affected Software1
Debian CVE
Debian CVEadded 2018/01/22 3:0 p.m.29 views

CVE-2017-17858

Heap-based buffer overflow in the ensuresolidxref function in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 allows a remote attacker to potentially execute arbitrary code via a crafted PDF file, because xref subsection object numbers are unrestricted...

7.8CVSS7.9AI score0.02785EPSS
Exploits1
ossfuzz
ossfuzzadded 2018/01/20 11:10 a.m.13 views

mupdf/pdf_fuzzer: Heap-use-after-free in fz_drop_key_storable

Project: git://git.ghostscript.com/mupdf.git Detailed report: https://oss-fuzz.com/testcase?key=5688460871467008 Project: mupdf Fuzzer: aflmupdfpdffuzzer Fuzz target binary: pdffuzzer Job Type: aflasanmupdf Platform Id: linux Crash Type: Heap-use-after-free READ 4 Crash Address: 0x613000000040...

6.7AI score
Exploits0Affected Software1
ossfuzz
ossfuzzadded 2018/01/20 7:30 a.m.19 views

mupdf/pdf_fuzzer: Heap-use-after-free in fz_drop_key_storable

Project: git://git.ghostscript.com/mupdf.git Detailed report: https://oss-fuzz.com/testcase?key=4834102571171840 Project: mupdf Fuzzer: aflmupdfpdffuzzer Fuzz target binary: pdffuzzer Job Type: aflasanmupdf Platform Id: linux Crash Type: Heap-use-after-free READ 4 Crash Address: 0x613000000040...

6.7AI score
Exploits0Affected Software1
ossfuzz
ossfuzzadded 2018/01/19 10:28 p.m.12 views

mupdf/pdf_fuzzer: Use-of-uninitialized-value in pdf_load_version

Project: git://git.ghostscript.com/mupdf.git Detailed report: https://oss-fuzz.com/testcase?key=5408498344001536 Project: mupdf Fuzzer: libFuzzermupdfpdffuzzer Fuzz target binary: pdffuzzer Job Type: libfuzzermsanmupdf Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash...

6.7AI score
Exploits0Affected Software1
ossfuzz
ossfuzzadded 2018/01/19 10:26 p.m.11 views

mupdf/pdf_fuzzer: Stack-buffer-overflow in pdf_lookup_cmap_full

Project: git://git.ghostscript.com/mupdf.git Detailed report: https://oss-fuzz.com/testcase?key=5267574158786560 Project: mupdf Fuzzer: aflmupdfpdffuzzer Fuzz target binary: pdffuzzer Job Type: aflasanmupdf Platform Id: linux Crash Type: Stack-buffer-overflow WRITE 4 Crash Address: 0x7f86eb165ec0...

6.7AI score
Exploits0Affected Software1
ossfuzz
ossfuzzadded 2018/01/19 10:20 p.m.12 views

mupdf/pdf_fuzzer: Heap-use-after-free in add_range

Project: git://git.ghostscript.com/mupdf.git Detailed report: https://oss-fuzz.com/testcase?key=4932211972243456 Project: mupdf Fuzzer: aflmupdfpdffuzzer Fuzz target binary: pdffuzzer Job Type: aflasanmupdf Platform Id: linux Crash Type: Heap-use-after-free READ 4 Crash Address: 0x623000006ce8...

6.7AI score
Exploits0Affected Software1
Tenable Nessus
Tenable Nessusadded 2018/01/17 12:0 a.m.31 views

Fedora 26 : mupdf (2017-d1213cef30)

rebase to 1.12 CVE-2017-17866 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 ...

7.8CVSS7.4AI score0.01579EPSS
Exploits0References2
Rows per page
Query Builder