CVE-2020-6074

Nitro Pro 13.9.1.155’s PDF parser is affected by a use-after-free in nested pages processing that can lead to heap corruption and potentially remote code execution. The vulnerability arises during PDF parsing when allocating per-page buffers, with a path that frees a page object but does not clea...

CVE-2020-6074

An exploitable code execution vulnerability exists in the PDF parser of Nitro Pro 13.9.1.155. A specially crafted PDF document can cause a use-after-free which can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability...

UBUNTU-CVE-2020-3341

A vulnerability in the PDF archive parsing module in Clam AntiVirus ClamAV Software versions 0.101 - 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a stack buffer overflow read. An attacker could...

NagiosXI 5.6.11 Remote Command Execution

%PDF-1.5 %µµµµ 1 0 obj endobj 2 0 obj endobj 3 0 obj /ExtGState/XObject/ProcSet/PDF/Text/ImageB/ImageC/ImageI /Annots 8 0 R 9 0 R /MediaBox 0 0 595.32 841.92 /Contents 4 0 R/Group/Tabs/S/StructParents 0 endobj 4 0 obj stream xœµXëo›HÿnÉÿÃ|„J^Ø'lUUÊ£Tר‰Ý»žÒ...

openSUSE Security Update : clamav (openSUSE-2019-598)

This update for clamav to version 0.100.1 fixes the following issues: The following security vulnerabilities were addressed : - CVE-2018-0360: HWP integer overflow, infinite loop vulnerability bsc1101410 - CVE-2018-0361: PDF object length check, unreasonably long time to parse relatively small fi...

clamav/clamav_scanmap_PDF_fuzzer: Heap-buffer-overflow in pdf_nextobject

Detailed report: https://oss-fuzz.com/testcase?key=5654323172737024 Project: clamav Fuzzer: libFuzzerclamavscanmapPDFfuzzer Fuzz target binary: clamavscanmapPDFfuzzer Job Type: libfuzzerasanclamav Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address: 0x60a00009eddd Crash State...

SUSE SLED15 / SLES15 Security Update : clamav (SUSE-SU-2018:2230-1)

This update for clamav to version 0.100.1 fixes the following issues: The following security vulnerabilities were addressed : - CVE-2018-0360: HWP integer overflow, infinite loop vulnerability bsc1101410 - CVE-2018-0361: PDF object length check, unreasonably long time to parse relatively small fi...

SUSE SLES12 Security Update : clamav (SUSE-SU-2018:2323-2)

This update for clamav to version 0.100.1 fixes the following issues : The following security vulnerabilities were addressed : CVE-2018-0360: HWP integer overflow, infinite loop vulnerability bsc1101410 CVE-2018-0361: PDF object length check, unreasonably long time to parse relatively small file...

openSUSE Security Update : clamav (openSUSE-2018-889)

This update for clamav to version 0.100.1 fixes the following issues: The following security vulnerabilities were addressed : - CVE-2018-0360: HWP integer overflow, infinite loop vulnerability bsc1101410 - CVE-2018-0361: PDF object length check, unreasonably long time to parse relatively small fi...

Security update for clamav (moderate)

This update for clamav to version 0.100.1 fixes the following issues: The following security vulnerabilities were addressed: - CVE-2018-0360: HWP integer overflow, infinite loop vulnerability bsc1101410 - CVE-2018-0361: PDF object length check, unreasonably long time to parse relatively small fil...

SUSE SLES11 Security Update : clamav (SUSE-SU-2018:2232-1)

This update for clamav to version 0.100.1 fixes the following issues: The following security vulnerabilities were addressed : - CVE-2018-0360: HWP integer overflow, infinite loop vulnerability bsc1101410 - CVE-2018-0361: PDF object length check, unreasonably long time to parse relatively small fi...

Denial Of Service (DoS)

MuPDF is vulnerable to denial of service DoS. The attack can be launched because PDF parser has multiple reachable assertions which can be introduced by sending a malicious file...

Denial Of Service (DoS)

MuPDF is vulnerable to denial of service DoS. The attacker can launch the attack by sending a malicious file to the doscavengingmalloc in the PDF parser...

CVE-2018-1000040

In Artifex MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs in the PDF parser could allow an attacker to cause a denial of service crash or influence program flow via a crafted file...

CVE-2018-1000040

In Artifex MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs in the PDF parser could allow an attacker to cause a denial of service crash or influence program flow via a crafted file...

DEBIAN-CVE-2018-1000040

In Artifex MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs in the PDF parser could allow an attacker to cause a denial of service crash or influence program flow via a crafted file...

CVE-2018-1000040

In Artifex MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs in the PDF parser could allow an attacker to cause a denial of service crash or influence program flow via a crafted file...

CVE-2018-1000036

In Artifex MuPDF 1.12.0 and earlier, multiple memory leaks in the PDF parser allow an attacker to cause a denial of service memory leak via a crafted file...

CVE-2018-1000039

In Artifex MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an attacker to execute arbitrary code, read memory, or cause a denial of service via a crafted file...

CVE-2018-1000036

In Artifex MuPDF 1.12.0 and earlier, multiple memory leaks in the PDF parser allow an attacker to cause a denial of service memory leak via a crafted file...