4 matches found
Fedora 24 : mujs (2017-624e2eeda0)
Security fix for CVE-2016-10132, CVE-2016-10133, CVE-2016-10141, CVE-2017-5627, CVE-2017-5628. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...
Fedora 25 : mujs (2017-dc6023e849)
Security fix for CVE-2016-10132, CVE-2016-10133, CVE-2016-10141, CVE-2017-5627, CVE-2017-5628. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...
openSUSE Security Update : mupdf (openSUSE-2017-271)
This update for mupdf fixes the following vulnerabilities : - CVE-2017-5627: Integer overflow in the mujs implementation boo1022503 - CVE-2017-5628: Integer overflow in the mujs implementation boo1022504 - CVE-2017-5896: heap overflow boo1023761, boo1024679 - NULL pointer dereference in dodrawpag...
CVE-2017-5628
CVE-2017-5628 affects Artifex MuJS prior to commit 8f62ea10a0af68e56d5c00720523ebcba13c2e6a. The MakeDay function in jsdate.c does not validate the month, leading to an integer overflow when parsing a specially crafted JavaScript file. This could impact robustness of parsing and, per the CVE desc...