2 matches found
CVE-2019-14975
Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fzchartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string...
CVE-2019-14975
Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fz_chartorune (fitz/string.c) due to missing string validation in pdf-op-filter.c. Affected: MuPDF versions prior to 1.16.0. Impact: potential memory read/write issues; CVEs show elevated severity. Mitigation: upgrade to MuPDF 1.16....