CVE-2018-19882

Published: Dec 6, 2018

Modified: Sep 12, 2024

PUBLISHED

Description

In Artifex MuPDF 1.14.0, the svg_run_image function in svg/svg-run.c allows remote attackers to cause a denial of service (href_att NULL pointer dereference and application crash) via a crafted svg file, as demonstrated by mupdf-gl.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://bugs.ghostscript.com/show_bug.cgi?id=700342

https://github.com/TeamSeri0us/pocs/tree/master/mupdf/20181203

FEDORA-2019-befe3bd225

vendor-advisory

FEDORA-2019-15af6a9a07

vendor-advisory

http://www.ghostscript.com/cgi-bin/findgit.cgi?a7f7d91cdff8d303c11d458fa8b802776f73c8cc

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-19882

Description

Affected Products

References