QwikSec

Security Database

CVE

CWE

Training

CVE-2018-5686

Published: Jan 14, 2018

Modified: Sep 12, 2024

PUBLISHED

Description

In MuPDF 1.12.0, there is an infinite loop vulnerability and application hang in the pdf_parse_array function (pdf/pdf-parse.c) because EOF is not considered. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://bugs.ghostscript.com/show_bug.cgi?id=698860

vendor-advisory

vendor-advisory

[debian-lts-announce] 20190628 [SECURITY] [DLA 1838-1] mupdf security update

mailing-list

https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=b70eb93f6936c03d8af52040bbca4d4a7db39079

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.