An issue was discovered in Artifex MuPDF before 1912de5f08e90af1d9d0a9791f58ba3afdb9d465. The pdf_run_xobject function in pdf-op-run.c encounters a NULL pointer dereference during a Fitz fz_paint_pixmap_with_mask painting operation. Versions 1.11 and later are unaffected.
References
Link | Resource |
---|---|
http://git.ghostscript.com/?p=mupdf.git%3Bh=1912de5f08e90af1d9d0a9791f58ba3afdb9d465 | |
http://www.debian.org/security/2017/dsa-3797 | Third Party Advisory |
http://www.securityfocus.com/bid/96213 | Broken Link |
https://bugs.ghostscript.com/show_bug.cgi?id=697500 | Exploit Third Party Advisory |
https://security.gentoo.org/glsa/201706-08 | Third Party Advisory |
https://www.exploit-db.com/exploits/42138/ | Exploit Third Party Advisory VDB Entry |
Configurations
History
18 Apr 2022, 17:58
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) http://git.ghostscript.com/?p=mupdf.git;h=1912de5f08e90af1d9d0a9791f58ba3afdb9d465 - Mailing List, Third Party Advisory | |
References | (GENTOO) https://security.gentoo.org/glsa/201706-08 - Third Party Advisory | |
References | (BID) http://www.securityfocus.com/bid/96213 - Broken Link | |
References | (DEBIAN) http://www.debian.org/security/2017/dsa-3797 - Third Party Advisory | |
References | (EXPLOIT-DB) https://www.exploit-db.com/exploits/42138/ - Exploit, Third Party Advisory, VDB Entry | |
References | (CONFIRM) https://bugs.ghostscript.com/show_bug.cgi?id=697500 - Exploit, Third Party Advisory | |
CPE | cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* |
15 Oct 2021, 13:15
Type | Values Removed | Values Added |
---|---|---|
Summary | An issue was discovered in Artifex MuPDF before 1912de5f08e90af1d9d0a9791f58ba3afdb9d465. The pdf_run_xobject function in pdf-op-run.c encounters a NULL pointer dereference during a Fitz fz_paint_pixmap_with_mask painting operation. Versions 1.11 and later are unaffected. |
Information
Published : 2017-02-15 06:59
Updated : 2024-02-04 19:11
NVD link : CVE-2017-5991
Mitre link : CVE-2017-5991
CVE.ORG link : CVE-2017-5991
JSON object : View
Products Affected
debian
- debian_linux
artifex
- mupdf
CWE
CWE-476
NULL Pointer Dereference