SB2017060605 - Multiple vulnerabilities in MuPDF
Published: June 6, 2017 Updated: June 7, 2017
Security Bulletin ID
SB2017060605
CSH Severity
Low
Patch available
YES
Number of vulnerabilities
3
Exploitation vector
Remote access
Highest impact
Partial DoS
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 vulnerabilities.
1) Stack overflow (CVE-ID: CVE-2016-10221)
CWE-ID: CWE-121 - Stack-based buffer overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the count_entries() function in pdf-layer.c in MuPDF 1.10a. A remote attacker can create a specially crafted PDF file, trick the victim into opening it and crash, trigger stack overflow and crash the application.
2) Null pointer dereference (CVE-ID: CVE-2017-5991)
CWE-ID: CWE-476 - NULL Pointer Dereference
CVSSv4:
An issue was discovered in Artifex Software, Inc. MuPDF before 1912de5f08e90af1d9d0a9791f58ba3afdb9d465. The pdf_run_xobject function in pdf-op-run.c encounters a NULL pointer dereference during a Fitz fz_paint_pixmap_with_mask painting operation.
3) Stack-based buffer overflow (CVE-ID: CVE-2017-6060)
CWE-ID: CWE-121 - Stack-based buffer overflow
CVSSv4:
Stack-based buffer overflow in jstest_main.c in mujstest in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to have unspecified impact via a crafted image.
Remediation
Install update from vendor's website.