CVE-2017-15369

Name of the Vulnerable Software and Affected Versions Artifex MuPDF versions prior to 2017-09-25

Description The issue arises from the build filter chain function in pdf/pdf-stream.c, which mishandles a specific case where a variable may reside in a register. This allows remote attackers to cause a denial of service, potentially leading to a use-after-free error of Fitz fz drop imp and an application crash, or possibly having other unspecified impacts, via a crafted PDF document.

Recommendations For versions prior to 2017-09-25, update to a version released after 2017-09-25 to resolve the issue.