PT-2018-15091 · Artifex · Artifex Mupdf+1

Fish@360Teamseri0Us

Publicado

2018-11-30

Atualizado

2024-09-12

CVE-2018-19777

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Artifex MuPDF version 1.14.0

Description The issue is related to an infinite loop in the svg dev end tile function, located in the fitz/svg-device.c file. This was demonstrated using the mutool utility.

Recommendations For Artifex MuPDF version 1.14.0, consider applying a patch to fix the infinite loop in the svg dev end tile function as a permanent solution. As a temporary workaround, restrict the use of the svg dev end tile function to prevent potential exploitation.

Exploit

Correção

Infinite Loop

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-835

Identificadores relacionados

CVE-2018-19777

Produtos afetados

Artifex Mupdf

Mutool

PT-2018-15091 · Artifex · Artifex Mupdf+1

CVE-2018-19777

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 10