CVE-2018-6544

Name of the Vulnerable Software and Affected Versions Artifex MuPDF version 1.12.0

Description The issue allows remote attackers to cause a denial of service via a crafted PDF document. This is due to the pdf load obj stm function in pdf/pdf-xref.c referencing the object stream recursively, which can lead to running out of error stack.

Recommendations For Artifex MuPDF version 1.12.0, consider updating to a newer version that addresses this issue, as no specific fix is provided for this version. As a temporary workaround, consider restricting the processing of crafted PDF documents to minimize the risk of exploitation.