CVE-2017-17858

Name of the Vulnerable Software and Affected Versions: Artifex MuPDF version 1.12.0

Description: A heap-based buffer overflow issue exists in the ensure solid xref function, located in pdf/pdf-xref.c, which can be exploited by a remote attacker using a crafted PDF file. This is due to the lack of restrictions on xref subsection object numbers, potentially allowing the execution of arbitrary code.

Recommendations: For Artifex MuPDF version 1.12.0, consider updating to a newer version that addresses this issue, as using a crafted PDF file could lead to arbitrary code execution. As a temporary workaround, consider restricting the use of crafted PDF files until a patch is available.