PT-2019-17969 · Artifex · Artifex Mupdf

Zerokeeper

Publicado

2019-01-11

Atualizado

2024-09-11

CVE-2019-6131

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Artifex MuPDF version 1.14.0

Description The issue is related to infinite recursion with stack consumption in the svg run use symbol, svg run element, and svg run use functions in the svg-run.c file. This can be demonstrated using mutool.

Recommendations For Artifex MuPDF version 1.14.0, consider disabling the svg run use symbol, svg run element, and svg run use functions as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Uncontrolled Recursion

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-674

Identificadores relacionados

CVE-2019-6131

Produtos afetados

Artifex Mupdf

PT-2019-17969 · Artifex · Artifex Mupdf

CVE-2019-6131

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 14