PT-2023-9300 · Mupdf+4 · Mupdf+4
Sebastian Rasmussen
·
Publicado
2023-12-26
·
Atualizado
2025-11-25
·
CVE-2023-51105
CVSS v2.0
7.8
Alta
| Vetor | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
MuPDF version 1.23.4
Description
A floating point exception vulnerability was discovered in the
bmp decompress rle4() function of MuPDF, related to a divide-by-zero error. This issue may allow a remote attacker to cause a denial of service.Recommendations
For MuPDF version 1.23.4, consider disabling the
bmp decompress rle4() function as a temporary workaround until a patch is available. Restrict access to the load-bmp.c module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
Divide By Zero
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Debian
Linuxmint
Mupdf
Red Os
Ubuntu