Christophe Devine

**Name of the Vulnerable Software and Affected Versions** MuPDF versions prior to commit 20091125231942 SumatraPDF versions prior to 1.0.1 **Description** The issue is related to multiple stack-based buffer overflows in the pdf shade4.c file. These overflows can be triggered by remote attackers via a /Decode array for certain types of shading that are not properly handled by the `pdf loadtype4shade`, `pdf loadtype5shade`, `pdf loadtype6shade`, and `pdf loadtype7shade` functions. This can cause a denial of service and possibly allow the execution of arbitrary code. **Recommendations** For MuPDF versions prior to commit 20091125231942, update to a version after commit 20091125231942 to resolve the issue. For SumatraPDF versions prior to 1.0.1, update to version 1.0.1 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `pdf loadtype4shade`, `pdf loadtype5shade`, `pdf loadtype6shade`, and `pdf loadtype7shade` functions until a patch is available.