CVE-2017-5991

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Artifex MuPDF versions prior to 1912de5f08e90af1d9d0a9791f58ba3afdb9d465 Artifex MuPDF versions prior to 1.11

Description An issue was discovered in the pdf run xobject function in pdf-op-run.c, which encounters a NULL pointer dereference during a Fitz fz paint pixmap with mask painting operation.

Recommendations For versions prior to 1912de5f08e90af1d9d0a9791f58ba3afdb9d465, consider updating to a version that includes the fix for this issue. For versions prior to 1.11, consider updating to version 1.11 or later, as these versions are unaffected by this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability, other than updating to version 1.11 or later.

Exploit

Fix

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALT-PU-2018-2415

ALT-PU-2020-3475

ALT-PU-2020-3484

ALT-PU-2024-9899

CVE-2017-5991

DSA-3797-1

MGASA-2017-0479

Affected Products

Alt Linux

Mupdf

CVE-2017-5991

Weakness Enumeration

Related Identifiers

Affected Products

References · 77