CVE-2017-7264

Name of the Vulnerable Software and Affected Versions Artifex MuPDF version 1.10a

Description The issue is related to a use-after-free vulnerability in the fz subsample pixmap function in fitz/pixmap.c. This vulnerability allows remote attackers to cause a denial of service, resulting in an application crash, or possibly have other unspecified impacts via a crafted document.

Recommendations For Artifex MuPDF version 1.10a, consider avoiding the use of the fz subsample pixmap function until a patch is available. As a temporary workaround, restrict the processing of crafted documents to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.