PT-2018-15091 · Artifex · Artifex Mupdf+1
Fish@360Teamseri0Us
+1
·
Published
2018-11-30
·
Updated
2024-09-12
·
CVE-2018-19777
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Artifex MuPDF version 1.14.0
Description
The issue is related to an infinite loop in the
svg dev end tile function, located in the fitz/svg-device.c file. This was demonstrated using the mutool utility.Recommendations
For Artifex MuPDF version 1.14.0, consider applying a patch to fix the infinite loop in the
svg dev end tile function as a permanent solution. As a temporary workaround, restrict the use of the svg dev end tile function to prevent potential exploitation.Exploit
Fix
Infinite Loop
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Artifex Mupdf
Mutool