Lucene search

Veracode Vulnerability DatabaseVERACODE:28433

HistoryDec 06, 2020 - 4:35 a.m.

Denial Of Service (DoS)

2020-12-0604:35:24

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

mupdf

vulnerability

denial of service

null pointer

dereference

pdf-op-run.c

fz_paint_pixmap_with_mask

painting operation

EPSS

0.026

Percentile

90.5%

JSON

mupdf is vulnerable to denial of service. A NULL pointer dereference in the pdf_run_xobject function in pdf-op-run.c during a Fitz fz_paint_pixmap_with_mask painting operation allows an attacker to crash the application.

References

git.ghostscript.com/?p=mupdf.git;h=1912de5f08e90af1d9d0a9791f58ba3afdb9d465

www.debian.org/security/2017/dsa-3797

www.securityfocus.com/bid/96213

bugs.ghostscript.com/show_bug.cgi?id=697500

security-tracker.debian.org/tracker/CVE-2017-5991

security.gentoo.org/glsa/201706-08

www.exploit-db.com/exploits/42138/

EPSS

0.026

Percentile

90.5%

JSON

Related for VERACODE:28433