CVE-2018-1000040
Summary
| CVE | CVE-2018-1000040 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2018-05-24 13:29:00 UTC |
|---|
| Updated | 2023-11-07 02:51:00 UTC |
|---|
| Description | In MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs in the PDF parser could allow an attacker to cause a denial of service (crash) or influence program flow via a crafted file. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| 5610 -
mupdf/pdf_fuzzer: Use-of-uninitialized-value in pdf_lex -
oss-fuzz -
Monorail |
MISC |
bugs.chromium.org |
Exploit, Issue Tracking |
| git.ghostscript.com Git - mupdf.git/commitdiff |
|
git.ghostscript.com |
|
| MuPDF: Multiple vulnerabilities (GLSA 201811-15) — Gentoo security |
GENTOO |
security.gentoo.org |
Third Party Advisory |
| Debian -- Security Information -- DSA-4334-1 mupdf |
DEBIAN |
www.debian.org |
Third Party Advisory |
| 5603 -
mupdf/pdf_fuzzer: Use-of-uninitialized-value in sfnt_open_font -
oss-fuzz -
Monorail |
MISC |
bugs.chromium.org |
Exploit, Issue Tracking |
| 5600 -
mupdf/pdf_fuzzer: Use-of-uninitialized-value in pdf_lex -
oss-fuzz -
Monorail |
MISC |
bugs.chromium.org |
Exploit, Issue Tracking |
| git.ghostscript.com Git - mupdf.git/commitdiff |
CONFIRM |
git.ghostscript.com |
Patch |
| 5596 -
mupdf/pdf_fuzzer: Use-of-uninitialized-value in fz_adjust_ft_glyph_width -
oss-fuzz -
Monorail |
MISC |
bugs.chromium.org |
Exploit, Issue Tracking |
| 5609 -
mupdf/pdf_fuzzer: Use-of-uninitialized-value in fz_drop_hash_table -
oss-fuzz -
Monorail |
MISC |
bugs.chromium.org |
Exploit, Issue Tracking, Patch, Third Party Advisory |
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 710282 Gentoo Linux MuPDF Multiple Vulnerabilities (GLSA 201811-15)
