FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mupdf -- multiple vulnerabilities

Affected packages
mupdf < 1.9a_1,1
llpp < 22_2
zathura-pdf-mupdf < 0.3.0_2

Details

VuXML ID 47157c14-9013-11e6-a590-14dae9d210b8
Discovery 2016-08-27
Entry 2016-10-12
Modified 2016-10-18

Tobias Kortkamp reports:

Heap-based buffer overflow in the pdf_load_mesh_params function in pdf/pdf-shade.c in MuPDF allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a large decode array.

Use-after-free vulnerability in the pdf_load_xref function in pdf/pdf-xref.c in MuPDF allows remote attackers to cause a denial of service (crash) via a crafted PDF file.

References

CVE Name CVE-2016-6265
CVE Name CVE-2016-6525
FreeBSD PR ports/212207
URL http://bugs.ghostscript.com/show_bug.cgi?id=696941
URL http://bugs.ghostscript.com/show_bug.cgi?id=696954
URL http://openbsd-archive.7691.n7.nabble.com/mupdf-CVE-2016-6525-amp-CVE-2016-6265-td302904.html