In MuPDF 1.13.0, there is an infinite loop in the fz_skip_space function of the pdf/pdf-xref.c file. A remote adversary could leverage this vulnerability to cause a denial of service via a crafted pdf file.
References
Link | Resource |
---|---|
https://bugs.ghostscript.com/show_bug.cgi?id=699271 | Exploit Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html | Mailing List Third Party Advisory |
Configurations
History
14 Dec 2021, 21:46
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html - Mailing List, Third Party Advisory |
24 Sep 2021, 00:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2018-04-22 05:29
Updated : 2023-12-10 12:30
NVD link : CVE-2018-10289
Mitre link : CVE-2018-10289
CVE.ORG link : CVE-2018-10289
JSON object : View
Products Affected
artifex
- mupdf
debian
- debian_linux
CWE
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')