AVG-218 log
| Package | mupdf |
| Status | Not affected |
| Severity | High |
| Type | arbitrary code execution |
| Affected | 1.10_a-2 |
| Fixed | Not affected |
| Current | 1.24.11-1 [extra] |
| Ticket | None |
| Created | Wed Mar 15 17:10:11 2017 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2017-6060 | High | No | Arbitrary code execution | A stack-based buffer overflow has been discovered in jstest_main.c in mujstest in Artifex Software, Inc. MuPDF 1.10a that allows remote attackers to case a... |
| References |
|---|
https://bugs.ghostscript.com/show_bug.cgi?id=697551 https://blogs.gentoo.org/ago/2017/02/17/mupdf-mujstest-stack-based-buffer-overflow-in-main-jstest_main-c/ |
| Notes |
|---|
The jstest binary is not included in the file package, therefor this issue does not affect the mupdf package even if jstest_main.c is compiled during build time. |