AVG-476 log

Package zathura-pdf-mupdf
Status Fixed
Severity High
Type arbitrary code execution
Affected 0.3.1-3
Fixed 0.3.1-4
Current 0.4.4-10 [extra-testing]
0.4.4-6 [extra]
Ticket None
Created Wed Nov 1 23:07:24 2017
Issue Severity Remote Type Description
CVE-2017-15587 High No Arbitrary code execution
An integer overflow leading to an out-of-bounds wrte has been found in mupdf <= 1.11. The parsing of a crafted PDF might allow an attacker to write...
CVE-2017-14687 High No Arbitrary code execution
Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file. This occurs because of...
CVE-2017-14686 High No Arbitrary code execution
Artifex MuPDF 1.11 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file. This occurs because read_zip_dir_imp in...
CVE-2017-14685 High No Arbitrary code execution
Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file. This occurs because...
Date Advisory Package Type
01 Nov 2017 ASA-201711-5 zathura-pdf-mupdf arbitrary code execution