CVE-2017-6060 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	High
Remote	No
Type	Arbitrary code execution
Description	A stack-based buffer overflow has been discovered in jstest_main.c in mujstest in Artifex Software, Inc. MuPDF 1.10a that allows remote attackers to case a denial of service or possibly execute arbitrary code via a specially crafted image.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-666	mupdf-tools	1.10_a-2	1.12-1	High	Fixed
AVG-218	mupdf	1.10_a-2		High	Not affected

References
http://www.openwall.com/lists/oss-security/2017/02/18/1 https://bugs.ghostscript.com/show_bug.cgi?id=697551 https://blogs.gentoo.org/ago/2017/02/17/mupdf-mujstest-stack-based-buffer-overflow-in-main-jstest_main-c/

References

http://www.openwall.com/lists/oss-security/2017/02/18/1
https://bugs.ghostscript.com/show_bug.cgi?id=697551
https://blogs.gentoo.org/ago/2017/02/17/mupdf-mujstest-stack-based-buffer-overflow-in-main-jstest_main-c/

Notes
Only affects the optional mujstest binary