| Severity |
|
| Remote |
|
| Type |
| + |
Arbitrary code execution |
|
| Description |
| + |
A stack-based buffer overflow has been discovered in jstest_main.c in mujstest in Artifex Software, Inc. MuPDF 1.10a that allows remote attackers to case a denial of service or possibly execute arbitrary code via a specially crafted image. |
|
| References |
| + |
http://www.openwall.com/lists/oss-security/2017/02/18/1 |
| + |
https://bugs.ghostscript.com/show_bug.cgi?id=697551 |
| + |
https://blogs.gentoo.org/ago/2017/02/17/mupdf-mujstest-stack-based-buffer-overflow-in-main-jstest_main-c/ |
|
| Notes |
| + |
Only affects the optional mujstest binary |
|