FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-27 18:04:16 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
47157c14-9013-11e6-a590-14dae9d210b8mupdf -- multiple vulnerabilities

Tobias Kortkamp reports:

Heap-based buffer overflow in the pdf_load_mesh_params function in pdf/pdf-shade.c in MuPDF allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a large decode array.

Use-after-free vulnerability in the pdf_load_xref function in pdf/pdf-xref.c in MuPDF allows remote attackers to cause a denial of service (crash) via a crafted PDF file.


Discovery 2016-08-27
Entry 2016-10-12
Modified 2016-10-18
mupdf
< 1.9a_1,1

llpp
< 22_2

zathura-pdf-mupdf
< 0.3.0_2

http://openbsd-archive.7691.n7.nabble.com/mupdf-CVE-2016-6525-amp-CVE-2016-6265-td302904.html
http://bugs.ghostscript.com/show_bug.cgi?id=696941
http://bugs.ghostscript.com/show_bug.cgi?id=696954
CVE-2016-6525
CVE-2016-6265
ports/212207