In MuPDF 1.12.0, there is an infinite loop vulnerability and application hang in the pdf_parse_array function (pdf/pdf-parse.c) because EOF is not considered. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file.
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Mupdf | Artifex | 1.12.0 (including) | 1.12.0 (including) |
Mupdf | Ubuntu | artful | * |
Mupdf | Ubuntu | bionic | * |
Mupdf | Ubuntu | cosmic | * |
Mupdf | Ubuntu | esm-apps/bionic | * |
Mupdf | Ubuntu | esm-apps/xenial | * |
Mupdf | Ubuntu | trusty | * |
Mupdf | Ubuntu | upstream | * |
Mupdf | Ubuntu | xenial | * |