CVE-2016-8674: Use After Free
First published: Mon Oct 17 2016(Updated: )
An use-after-free vulnerability was found in mupdf pdf_to_num. A maliciously created file could cause the application to crash. Upstream bugs: <a href="http://bugs.ghostscript.com/show_bug.cgi?id=697015">http://bugs.ghostscript.com/show_bug.cgi?id=697015</a> <a href="http://bugs.ghostscript.com/show_bug.cgi?id=697019">http://bugs.ghostscript.com/show_bug.cgi?id=697019</a> Upstream patch: <a href="http://git.ghostscript.com/?p=mupdf.git;h=1e03c06456d997435019fb3526fa2d4be7dbc6ec">http://git.ghostscript.com/?p=mupdf.git;h=1e03c06456d997435019fb3526fa2d4be7dbc6ec</a> References: <a href="http://seclists.org/oss-sec/2016/q4/149">http://seclists.org/oss-sec/2016/q4/149</a> <a href="https://blogs.gentoo.org/ago/2016/09/22/mupdf-use-after-free-in-pdf_to_num-pdf-object-c/">https://blogs.gentoo.org/ago/2016/09/22/mupdf-use-after-free-in-pdf_to_num-pdf-object-c/</a>
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Artifex Software MuPDF | <=1.9a |
Remedy
http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=1e03c06456d997435019fb3526fa2d4be7dbc6ec
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://bugs.ghostscript.com/show_bug.cgi?id=697015
- http://bugs.ghostscript.com/show_bug.cgi?id=697019
- http://git.ghostscript.com/?p=mupdf.git;h=1e03c06456d997435019fb3526fa2d4be7dbc6ec
- http://seclists.org/oss-sec/2016/q4/149
- https://blogs.gentoo.org/ago/2016/09/22/mupdf-use-after-free-in-pdf_to_num-pdf-object-c/
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1363695
- https://bugzilla.redhat.com/show_bug.cgi?id=1385685
- http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=1e03c06456d997435019fb3526fa2d4be7dbc6ec
- http://www.debian.org/security/2017/dsa-3797
- http://www.openwall.com/lists/oss-security/2016/10/16/8
- http://www.securityfocus.com/bid/93127
- https://bugs.ghostscript.com/show_bug.cgi?id=697015
- https://bugs.ghostscript.com/show_bug.cgi?id=697019
- http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=1e03c06456d997435019fb3526fa2d4be7dbc6ec
Frequently Asked Questions
What is the severity of CVE-2016-8674?
CVE-2016-8674 is considered a high severity vulnerability due to its potential for application crashes.
How do I fix CVE-2016-8674?
To fix CVE-2016-8674, update to a version of MuPDF that is higher than 1.9a, as later versions contain patches.
What causes the CVE-2016-8674 vulnerability?
CVE-2016-8674 is caused by a use-after-free error in the pdf_to_num function within MuPDF.
What kind of attack vector is associated with CVE-2016-8674?
The attack vector for CVE-2016-8674 involves a maliciously crafted PDF file that can exploit the vulnerability.
Is CVE-2016-8674 present in all versions of MuPDF?
CVE-2016-8674 is present in MuPDF versions up to and including 1.9a; later versions are not affected.
- agent/type
- agent/remedy
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/severity
- agent/references
- agent/description
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2016-8674
- agent/weakness
- agent/trending
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/artifex
- canonical/artifex software mupdf
- version/artifex software mupdf/1.9a