CVE-2018-1000038 - OpenCVE

In MuPDF 1.12.0 and earlier, a stack buffer overflow in function pdf_lookup_cmap_full in pdf/pdf-cmap.c could allow an attacker to execute arbitrary code via a crafted file.

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Artifex	Mupdf

Configuration 1 [-]

cpe:2.3:a:artifex:mupdf:*:*:*:*:*:*:*:*

References

Link	Resource
http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=71ceebcf56e682504da22c4035b39a2d451e8ffd%3Bhp=7f82c01523505052615492f8e220f4348ba46995
http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=f597300439e62f5e921f0d7b1e880b5c1a1f1607%3Bhp=093fc3b098dc5fadef5d8ad4b225db9fb124758b
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5494	Exploit Issue Tracking Patch Third Party Advisory
https://security.gentoo.org/glsa/201811-15	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2018-05-24T13:00:00

Updated: 2018-11-27T10:57:01

Reserved: 2018-02-02T00:00:00

Link: CVE-2018-1000038

JSON object: View

NVD Information

Status : Modified

Published: 2018-05-24T13:29:00.667

Modified: 2023-11-07T02:51:08.783

Link: CVE-2018-1000038

JSON object: View

Redhat Information

No data.

CWE

CWE-787

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "dateAssigned": "2018-05-18T00:00:00", "datePublic": "2018-05-24T00:00:00", "descriptions": [{"lang": "en", "value": "In MuPDF 1.12.0 and earlier, a stack buffer overflow in function pdf_lookup_cmap_full in pdf/pdf-cmap.c could allow an attacker to execute arbitrary code via a crafted file."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-11-27T10:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "GLSA-201811-15", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201811-15"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=71ceebcf56e682504da22c4035b39a2d451e8ffd%3Bhp=7f82c01523505052615492f8e220f4348ba46995"}, {"tags": ["x_refsource_MISC"], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5494"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=f597300439e62f5e921f0d7b1e880b5c1a1f1607%3Bhp=093fc3b098dc5fadef5d8ad4b225db9fb124758b"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "DATE_ASSIGNED": "2018-05-18T21:46:02.312797", "DATE_REQUESTED": "2018-02-02T00:00:00", "ID": "CVE-2018-1000038", "REQUESTER": "jonathan@titanous.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In MuPDF 1.12.0 and earlier, a stack buffer overflow in function pdf_lookup_cmap_full in pdf/pdf-cmap.c could allow an attacker to execute arbitrary code via a crafted file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "GLSA-201811-15", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201811-15"}, {"name": "http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=71ceebcf56e682504da22c4035b39a2d451e8ffd;hp=7f82c01523505052615492f8e220f4348ba46995", "refsource": "CONFIRM", "url": "http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=71ceebcf56e682504da22c4035b39a2d451e8ffd;hp=7f82c01523505052615492f8e220f4348ba46995"}, {"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5494", "refsource": "MISC", "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5494"}, {"name": "http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=f597300439e62f5e921f0d7b1e880b5c1a1f1607;hp=093fc3b098dc5fadef5d8ad4b225db9fb124758b", "refsource": "CONFIRM", "url": "http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=f597300439e62f5e921f0d7b1e880b5c1a1f1607;hp=093fc3b098dc5fadef5d8ad4b225db9fb124758b"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-1000038", "datePublished": "2018-05-24T13:00:00", "dateReserved": "2018-02-02T00:00:00", "dateUpdated": "2018-11-27T10:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:artifex:mupdf:*:*:*:*:*:*:*:*", "matchCriteriaId": "98C162E1-CD83-4DF5-92FD-938F0CCDA53E", "versionEndIncluding": "1.12.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In MuPDF 1.12.0 and earlier, a stack buffer overflow in function pdf_lookup_cmap_full in pdf/pdf-cmap.c could allow an attacker to execute arbitrary code via a crafted file."}, {"lang": "es", "value": "En MuPDF 1.12.0 y anteriores, un desbordamiento de b\u00fafer basado en pila en la funci\u00f3n pdf_lookup_cmap_full en pdf/pdf-cmap.c podr\u00eda permitir que un atacante ejecute c\u00f3digo arbitrario mediante un archivo manipulado."}], "id": "CVE-2018-1000038", "lastModified": "2023-11-07T02:51:08.783", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-05-24T13:29:00.667", "references": [{"source": "cve@mitre.org", "url": "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=71ceebcf56e682504da22c4035b39a2d451e8ffd%3Bhp=7f82c01523505052615492f8e220f4348ba46995"}, {"source": "cve@mitre.org", "url": "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=f597300439e62f5e921f0d7b1e880b5c1a1f1607%3Bhp=093fc3b098dc5fadef5d8ad4b225db9fb124758b"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5494"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/201811-15"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}