CVE-2018-1000039 - OpenCVE

In MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an attacker to execute arbitrary code, read memory, or cause a denial of service via a crafted file.

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Artifex	Mupdf

Configuration 1 [-]

cpe:2.3:a:artifex:mupdf:*:*:*:*:*:*:*:*

References

Link	Resource
http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=4dcc6affe04368461310a21238f7e1871a752a05%3Bhp=8ec561d1bccc46e9db40a9f61310cd8b3763914e
http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=71ceebcf56e682504da22c4035b39a2d451e8ffd%3Bhp=7f82c01523505052615492f8e220f4348ba46995
http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=f597300439e62f5e921f0d7b1e880b5c1a1f1607%3Bhp=093fc3b098dc5fadef5d8ad4b225db9fb124758b
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5492	Exploit Issue Tracking Patch Third Party Advisory
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5513	Exploit Issue Tracking Patch Third Party Advisory
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5521	Exploit Issue Tracking Patch Third Party Advisory
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5604	Exploit Issue Tracking Third Party Advisory
https://security.gentoo.org/glsa/201811-15	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2018-05-24T13:00:00

Updated: 2018-11-27T10:57:01

Reserved: 2018-02-02T00:00:00

Link: CVE-2018-1000039

JSON object: View

NVD Information

Status : Modified

Published: 2018-05-24T13:29:00.807

Modified: 2023-11-07T02:51:08.847

Link: CVE-2018-1000039

JSON object: View

Redhat Information

No data.

CWE

CWE-416

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "dateAssigned": "2018-05-18T00:00:00", "datePublic": "2018-02-24T00:00:00", "descriptions": [{"lang": "en", "value": "In MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an attacker to execute arbitrary code, read memory, or cause a denial of service via a crafted file."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-11-27T10:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "GLSA-201811-15", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201811-15"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=4dcc6affe04368461310a21238f7e1871a752a05%3Bhp=8ec561d1bccc46e9db40a9f61310cd8b3763914e"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=71ceebcf56e682504da22c4035b39a2d451e8ffd%3Bhp=7f82c01523505052615492f8e220f4348ba46995"}, {"tags": ["x_refsource_MISC"], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5492"}, {"tags": ["x_refsource_MISC"], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5521"}, {"tags": ["x_refsource_MISC"], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5604"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=f597300439e62f5e921f0d7b1e880b5c1a1f1607%3Bhp=093fc3b098dc5fadef5d8ad4b225db9fb124758b"}, {"tags": ["x_refsource_MISC"], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5513"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "DATE_ASSIGNED": "2018-05-18T21:46:02.313891", "DATE_REQUESTED": "2018-02-02T00:00:00", "ID": "CVE-2018-1000039", "REQUESTER": "jonathan@titanous.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an attacker to execute arbitrary code, read memory, or cause a denial of service via a crafted file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "GLSA-201811-15", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201811-15"}, {"name": "http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=4dcc6affe04368461310a21238f7e1871a752a05;hp=8ec561d1bccc46e9db40a9f61310cd8b3763914e", "refsource": "CONFIRM", "url": "http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=4dcc6affe04368461310a21238f7e1871a752a05;hp=8ec561d1bccc46e9db40a9f61310cd8b3763914e"}, {"name": "http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=71ceebcf56e682504da22c4035b39a2d451e8ffd;hp=7f82c01523505052615492f8e220f4348ba46995", "refsource": "CONFIRM", "url": "http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=71ceebcf56e682504da22c4035b39a2d451e8ffd;hp=7f82c01523505052615492f8e220f4348ba46995"}, {"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5492", "refsource": "MISC", "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5492"}, {"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5521", "refsource": "MISC", "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5521"}, {"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5604", "refsource": "MISC", "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5604"}, {"name": "http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=f597300439e62f5e921f0d7b1e880b5c1a1f1607;hp=093fc3b098dc5fadef5d8ad4b225db9fb124758b", "refsource": "CONFIRM", "url": "http://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=f597300439e62f5e921f0d7b1e880b5c1a1f1607;hp=093fc3b098dc5fadef5d8ad4b225db9fb124758b"}, {"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5513", "refsource": "MISC", "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5513"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-1000039", "datePublished": "2018-05-24T13:00:00", "dateReserved": "2018-02-02T00:00:00", "dateUpdated": "2018-11-27T10:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:artifex:mupdf:*:*:*:*:*:*:*:*", "matchCriteriaId": "98C162E1-CD83-4DF5-92FD-938F0CCDA53E", "versionEndIncluding": "1.12.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an attacker to execute arbitrary code, read memory, or cause a denial of service via a crafted file."}, {"lang": "es", "value": "En MuPDF 1.12.0 y anteriores, m\u00faltiples errores de uso de memoria din\u00e1mica (heap) previamente liberada en el analizador PDF podr\u00edan permitir que un atacante ejecute c\u00f3digo arbitrario, lea memoria o provoque una denegaci\u00f3n de servicio (DoS) mediante un archivo manipulado."}], "id": "CVE-2018-1000039", "lastModified": "2023-11-07T02:51:08.847", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-05-24T13:29:00.807", "references": [{"source": "cve@mitre.org", "url": "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=4dcc6affe04368461310a21238f7e1871a752a05%3Bhp=8ec561d1bccc46e9db40a9f61310cd8b3763914e"}, {"source": "cve@mitre.org", "url": "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=71ceebcf56e682504da22c4035b39a2d451e8ffd%3Bhp=7f82c01523505052615492f8e220f4348ba46995"}, {"source": "cve@mitre.org", "url": "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=f597300439e62f5e921f0d7b1e880b5c1a1f1607%3Bhp=093fc3b098dc5fadef5d8ad4b225db9fb124758b"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5492"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5513"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5521"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5604"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/201811-15"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "nvd@nist.gov", "type": "Primary"}]}