CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-6131
https://notcve.org/view.php?id=CVE-2019-6131
svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack consumption in svg_run_use_symbol, svg_run_element, and svg_run_use, as demonstrated by mutool. svg-run.c en Artifex MuPDF 1.14.0 tiene una recursión infinita con consumo de pila en svg_run_use_symbol, svg_run_element y svg_run_use, tal y como queda demostrado con mutool. • http://www.securityfocus.com/bid/106558 https://bugs.ghostscript.com/show_bug.cgi?id=700442 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNJNEX5EW6YH5OARXXSSXW4HHC5PIBSY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SEK2EHVNREJ7XZMFF2MXRWKIF4IBHPNE https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=c8f7e48ff74720a5e984ae19d978a5ab4d5dde5b • CWE-674: Uncontrolled Recursion •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-19478
https://notcve.org/view.php?id=CVE-2018-19478
In Artifex Ghostscript before 9.26, a carefully crafted PDF file can trigger an extremely long running computation when parsing the file. En las versiones anteriores de la 9.26 de Artifex Ghostscript, un archivo PDF especialmente manipulado puede provocar un cálculo de ejecución extremadamente largo al analizar el archivo. • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=0a7e5a1c309fa0911b892fa40996a7d55d90bace http://www.securityfocus.com/bid/106445 https://bugs.ghostscript.com/show_bug.cgi?id=699856 https://bugzilla.redhat.com/show_bug.cgi?id=1655607 https://lists.debian.org/debian-lts-announce/2018/12/msg00019.html https://www.ghostscript.com/doc/9.26/History9.htm • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 1CVE-2018-19134 – ghostscript: Type confusion in setpattern (700141)
https://notcve.org/view.php?id=CVE-2018-19134
In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of the Ghostscript process. This is a type confusion issue because of failure to check whether the Implementation of a pattern dictionary was a structure type. En Artifex Ghostscript hasta la versión 9.25, el operador setpattern no validaba ciertos tipos correctamente. Un documento PostScript especialmente manipulado podría explotar esto para provocar el cierre inesperado de Ghostscript o ejecutar código arbitrario en el contexto del proceso Ghostscript. • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=693baf02152119af6e6afd30bb8ec76d14f84bbf http://www.securityfocus.com/bid/106278 https://access.redhat.com/errata/RHSA-2018:3834 https://bugs.ghostscript.com/show_bug.cgi?id=700141 https://lists.debian.org/debian-lts-announce/2018/12/msg00019.html https://semmle.com/news/semmle-discovers-severe-vulnerability-ghostscript-postscript-pdf https://www.ghostscript.com/doc/9.26/News.htm https://access.redhat.com/security/cve/CVE-2018-19134 htt • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-19881
https://notcve.org/view.php?id=CVE-2018-19881
In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote attackers to cause a denial of service (recursive calls followed by a fitz/xml.c fz_xml_att crash from excessive stack consumption) via a crafted svg file, as demonstrated by mupdf-gl. En Artifex MuPDF 1.14.0, svg/svg-run.c permite que atacantes remotos provoquen una denegación de servicio (llamadas recursivas seguidas por un cierre inesperado de fz_xml_att en fitz/xml.c debido al consumo excesivo de pila) mediante un archivo svg manipulado, tal y como queda demostrado por mupdf-gl. • https://bugs.ghostscript.com/show_bug.cgi?id=700342 https://github.com/TeamSeri0us/pocs/tree/master/mupdf/20181203 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNJNEX5EW6YH5OARXXSSXW4HHC5PIBSY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SEK2EHVNREJ7XZMFF2MXRWKIF4IBHPNE https://bugs.ghostscript.com/show_bug.cgi?id=700442 https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=c8f7e48ff74720a5e984ae19d978a5ab4d5dde5b • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-19882
https://notcve.org/view.php?id=CVE-2018-19882
In Artifex MuPDF 1.14.0, the svg_run_image function in svg/svg-run.c allows remote attackers to cause a denial of service (href_att NULL pointer dereference and application crash) via a crafted svg file, as demonstrated by mupdf-gl. En Artifex MuPDF 1.14.0, la función svg_run_image en svg/svg-run.c permite que atacantes remotos provoquen una denegación de servicio (desreferencia de puntero NULL de href_att y cierre inesperado de la aplicación) mediante un archivo svg manipulado, tal y como queda demostrado con mupdf-gl. • https://bugs.ghostscript.com/show_bug.cgi?id=700342 https://github.com/TeamSeri0us/pocs/tree/master/mupdf/20181203 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNJNEX5EW6YH5OARXXSSXW4HHC5PIBSY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SEK2EHVNREJ7XZMFF2MXRWKIF4IBHPNE http://www.ghostscript.com/cgi-bin/findgit.cgi?a7f7d91cdff8d303c11d458fa8b802776f73c8cc • CWE-476: NULL Pointer Dereference •