CVE-2014-2013 – MuPDF 1.3 - 'xps_parse_color()' Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2014-2013
Stack-based buffer overflow in the xps_parse_color function in xps/xps-common.c in MuPDF 1.3 and earlier allows remote attackers to execute arbitrary code via a large number of entries in the ContextColor value of the Fill attribute in a Path element. Desbordamiento de buffer basado en pila en la función xps_parse_color en xps/xps-common.c en MuPDF 1.3 y anteriores permite a atacantes remotos ejecutar código arbitrario a través de un número grande de entradas en el valor ContextColor del atributo Fill en un elemento Path. • https://www.exploit-db.com/exploits/31090 http://bugs.ghostscript.com/show_bug.cgi?id=694957 http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=60dabde18d7fe12b19da8b509bdfee9cc886aafc http://lists.opensuse.org/opensuse-updates/2014-02/msg00088.html http://seclists.org/fulldisclosure/2014/Jan/130 http://seclists.org/oss-sec/2014/q1/375 http://secunia.com/advisories/58904 http://www.debian.org/security/2014/dsa-2951 http://www.exploit-db.com/exploits/31090 http://www. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •