Heap Out of Bounds Write Vulnerability in Fitz Library of MuPDF Renderer

Heap Out of Bounds Write Vulnerability in Fitz Library of MuPDF Renderer

CVE-2016-8728 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. A specially crafted PDF file can cause a out of bounds write resulting in heap metadata and sensitive process memory corruption leading to potential code execution. Victim needs to open the specially crafted file in a vulnerable reader in order to trigger this vulnerability.

Learn more about our Web Application Penetration Testing UK.