Stack Buffer Overflow in MuPDF 1.12.0 and Earlier: Arbitrary Code Execution via Crafted File

Stack Buffer Overflow in MuPDF 1.12.0 and Earlier: Arbitrary Code Execution via Crafted File

CVE-2018-1000038 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

In MuPDF 1.12.0 and earlier, a stack buffer overflow in function pdf_lookup_cmap_full in pdf/pdf-cmap.c could allow an attacker to execute arbitrary code via a crafted file.

Learn more about our Web Application Penetration Testing UK.