Use After Free Vulnerability in Artifex Mupdf 1.12.0: Potential DOS and Code Execution via Crafted PDF

Use After Free Vulnerability in Artifex Mupdf 1.12.0: Potential DOS and Code Execution via Crafted PDF

CVE-2018-1000051 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability in fz_keep_key_storable that can result in DOS / Possible code execution. This attack appear to be exploitable via Victim opens a specially crafted PDF.

Learn more about our Web Application Penetration Testing UK.