diff options
author | delphij <delphij@FreeBSD.org> | 2011-02-12 03:59:48 +0800 |
---|---|---|
committer | delphij <delphij@FreeBSD.org> | 2011-02-12 03:59:48 +0800 |
commit | 6c6fb41edbffbc7abb60ced2dc49bb0a7bc82c58 (patch) | |
tree | c93fc560c1211f6d2164549e6e76dffdca5d7466 | |
parent | 10ea0d7a4fa493d4d7931c5590cb4a5f0788f05e (diff) | |
download | freebsd-ports-gnome-6c6fb41edbffbc7abb60ced2dc49bb0a7bc82c58.tar.gz freebsd-ports-gnome-6c6fb41edbffbc7abb60ced2dc49bb0a7bc82c58.tar.zst freebsd-ports-gnome-6c6fb41edbffbc7abb60ced2dc49bb0a7bc82c58.zip |
Document mupdf PDF handling remote code execution vulnerability.
Submitted by: Tim Zingelman <tez netbsd.org>
-rw-r--r-- | security/vuxml/vuln.xml | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 762ecee1ccce..fda9bf3d8379 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,36 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="53bde960-356b-11e0-8e81-0022190034c0"> + <topic>mupdf -- Remote System Access</topic> + <affects> + <package> + <name>mupdf</name> + <range><gt>0</gt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Secunia reports:</p> + <blockquote cite="http://secunia.com/advisories/43020/"> + <p>The vulnerability is caused due to an error within the + "closedctd()" function in fitz/filt_dctd.c when processing PDF + files containing certain malformed JPEG images. This can be + exploited to cause a stack corruption by e.g. tricking a user + into opening a specially crafted PDF file.</p> + </blockquote> + </body> + </description> + <references> + <bid>46027</bid> + <url>http://secunia.com/advisories/43020/</url> + </references> + <dates> + <discovery>2011-01-26</discovery> + <entry>2011-02-10</entry> + </dates> + </vuln> + <vuln vid="1cae628c-3569-11e0-8e81-0022190034c0"> <topic>rubygem-mail -- Remote Arbitrary Shell Command Injection Vulnerability</topic> <affects> |