CVE-2020-16600

CVE-2020-16600

Name

CVE-2020-16600

Description

A Use After Free vulnerability exists in Artifex Software, Inc. MuPDF library 1.17.0-rc1 and earlier when a valid page was followed by a page with invalid pixmap dimensions, causing bander - a static - to point to previously freed memory instead of a newband_writer.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
Patch	http://git.ghostscript.com/?p=mupdf.git;h=96751b25462f83d6e16a9afaf8980b0c3f979c8b
Third Party Advisory	https://bugs.ghostscript.com/show_bug.cgi?id=702253

Type

URI

Patch

http://git.ghostscript.com/?p=mupdf.git;h=96751b25462f83d6e16a9afaf8980b0c3f979c8b

Third Party Advisory

https://bugs.ghostscript.com/show_bug.cgi?id=702253

Match rules

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:artifex:mupdf::::::::`	mupdf	>= None	<= 1.16.1
`cpe:2.3:a:artifex:mupdf:1.17.0:rc1::::::`	mupdf	== None	== 1.17.0

CPE URI

Source package

Min version

Max version

cpe:2.3:a:artifex:mupdf:*:*:*:*:*:*:*:*

mupdf

>= None

<= 1.16.1

cpe:2.3:a:artifex:mupdf:1.17.0:rc1:*:*:*:*:*:*

mupdf

== None

== 1.17.0

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
mupdf	3.11-main	1.16.1-r1	Daniel Sabogal <dsabogalcc@gmail.com>	possibly vulnerable
mupdf	3.10-main	1.15.0-r0	Daniel Sabogal <dsabogalcc@gmail.com>	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

mupdf

3.11-main

1.16.1-r1

Daniel Sabogal <dsabogalcc@gmail.com>

possibly vulnerable

mupdf

3.10-main

1.15.0-r0

Daniel Sabogal <dsabogalcc@gmail.com>

possibly vulnerable

References

Match rules

Vulnerable and fixed packages