Advisories ยป MGASA-2017-0479

Updated mupdf packages fix security vulnerability

Publication date: 31 Dec 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-8674 , CVE-2017-5896 , CVE-2017-5991 , CVE-2017-15587


Multiple vulnerabilities have been found in the PDF viewer MuPDF, which
may result in denial of service or the execution of arbitrary code if a
malformed PDF file is opened (CVE-2016-8674, CVE-2017-5896, CVE-2017-5991)

Terry Chia and Jeremy Heng discovered an integer overflow that can cause
arbitrary code execution via a crafted .pdf file (CVE-2017-15587).