vulnerability
SUSE: CVE-2016-8728: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Nov 23, 2017 | Nov 23, 2017 | Aug 17, 2018 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Nov 23, 2017
Added
Nov 23, 2017
Modified
Aug 17, 2018
Description
An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. A specially crafted PDF file can cause a out of bounds write resulting in heap metadata and sensitive process memory corruption leading to potential code execution. Victim needs to open the specially crafted file in a vulnerable reader in order to trigger this vulnerability.
Solutions
suse-upgrade-mupdfsuse-upgrade-mupdf-devel-static
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.