CVE-2012-5340
published 2020-01-23CVE-2012-5340: SumatraPDF 2.1.1/MuPDF 1.0 allows remote attackers to cause an Integer Overflow in the lex_number() function via a corrupt PDF file.
high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
EXPLOIT
SumatraPDF 2.1.1/MuPDF 1.0 allows remote attackers to cause an Integer Overflow in the lex_number() function via a corrupt PDF file.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| artifex | mupdf | — | — |
| artifex | mupdf | — | — |
| artifex | mupdf | >= 0 < 1.2-2 | 1.2-2 |
| artifex | mupdf | >= 0 < 1.2-2 | 1.2-2 |
| artifex | mupdf | >= 0 < 1.2-2 | 1.2-2 |
| artifex | mupdf | >= 0 < 1.2-2 | 1.2-2 |
| debian | mupdf | < mupdf 1.2-2 (bookworm) | mupdf 1.2-2 (bookworm) |
| sumatrapdfreader | sumatrapdf | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv7.8HIGH