CVE-2019-14975
published 2019-08-14CVE-2019-14975: Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fz_chartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string.
high7.1CVSS 3.0
AVLACLPRNUIRSUCHINAH
Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fz_chartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| artifex | mupdf | < 1.16.0 | 1.16.0 |
| debian | mupdf | — | — |