CVE-2018-1000040 - Vulnerability Details - OpenCVE

In Artifex MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs in the PDF parser could allow an attacker to cause a denial of service (crash) or influence program flow via a crafted file.

No CVSS v4.0

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Artifex	Mupdf
Debian	Debian Linux

Configuration 1 [-]

cpe:2.3:a:artifex:mupdf:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=83d4dae44c71816c084a635550acc1a51529b881%3Bhp=f597300439e62f5e921f0d7b1e880b5c1a1f1607
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5596
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5600
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5603
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5609
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5610
https://bugs.ghostscript.com/show_bug.cgi?id=698904
https://bugs.ghostscript.com/show_bug.cgi?id=699086
https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=ace9e69017c08e1e4ce5912014177414c0382004
https://security.gentoo.org/glsa/201811-15
https://www.debian.org/security/2018/dsa-4334

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-05-24T13:00:00

Updated: 2024-08-05T12:33:48.855Z

Reserved: 2018-02-02T00:00:00

Link: CVE-2018-1000040

Vulnrichment

Updated: 2024-08-05T12:33:48.855Z

NVD

Status : Modified

Published: 2018-05-24T13:29:01.133

Modified: 2024-11-21T03:39:30.020

Link: CVE-2018-1000040

Redhat

No data.

{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2018-1000040", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateReserved": "2018-02-02T00:00:00", "dateUpdated": "2024-08-05T12:33:48.855Z", "datePublished": "2018-05-24T13:00:00"}, "containers": {"cna": {"dateAssigned": "2018-05-18T00:00:00", "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-07-15T20:14:33.985028"}, "descriptions": [{"lang": "en", "value": "In Artifex MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs in the PDF parser could allow an attacker to cause a denial of service (crash) or influence program flow via a crafted file."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"name": "GLSA-201811-15", "tags": ["vendor-advisory"], "url": "https://security.gentoo.org/glsa/201811-15"}, {"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5596"}, {"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5600"}, {"name": "DSA-4334", "tags": ["vendor-advisory"], "url": "https://www.debian.org/security/2018/dsa-4334"}, {"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5610"}, {"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5609"}, {"url": "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=83d4dae44c71816c084a635550acc1a51529b881%3Bhp=f597300439e62f5e921f0d7b1e880b5c1a1f1607"}, {"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5603"}, {"url": "https://bugs.ghostscript.com/show_bug.cgi?id=699086"}, {"url": "https://bugs.ghostscript.com/show_bug.cgi?id=698904"}, {"url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=ace9e69017c08e1e4ce5912014177414c0382004"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}], "datePublic": "2018-02-24T00:00:00"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-23T18:25:21.913182Z", "id": "CVE-2018-1000040", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-23T18:25:29.836Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T12:33:48.855Z"}, "title": "CVE Program Container", "references": [{"name": "GLSA-201811-15", "tags": ["vendor-advisory", "x_transferred"], "url": "https://security.gentoo.org/glsa/201811-15"}, {"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5596", "tags": ["x_transferred"]}, {"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5600", "tags": ["x_transferred"]}, {"name": "DSA-4334", "tags": ["vendor-advisory", "x_transferred"], "url": "https://www.debian.org/security/2018/dsa-4334"}, {"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5610", "tags": ["x_transferred"]}, {"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5609", "tags": ["x_transferred"]}, {"url": "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=83d4dae44c71816c084a635550acc1a51529b881%3Bhp=f597300439e62f5e921f0d7b1e880b5c1a1f1607", "tags": ["x_transferred"]}, {"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5603", "tags": ["x_transferred"]}, {"url": "https://bugs.ghostscript.com/show_bug.cgi?id=699086", "tags": ["x_transferred"]}, {"url": "https://bugs.ghostscript.com/show_bug.cgi?id=698904", "tags": ["x_transferred"]}, {"url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=ace9e69017c08e1e4ce5912014177414c0382004", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://security.gentoo.org/glsa/201811-15", "name": "GLSA-201811-15", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5596", "tags": ["x_transferred"]}, {"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5600", "tags": ["x_transferred"]}, {"url": "https://www.debian.org/security/2018/dsa-4334", "name": "DSA-4334", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5610", "tags": ["x_transferred"]}, {"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5609", "tags": ["x_transferred"]}, {"url": "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=83d4dae44c71816c084a635550acc1a51529b881%3Bhp=f597300439e62f5e921f0d7b1e880b5c1a1f1607", "tags": ["x_transferred"]}, {"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5603", "tags": ["x_transferred"]}, {"url": "https://bugs.ghostscript.com/show_bug.cgi?id=699086", "tags": ["x_transferred"]}, {"url": "https://bugs.ghostscript.com/show_bug.cgi?id=698904", "tags": ["x_transferred"]}, {"url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=ace9e69017c08e1e4ce5912014177414c0382004", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T12:33:48.855Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2018-1000040", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-23T18:25:21.913182Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-23T18:25:25.675Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2018-02-24T00:00:00", "references": [{"url": "https://security.gentoo.org/glsa/201811-15", "name": "GLSA-201811-15", "tags": ["vendor-advisory"]}, {"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5596"}, {"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5600"}, {"url": "https://www.debian.org/security/2018/dsa-4334", "name": "DSA-4334", "tags": ["vendor-advisory"]}, {"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5610"}, {"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5609"}, {"url": "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=83d4dae44c71816c084a635550acc1a51529b881%3Bhp=f597300439e62f5e921f0d7b1e880b5c1a1f1607"}, {"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5603"}, {"url": "https://bugs.ghostscript.com/show_bug.cgi?id=699086"}, {"url": "https://bugs.ghostscript.com/show_bug.cgi?id=698904"}, {"url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=ace9e69017c08e1e4ce5912014177414c0382004"}], "dateAssigned": "2018-05-18T00:00:00", "descriptions": [{"lang": "en", "value": "In Artifex MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs in the PDF parser could allow an attacker to cause a denial of service (crash) or influence program flow via a crafted file."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-07-15T20:14:33.985028"}}}, "cveMetadata": {"cveId": "CVE-2018-1000040", "state": "PUBLISHED", "dateUpdated": "2024-08-05T12:33:48.855Z", "dateReserved": "2018-02-02T00:00:00", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2018-05-24T13:00:00", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:artifex:mupdf:*:*:*:*:*:*:*:*", "matchCriteriaId": "98C162E1-CD83-4DF5-92FD-938F0CCDA53E", "versionEndIncluding": "1.12.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In Artifex MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs in the PDF parser could allow an attacker to cause a denial of service (crash) or influence program flow via a crafted file."}, {"lang": "es", "value": "En MuPDF 1.12.0 y anteriores, m\u00faltiples errores de valores no inicializados en el analizador PDF permiten que un atacante provoque una denegaci\u00f3n de servicio (cierre inesperado) o influya en el flujo del programa mediante un archivo manipulado."}], "id": "CVE-2018-1000040", "lastModified": "2024-11-21T03:39:30.020", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-05-24T13:29:01.133", "references": [{"source": "cve@mitre.org", "url": "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=83d4dae44c71816c084a635550acc1a51529b881%3Bhp=f597300439e62f5e921f0d7b1e880b5c1a1f1607"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking"], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5596"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking"], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5600"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking"], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5603"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5609"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking"], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5610"}, {"source": "cve@mitre.org", "url": "https://bugs.ghostscript.com/show_bug.cgi?id=698904"}, {"source": "cve@mitre.org", "url": "https://bugs.ghostscript.com/show_bug.cgi?id=699086"}, {"source": "cve@mitre.org", "url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=ace9e69017c08e1e4ce5912014177414c0382004"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/201811-15"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2018/dsa-4334"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=83d4dae44c71816c084a635550acc1a51529b881%3Bhp=f597300439e62f5e921f0d7b1e880b5c1a1f1607"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking"], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5596"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking"], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5600"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking"], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5603"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5609"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking"], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5610"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugs.ghostscript.com/show_bug.cgi?id=698904"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugs.ghostscript.com/show_bug.cgi?id=699086"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=ace9e69017c08e1e4ce5912014177414c0382004"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/201811-15"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2018/dsa-4334"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}