Use After Free Vulnerability in MuPDF Library by Artifex Software
CVE-2020-16600
7.8HIGH
What is CVE-2020-16600?
A vulnerability in the MuPDF library causes a Use After Free condition when processing a series of pages with varying pixmap dimensions. Specifically, when a valid page is followed by a page that presents invalid dimensions, the variable 'bander' erroneously points to a previously freed memory block. This can lead to potential exploitation through the manipulation of input files that trigger this flaw, allowing attackers to execute arbitrary code or lead to application instability.