Heap Based Buffer Overwrite in Artifex MuPDF Product
CVE-2020-19609

5.5MEDIUM

Key Information:

Vendor: Artifex
Status: MuPDF
Vendor: CVE Published:; 21 July 2021

What is CVE-2020-19609?

Artifex MuPDF versions prior to 1.18.0 contain a heap-based buffer overwrite vulnerability within the tiff_expand_colormap() function, triggered when parsing specially crafted TIFF files. This flaw can allow attackers to exploit the system, leading to disruptions or a denial of service, impacting the application's availability.