Floating Point Exception Vulnerability in Artifex MuPDF Product
CVE-2023-51103

7.5HIGH

Key Information:

Vendor: Artifex
Status: MuPDF
Vendor: CVE Published:; 26 December 2023

Summary

A vulnerability has been identified in Artifex MuPDF 1.23.4 that results from a floating point exception during the execution of the fz_new_pixmap_from_float_data() function in pixmap.c. This can potentially lead to application crashes and may be exploited to affect the stability and security of systems using this product. Users are advised to apply security patches and updates as they become available.

References

https://github.com/dongyuma/sox-defects/blob/main/mupdf-d...

http://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/co...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 26, 2023
Vulnerability Reserved
Dec 18, 2023