CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
---|---|---|
5.4 | $0-$5k | 0.00 |
A vulnerability has been found in MuPDF (Document Reader Software) (the affected version unknown) and classified as problematic. Affected by this vulnerability is the function pdf_load_xref
of the file pdf/pdf-xref.c of the component PDF File Handler. The manipulation with an unknown input leads to a use after free vulnerability. The CWE definition for the vulnerability is CWE-416. Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code. As an impact it is known to affect availability. The summary by CVE is:
Use-after-free vulnerability in the pdf_load_xref function in pdf/pdf-xref.c in MuPDF allows remote attackers to cause a denial of service (crash) via a crafted PDF file.
The weakness was published 09/22/2016 by Marco Grassi (Website). The advisory is shared at bugs.ghostscript.com. This vulnerability is known as CVE-2016-6265 since 07/21/2016. The attack can be launched remotely. The exploitation doesn't need any form of authentication. It demands that the victim is doing some kind of user interaction. Technical details are known, but no exploit is available.
The vulnerability scanner Nessus provides a plugin with the ID 93985 (FreeBSD : mupdf -- multiple vulnerabilities (47157c14-9013-11e6-a590-14dae9d210b8)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family FreeBSD Local Security Checks and running in the context l. The commercial vulnerability scanner Qualys is able to test this issue with plugin 175819 (Debian Security Update for mupdf (DSA 3655-1)).
Upgrading eliminates this vulnerability. A possible mitigation has been published 3 weeks after the disclosure of the vulnerability.
The vulnerability is also documented in the vulnerability database at Tenable (93985). Similar entry is available at 91892.
Product
Type
Name
CPE 2.3
CPE 2.2
CVSSv4
VulDB CVSS-B Score: 🔍VulDB CVSS-BT Score: 🔍
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 5.5VulDB Meta Temp Score: 5.4
VulDB Base Score: 5.5
VulDB Temp Score: 5.3
VulDB Vector: 🔍
VulDB Reliability: 🔍
NVD Base Score: 5.5
NVD Vector: 🔍
CVSSv2
AV | AC | Au | C | I | A |
---|---|---|---|---|---|
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
---|---|---|---|---|---|
unlock | unlock | unlock | unlock | unlock | unlock |
unlock | unlock | unlock | unlock | unlock | unlock |
unlock | unlock | unlock | unlock | unlock | unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Use after freeCWE: CWE-416 / CWE-119
CAPEC: 🔍
ATT&CK: 🔍
Local: No
Remote: Yes
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
0-Day | unlock | unlock | unlock | unlock |
---|---|---|---|---|
Today | unlock | unlock | unlock | unlock |
Nessus ID: 93985
Nessus Name: FreeBSD : mupdf -- multiple vulnerabilities (47157c14-9013-11e6-a590-14dae9d210b8)
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Nessus Context: 🔍
OpenVAS ID: 703655
OpenVAS Name: Debian Security Advisory DSA 3655-1 (mupdf - security update)
OpenVAS File: 🔍
OpenVAS Family: 🔍
Qualys ID: 🔍
Qualys Name: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
Reaction Time: 🔍
0-Day Time: 🔍
Exposure Time: 🔍
Patch: fa1936405b6a84e5c9bb440912c23d532772f958
Timeline
07/21/2016 🔍07/21/2016 🔍
09/22/2016 🔍
09/22/2016 🔍
09/23/2016 🔍
10/12/2016 🔍
10/12/2016 🔍
09/20/2022 🔍
Sources
Advisory: bugs.ghostscript.comResearcher: Marco Grassi
Status: Not defined
Confirmation: 🔍
CVE: CVE-2016-6265 (🔍)
OVAL: 🔍
SecurityFocus: 92071 - MuPDF CVE-2016-6265 Use After Free Denial of Service Vulnerability
See also: 🔍
Entry
Created: 09/23/2016 09:25Updated: 09/20/2022 09:16
Changes: 09/23/2016 09:25 (66), 04/23/2019 23:42 (15), 09/20/2022 09:16 (4)
Complete: 🔍
No comments yet. Languages: en.
Please log in to comment.