diff options
| author | Xin LI <delphij@FreeBSD.org> | 2011-02-11 19:59:48 +0000 |
|---|---|---|
| committer | Xin LI <delphij@FreeBSD.org> | 2011-02-11 19:59:48 +0000 |
| commit | 802d02a1b7683f509e89b0426f45f7a72034c731 (patch) | |
| tree | 0d683b536b5a9d03ea8764d855217f2036fafce6 | |
| parent | 7adbdc82a21bd7f716520dc5c56e738a0f5b84f7 (diff) | |
Notes
| -rw-r--r-- | security/vuxml/vuln.xml | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 762ecee1ccce..fda9bf3d8379 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,36 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="53bde960-356b-11e0-8e81-0022190034c0"> + <topic>mupdf -- Remote System Access</topic> + <affects> + <package> + <name>mupdf</name> + <range><gt>0</gt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Secunia reports:</p> + <blockquote cite="http://secunia.com/advisories/43020/"> + <p>The vulnerability is caused due to an error within the + "closedctd()" function in fitz/filt_dctd.c when processing PDF + files containing certain malformed JPEG images. This can be + exploited to cause a stack corruption by e.g. tricking a user + into opening a specially crafted PDF file.</p> + </blockquote> + </body> + </description> + <references> + <bid>46027</bid> + <url>http://secunia.com/advisories/43020/</url> + </references> + <dates> + <discovery>2011-01-26</discovery> + <entry>2011-02-10</entry> + </dates> + </vuln> + <vuln vid="1cae628c-3569-11e0-8e81-0022190034c0"> <topic>rubygem-mail -- Remote Arbitrary Shell Command Injection Vulnerability</topic> <affects> |