Heap-based buffer overflow in the loadexponentialfunc function in mupdf/pdf_function.c in MuPDF in the mupdf-20090223-win32 package, as used in SumatraPDF 0.9.3 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF file. NOTE: some of these details are obtained from third party information.
2009-05-11T20:00:00.250
2025-04-09T00:30:58.490
Deferred
CVSSv3.1: 5.4 (MEDIUM)
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.6
10.0
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | sumatrapdfreader | sumatrapdf | ≤ 0.9.3 | Yes |
| Application | sumatrapdfreader | sumatrapdf | 0.1 | Yes |
| Application | sumatrapdfreader | sumatrapdf | 0.2 | Yes |
| Application | sumatrapdfreader | sumatrapdf | 0.3 | Yes |
| Application | sumatrapdfreader | sumatrapdf | 0.4 | Yes |
| Application | sumatrapdfreader | sumatrapdf | 0.5 | Yes |
| Application | sumatrapdfreader | sumatrapdf | 0.6 | Yes |
| Application | sumatrapdfreader | sumatrapdf | 0.7 | Yes |
| Application | sumatrapdfreader | sumatrapdf | 0.8 | Yes |
| Application | sumatrapdfreader | sumatrapdf | 0.8.1 | Yes |
| Application | sumatrapdfreader | sumatrapdf | 0.9 | Yes |
| Application | sumatrapdfreader | sumatrapdf | 0.9.1 | Yes |
| Application | sumatrapdfreader | sumatrapdf | 0.9.2 | Yes |