Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-51105

A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in function bmp_decompress_rle4() of load-bmp.c.

Published

2023-12-26T15:15:08.720

Last Modified

2024-11-21T08:37:51.417

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Primary
CWE-369

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	artifex	mupdf	1.23.4	Yes

References

http://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=cee86dc519d5270a3b96476ad15809ceace64a26 ([email protected])
https://bugs.ghostscript.com/show_bug.cgi?id=707622 ([email protected])
https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md Exploit, Third Party Advisory ([email protected])
http://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=cee86dc519d5270a3b96476ad15809ceace64a26 (af854a3a-2127-422b-91ae-364da2661108)
https://bugs.ghostscript.com/show_bug.cgi?id=707622 (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)