Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2014-2013
Deferred
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-03 Mar, 2014 | 16:55
Updated At-12 Apr, 2025 | 10:46

Stack-based buffer overflow in the xps_parse_color function in xps/xps-common.c in MuPDF 1.3 and earlier allows remote attackers to execute arbitrary code via a large number of entries in the ContextColor value of the Fill attribute in a Path element.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 7.5
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
Artifex Software Inc.
artifex
>>mupdf>>Versions up to 1.3(inclusive)
cpe:2.3:a:artifex:mupdf:*:*:*:*:*:*:*:*
Artifex Software Inc.
artifex
>>mupdf>>1.0
cpe:2.3:a:artifex:mupdf:1.0:*:*:*:*:*:*:*
Artifex Software Inc.
artifex
>>mupdf>>1.1
cpe:2.3:a:artifex:mupdf:1.1:*:*:*:*:*:*:*
Artifex Software Inc.
artifex
>>mupdf>>1.2
cpe:2.3:a:artifex:mupdf:1.2:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-119Primarynvd@nist.gov
CWE ID: CWE-119
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://bugs.ghostscript.com/show_bug.cgi?id=694957cve@mitre.org
Exploit
http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=60dabde18d7fe12b19da8b509bdfee9cc886aafccve@mitre.org
N/A
http://lists.opensuse.org/opensuse-updates/2014-02/msg00088.htmlcve@mitre.org
N/A
http://seclists.org/fulldisclosure/2014/Jan/130cve@mitre.org
N/A
http://seclists.org/oss-sec/2014/q1/375cve@mitre.org
N/A
http://secunia.com/advisories/58904cve@mitre.org
N/A
http://www.debian.org/security/2014/dsa-2951cve@mitre.org
N/A
http://www.exploit-db.com/exploits/31090cve@mitre.org
Exploit
http://www.hdwsec.fr/blog/mupdf.htmlcve@mitre.org
Exploit
http://www.osvdb.org/102340cve@mitre.org
N/A
http://www.securityfocus.com/bid/65036cve@mitre.org
N/A
http://bugs.ghostscript.com/show_bug.cgi?id=694957af854a3a-2127-422b-91ae-364da2661108
Exploit
http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=60dabde18d7fe12b19da8b509bdfee9cc886aafcaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-updates/2014-02/msg00088.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://seclists.org/fulldisclosure/2014/Jan/130af854a3a-2127-422b-91ae-364da2661108
N/A
http://seclists.org/oss-sec/2014/q1/375af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/58904af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2014/dsa-2951af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.exploit-db.com/exploits/31090af854a3a-2127-422b-91ae-364da2661108
Exploit
http://www.hdwsec.fr/blog/mupdf.htmlaf854a3a-2127-422b-91ae-364da2661108
Exploit
http://www.osvdb.org/102340af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/65036af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://bugs.ghostscript.com/show_bug.cgi?id=694957
Source: cve@mitre.org
Resource:
Exploit
Hyperlink: http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=60dabde18d7fe12b19da8b509bdfee9cc886aafc
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-updates/2014-02/msg00088.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://seclists.org/fulldisclosure/2014/Jan/130
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://seclists.org/oss-sec/2014/q1/375
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/58904
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.debian.org/security/2014/dsa-2951
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.exploit-db.com/exploits/31090
Source: cve@mitre.org
Resource:
Exploit
Hyperlink: http://www.hdwsec.fr/blog/mupdf.html
Source: cve@mitre.org
Resource:
Exploit
Hyperlink: http://www.osvdb.org/102340
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/65036
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://bugs.ghostscript.com/show_bug.cgi?id=694957
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://git.ghostscript.com/?p=mupdf.git%3Ba=commitdiff%3Bh=60dabde18d7fe12b19da8b509bdfee9cc886aafc
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-updates/2014-02/msg00088.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://seclists.org/fulldisclosure/2014/Jan/130
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://seclists.org/oss-sec/2014/q1/375
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/58904
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.debian.org/security/2014/dsa-2951
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.exploit-db.com/exploits/31090
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://www.hdwsec.fr/blog/mupdf.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://www.osvdb.org/102340
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/65036
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Change History
0Changes found
Details not found