CVE-2017-5991

HIGH

Artifex MuPDF < 1.11 - NULL Pointer Dereference in pdf_run_xobject

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-5991. PoCs published by Kamil Frankowicz.

AI-analyzed exploit summary This exploit demonstrates a null pointer dereference vulnerability in MuPDF's `fz_paint_pixmap_with_mask` function, leading to a denial-of-service (DoS) condition. The PoC triggers the crash via a malformed input file processed by `mutool convert`.

Description

An issue was discovered in Artifex MuPDF before 1912de5f08e90af1d9d0a9791f58ba3afdb9d465. The pdf_run_xobject function in pdf-op-run.c encounters a NULL pointer dereference during a Fitz fz_paint_pixmap_with_mask painting operation. Versions 1.11 and later are unaffected.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Kamil Frankowicz · textdoslinux

https://www.exploit-db.com/exploits/42138

View Code ZIP pw:eip

This exploit demonstrates a null pointer dereference vulnerability in MuPDF's `fz_paint_pixmap_with_mask` function, leading to a denial-of-service (DoS) condition. The PoC triggers the crash via a malformed input file processed by `mutool convert`.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: MuPDF (Git HEAD: 8eea208e099614487e4bd7cc0d67d91489dae642)

No auth needed

Prerequisites: MuPDF/mutool installed · malformed input file provided in the PoC

MITRE ATT&CK