CVE-2023-51105

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Dec 26, 2023
Updated: Jul 11, 2024
CWE ID 369

Summary

CVE-2023-51105 is a vulnerability affecting Artifex MuPDF 1.23.4. This issue involves a divide-by-zero floating point exception in the function bmp_decompress_rle4() located in load-bmp.c. When processing certain maliciously crafted BITMAP files, the software fails to check for division by zero, potentially leading to unintended behavior or application crashes. Exploitation of this vulnerability could result in code injection or unauthorized access, posing a significant risk to systems using this version of MuPDF. Upgrading to a patched version is strongly recommended to mitigate this threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share