漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Artifex MuPDF win_main.c get_system_dpi uncontrolled search path
Vulnerability Description
A flaw has been found in Artifex MuPDF up to 1.26.1 on Windows. The impacted element is the function get_system_dpi of the file platform/x11/win_main.c. This manipulation causes uncontrolled search path. The attack requires local access. The attack is considered to have high complexity. The exploitability is regarded as difficult. Upgrading to version 1.26.2 is sufficient to resolve this issue. Patch name: ebb125334eb007d64e579204af3c264aadf2e244. Upgrading the affected component is recommended.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
对搜索路径元素未加控制
Vulnerability Title
artifex mupdf 代码问题漏洞
Vulnerability Description
artifex mupdf是个人开发者的一款富文本编辑器。富文本编辑器不同于文本编辑器,程序员可到网上下载免费的富文本编辑器内嵌于自己的网站或程序里(当然付费的功能会更强大些),方便用户编辑文章或信息。 artifex mupdf 1.26.1及之前版本存在代码问题漏洞,该漏洞源于函数get_system_dpi存在不受控的搜索路径。
CVSS Information
N/A
Vulnerability Type
N/A