This script is Copyright (C) 2018 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
This update for mupdf fixes several issues.
These security issues were fixed :
- CVE-2018-6187: Prevent heap-based buffer overflow in the
do_pdf_save_document function. Remote attackers could
leverage the vulnerability to cause a denial of service
via a crafted pdf file (bsc#1077407).
- CVE-2018-6544: pdf_load_obj_stm could have referenced
the object stream recursively and therefore run out of
error stack, which allowed remote attackers to cause a
denial of service via a crafted PDF document
- CVE-2018-6192: The pdf_read_new_xref function allowed
remote attackers to cause a denial of service
(segmentation violation and application crash) via a
crafted pdf file (bsc#1077755).
See also :
Update the affected mupdf packages.
Risk factor :
Medium / CVSS Base Score : 4.3